Step 6: Monitor the efficacy of your controls
Data governance is largely about organizational behavior. Organizations change every day, and therefore their data, its value and risk also shift rapidly. Unfortunately, most organizations assess themselves only once a year. If a business isn’t able to change organizational controls to meet demands on a daily or weekly basis, it isn’t governing change.

Data governance is much more than simple security, compliance or risk management. It’s all of them and more. It’s a new composite discipline, bridging organizational stovepipes to redefine the value and protection of data. It’s about how an organization uses data to benefit and protect itself. With high-profile data breaches all over the news, data governance is on every CIO’s agenda this year.

To manage risks, organizations must govern data usage and ensure effective governance by putting in place a consistent method of documenting organizational best practices and technology that supports the human decision-making process. Safeguarding corporate information and using improved data quality will help companies not only keep auditors and regulators satisfied, but also retain customers and drive new business opportunities.

Steven Adler is the director of data governance solutions at IBM and chairman of the Data Governance Council. He has been an expert on the area of security and privacy for the past 1o years. IBM has formed the Data Governance Council with leading companies, institutions and technology solution providers in a global effort to clarify and resolve common data-governance challenges and solutions as they relate to security, privacy, trust and corporate compliance issues.