How to make data governance practical

Issue 3 2022 Security Services & Risk Management, Commercial (Industry)


Gary Allemann.

For many businesses, data governance is not well received. This is because governance programmes are far too often driven by supporting functions – like compliance or IT – with a focus on the needs of these supporting functions. The result for many stakeholders is that they feel like they are being given a lot of new tasks to fit into their week, without any real benefit.

Data governance is not about data governance

Any approach that implements data governance without clear use-cases that support multiple stakeholders will struggle. This does not mean that governance should not start small – it should. By selecting one use-case where an organisation can deliver value and where it has support, it increases its chances of success as long as:

1. Its governance programme directly includes stakeholders that benefit from the use-case selected.

2. It does not force work upon people for whom the use-case is not adding value.

3. It agrees to a roadmap and plan to include additional use-cases to support additional stakeholders and keep these additional stakeholders updated on progress through its communications plan.

Data governance is typically about formalising ad hoc information gathering and decision-making processes (about data) so that they become repeatable. If too many people are engaged too early, many will lose interest because they have nothing to contribute to the information gathering or decision making for the use-case in focus, or because they cannot see how this will be applied to support them.

The right level of communication engages different stakeholders at different levels of detail, managing expectations while expecting more effort from those that are getting the immediate benefit.

What are potential use-cases?

The right use-case will vary from one organisation to another and could, for example, be one of these:

1. Delivering better insights more quickly. Decision support remains one of the most visible applications of data. Yet, for many managers, analytics takes too long and when reports are delivered, the results are treated with suspicion. Data governance use-cases that can be explored to improve the delivery of insights could include:

a.Improving access to data by cataloguing and publishing datasets, identifying owners and approval processes for data access requests, and delivering fine-grained access control policies.

b.Improving trust in data by making data quality visible, adding context such as definitions for calculations used and confirming the data lineage.

2. Operational efficiency. Almost any business process generates data. Inaccurate or incomplete data at the first point of capture has a huge impact on downstream business processes that require the missing data, as discussed in the 1:10:100 rule. Fixing data captured incorrectly costs around 10 times what it would have cost to capture correctly the first time, while leaving bad data can cause errors that may cost a hundred times the original cost of capture.

Use-cases that can be explored to increase operational efficiency typically focus on data integrity; for example, agreeing on data capture standards and policies, defining data quality rules, applying data quality metrics, and managing data quality remediation issues. These use-cases are explored in a recent Precisely webinar: Fuelling Enterprise Data Governance with Data Quality.

Data governance also helps in improving IT efficiency. By ensuring that vital data specifications are available and accessible for impact analysis, data governance practices support agile development methodologies like DevOps and DataOps. Key data governance use-cases include the delivery of quality metadata, processes to ensure collaboration across cross-functional teams, and managing requirements specifications and approvals to speed quality delivery.

3. Managing data risk. Data risk can largely be separated into reporting risk – which comes down to the delivery of trusted data in regulated industries – and data privacy risks. PoPIA implementation requires a series of data management capabilities and processes to be implemented with governance oversights. These can offer a range of possible use-cases to kickstart data governance.

Data governance is not new. In most organisations, decisions are regularly made to support data projects. Executives need to take responsibility for data breaches, or to sign off financial reports as accurate. Data governance, as a discipline, should be about reducing the overheads associated with these tasks through collaboration and reuse.

For more information contact Master Data Management, +27 11 485 4856, gary@masterdata.co.za, www.masterdata.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Three new portable power stations to ease load shedding
News Security Services & Risk Management Products
EcoFlow has launched three portable power stations that provide sufficient power for consumers wherever they are; the DELTA 2 and RIVER 2 Series are feature-filled power solutions to the volatile electricity supply.

Read more...
You cannot bribe a computer
Access Control & Identity Management Security Services & Risk Management
Corruption is a cancer that destroys the prospects and stability of countries and businesses. It widens wealth gaps and punishes the poor. It costs countries many billions in lost revenue.

Read more...
How much protection does cyber insurance really give businesses?
Cyber Security Security Services & Risk Management
If organisations don’t meet even the minimum requirements of security and data protection, insurance will do them little good. Instead, it needs to be just one part of the digital resiliency toolbox.

Read more...
Off-grid power solution for residential estate
Editor's Choice Security Services & Risk Management Residential Estate (Industry) Products
Coral Beach Estate, an upmarket residential estate based in East London, has been struggling with load shedding and power outages due to South Africa's energy crisis, as well as the vandalism of its power infrastructure.

Read more...
SafeCity Guarding rolls out across 14 suburbs in Johannesburg
News Security Services & Risk Management
In a major drive to provide communities across Johannesburg with additional safety, Vumacam, in partnership with Fidelity ADT and other security providers across the region, rolled out the innovative SafeCity Guarding initiative in 14 suburbs.

Read more...
FleetDomain underpins Afrirent’s value proposition
Logistics (Industry) Security Services & Risk Management
Afrirent, a 100% female black-owned fleet management company, has been relying on FleetDomain software for a number of years to help it deliver outstanding service to a growing number of clients.

Read more...
Choosing an inferior lithium battery can be detrimental and unsafe
Uniross Batteries Security Services & Risk Management Products
South Africans looking to mitigate the impact of load shedding by installing a solar system for their home must do so through an accredited installer or electrician to avoid insurance claims being rejected.

Read more...
Employee screening, a hiring necessity or an invasion of privacy?
Security Services & Risk Management
There is a fine line between checking a potential employee’s qualifications and references, and investigating aspects of their lives that have nothing to do with their job application.

Read more...
Keeping students, staff and communities safe
Vumacam News CCTV, Surveillance & Remote Monitoring Security Services & Risk Management
South African schools are facing increasing security challenges, making effective surveillance systems more important than ever. To address this issue, Vumacam is offering advanced security solutions with security partners, aimed at keeping students, staff, and the community safe.

Read more...
Technology is key to securing physical and cybersecurity
Education (Industry) Security Services & Risk Management
The interpretation of security in educational institutions depends on whom you are talking to and whether their focus is on the physical security of the institution, its assets and its people, or its information and communication technology perspective.

Read more...