Data governance: A best practices framework for managing data assets

Data governance definition

Data governance is a system for defining who within an organization has authority and control over data assets and how those data assets may be used. It encompasses the people, processes, and technologies required to manage and protect data assets.

The Data Governance Institute defines it as “a system of decision rights and accountabilities for information-related processes, executed according to agreed-upon models which describe who can take what actions with what information, and when, under what circumstances, using what methods.”

The Data Management Association (DAMA) International defines it as the “planning, oversight, and control over management of data and the use of data and data-related sources.”

Data governance vs. data management

Data governance is just one part of the overall discipline of data management, though an important one. Whereas data governance is about the roles, responsibilities, and processes for ensuring accountability for and ownership of data assets, DAMA defines data management as “an overarching term that describes the processes used to plan, specify, enable, create, acquire, maintain, use, archive, retrieve, control, and purge data.”

While data management has become a common term for the discipline, it is sometimes referred to as data resource management or enterprise information management (EIM). Gartner describes EIM as “an integrative discipline for structuring, describing, and governing information assets across organizational and technical boundaries to improve efficiency, promote transparency, and enable business insight.”

Data governance framework

Data governance may best be thought of as a function that supports an organization’s overarching data management strategy. Such a framework provides your organization with a holistic approach to collecting, managing, securing, and storing data. To help understand what a framework should cover, DAMA envisions data management as a wheel, with data governance as the hub from which the following 10 data management knowledge areas radiate:

• Data architecture: The overall structure of data and data-related resources as an integral part of the enterprise architecture
• Data modeling and design: Analysis, design, building, testing, and maintenance
• Data storage and operations: Structured physical data assets storage deployment and management
• Data security: Ensuring privacy, confidentiality, and appropriate access
• Data integration and interoperability: Acquisition, extraction, transformation, movement, delivery, replication, federation, virtualization, and operational support
• Documents and content: Storing, protecting, indexing, and enabling access to data found in unstructured sources and making this data available for integration and interoperability with structured data
• Reference and master data: Managing shared data to reduce redundancy and ensure better data quality through standardized definition and use of data values
• Data warehousing and business intelligence (BI): Managing analytical data processing and enabling access to decision support data for reporting and analysis
• Metadata: Collecting, categorizing, maintaining, integrating, controlling, managing, and delivering metadata
• Data quality: Defining, monitoring, maintaining data integrity, and improving data quality

When establishing a strategy, each of the above facets of data collection, management, archiving, and use should be considered.

The Business Application Research Center (BARC) warns it is not a “big bang initiative.” As a highly complex, ongoing program, data governance runs the risk of participants losing trust and interest over time. To counter that, BARC recommends starting with a manageable or application-specific prototype project and then expanding across the company based on lessons learned.

BARC recommends the following steps for implementation:

• Define goals and understand benefits
• Analyze current state and delta analysis
• Derive a roadmap
• Convince stakeholders and budget project
• Develop and plan the data governance program
• Implement the data governance program
• Monitor and control

Goals of data governance

The goal is to establish the methods, set of responsibilities, and processes to standardize, integrate, protect, and store corporate data. According to BARC, an organization’s key goals should be to:

• Minimize risks
• Establish internal rules for data use
• Implement compliance requirements
• Improve internal and external communication
• Increase the value of data
• Facilitate the administration of the above
• Reduce costs
• Help to ensure the continued existence of the company through risk management and optimization

BARC notes that such programs always span the strategic, tactical, and operational levels in enterprises, and they must be treated as ongoing, iterative processes.

Benefits of data governance

Most companies already have some form of governance for individual applications, business units, or functions, even if the processes and responsibilities are informal. As a practice, it is about establishing systematic, formal control over these processes and responsibilities. Doing so can help companies remain responsive, especially as they grow to a size in which it is no longer efficient for individuals to perform cross-functional tasks. Several of the overall benefits of data management can only be realized after the enterprise has established systematic data governance. Some of these benefits include:

• Better, more comprehensive decision support stemming from consistent, uniform data across the organization
• Clear rules for changing processes and data that help the business and IT become more agile and scalable
• Reduced costs in other areas of data management through the provision of central control mechanisms
• Increased efficiency through the ability to reuse processes and data
• Improved confidence in data quality and documentation of data processes
• Improved compliance with data regulations

Data governance principles

According to the Data Governance Institute, eight principles are at the center of all successful data governance and stewardship programs:

1. All participants must have integrity in their dealings with each other. They must be truthful and forthcoming in discussing the drivers, constraints, options, and impacts for data-related decisions.
2. Data governance and stewardship processes require transparency. It must be clear to all participants and auditors how and when data-related decisions and controls were introduced into the processes.
3. Data-related decisions, processes, and controls subject to data governance must be auditable. They must be accompanied by documentation to support compliance-based and operational auditing requirements.
4. They must define who is accountable for cross-functional data-related decisions, processes, and controls.
5. It must define who is accountable for stewardship activities that are the responsibilities of individual contributors and groups of data stewards.
6. Programs must define accountabilities in a manner that introduces checks-and-balances between business and technology teams, and between those who create/collect information, those who manage it, those who use it, and those who introduce standards and compliance requirements.
7. The program must introduce and support standardization of enterprise data.
8. Programs must support proactive and reactive change management activities for reference data values and the structure/use of master data and metadata.

For more on doing data governance right, see “6 best practices for good data governance.”

Data governance roles

Each enterprise composes its data governance differently, but there are some commonalities.

Steering committee

Governance programs span the enterprise, generally starting with a steering committee comprising senior management, often C-level individuals or vice presidents accountable for lines of business. Morgan Templar, author of Get Governed: Building World Class Data Governance Programs, says steering committee members’ responsibilities include setting the overall governance strategy with specific outcomes, championing the work of data stewards, and holding the governance organization accountable to timelines and outcomes.

Data owner

Templar says data owners are individuals responsible for ensuring that information within a specific data domain is governed across systems and lines of business. They are generally members of the steering committee, though may not be voting members. Data owners are responsible for:

• Approving data glossaries and other data definitions
• Ensuring the accuracy of information across the enterprise
• Direct data quality activities
• Reviewing and approving master data management approaches, outcomes, and activities
• Working with other data owners to resolve data issues
• Second-level review for issues identified by data stewards
• Providing the steering committee with input on software solutions, policies, or regulatory requirements of their data domain

Data steward

Data stewards are accountable for the day-to-day management of data. They are subject matter experts (SMEs) who understand and communicate the meaning and use of information, Templar says, and they work with other data stewards across the organization as the governing body for most data decisions. Data stewards are responsible for:

• Being SMEs for their data domain
• Identifying data issues and working with other data stewards to resolve them
• Acting as a member of the data steward council
• Proposing, discussing, and voting on data policies and committee activities
• Reporting to the data owner and other stakeholders within a data domain
• Working cross-functionally across lines of business to ensure their domain’s data is managed and understood

Data governance tools

Data governance is an ongoing program rather than a technology solution, but there are tools that can help support that program. The tool that suits your enterprise will depend on your needs, data volume, and budget. According to PeerSpot, some of the more popular solutions include:

• Collibra Governance: Collibra is an enterprise-wide solution that automates many governance and stewardship tasks. It includes a policy manager, data helpdesk, data dictionary, and business glossary.
• SAS Data Management: Built on the SAS platform, SAS Data Management provides a role-based GUI for managing processes and includes an integrated business glossary, SAS and third-party metadata management, and lineage visualization.
• erwin Data Intelligence (DI) for Data Governance: erwin DI combines data catalog and data literacy capabilities to provide awareness of and access to available data assets. It provides guidance on the use of those data assets and ensures data policies and best practices are followed.
• Informatica Axon: Informatica Axon is a collection hub and data marketplace for supporting programs. Key features include a collaborative business glossary, the ability to visualize data lineage, and generate data quality measurements based on business definitions.
• SAP Data Hub: SAP Data Hub is a data orchestration solution intended to help you discover, refine, enrich, and govern all types, varieties, and volumes of data across your data landscape. It helps organizations to establish security settings and identity control policies for users, groups, and roles, and to streamline best practices and processes for policy management and security logging.
• Alation: Alation is an enterprise data catalog that automatically indexes data by source. One of its key capabilities, TrustCheck, provides real-time “guardrails” to workflows. Meant specifically to support self-service analytics, TrustCheck attaches guidelines and rules to data assets.
• Varonis Data Governance Suite: Varonis’s solution automates data protection and management tasks leveraging a scalable Metadata Framework that enables organizations to manage data access, view audit trails of every file and email event, identify data ownership across different business units, and find and classify sensitive data and documents.
• IBM Data Governance: IBM Data Governance leverages machine learning to collect and curate data assets. The integrated data catalog helps enterprises find, curate, analyze, prepare, and share data.

Data governance certifications

Data governance is a system but there are some certifications that can help your organization gain an edge, including the following:

• DAMA Certified Data Management Professional (CDMP)
• Data Governance and Stewardship Professional (DGSP)
• edX Enterprise Data Management
• SAP Certified Application Associate – SAP Master Data Governance

More on data analytics:

• 7 data governance mistakes to avoid
• 6 best practices for good data governance
• 12 myths of data analytics debunked
• The secrets of highly successful data analytics teams
• Developing data science skills in-house: Real-world lessons