Intelligence and compliance ­depend on data governance

June 2018 Editor's Choice, Cyber Security, Security Services & Risk Management

Data governance is nothing new, it is simply the process of managing your data in a way that is convenient and accessible to you. Data governance is why a company sorts its documents alphabetically in a filing cabinet or buys a CRM (customer relationship management) system to manage its customer data.

Gartner defines data governance as: “The specification of decision rights and an accountability framework to encourage desirable behaviour in the valuation, creation, storage, use, archiving and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organisation to achieve its goals.”

Today, data governance is also increasingly being forced on organisations and even individuals by legislation designed to ensure the safe and legal capture, storage and use of data. Unfortunately, the growth of data in all its forms caused data governance to become increasingly complex, to the point where it is a skill in itself.

Maureen Grosvenor.
Maureen Grosvenor.

APPSolve is a technology consultancy offering advisory and technology services to clients, including in the business intelligence (BI) space. APPSolve director, Maureen Grosvenor, says that over the years the company has been in operation, it has always included data governance in its services as it’s a necessity if you want to obtain good BI from your data.

Of late, however, Grosvenor says governance has become a service on its own because of the amount of data companies collect and the challenges in structuring it in a way that delivers value. Data governance is not simply a technical issue, but more of a business issue that requires planning and strategising to ensure your data is collected, stored, accessed, archived and deleted in a manner that supports the business and meets legal requirements.

It’s an asset

Data today is no longer seen as something you collect while doing business, but most companies recognise the ‘gold mine’ they have in their data and see it as an asset. How you handle this asset will impact on the performance of your company as it relates to running the business, and impacts customers, staff and suppliers. The old cliché of ‘garbage in, garbage out’ is more relevant than ever, and the consequences of ‘garbage data’ today translates directly to the bottom line.

APPSolve’s Tessa Lillie, who is currently doing a PhD in data governance, explains that there are different approaches to governance. In the financial market, for example, the primary goal may be regulatory compliance, which has been a growing challenge since 2008 when the Basel Accord regulations were updated (known as Basel III).

And while the Basel III stipulations go far beyond data governance, the risk management demands require effective management of financial companies’ data. And to repeat, while IT plays a large role in data governance, the technology must be led by business-risk considerations.

Lillie says data governance requires a strategy, approved by the highest ranks in the company, that determines how data is used in an integrated manner across the board in the organisation. In most companies this does not exist and each department will have its own silo of data that it collects and uses for its purposes. The starting point for data governance is therefore finding out what data you have, what format it is in, and then devising a strategy to integrate it and manage it effectively.

Getting it done

The process of implementing your data governance strategy is far from simple. As noted, each company has various silos of data, some structured and therefore easier to manage, and some unstructured. Unstructured data could be the data individuals store in spreadsheets on their computers, or it could be social media data collected to determine market trends, for example.

The initial discovery phase should be used to find all of it, decide what data is important to the business and then work out ways to ‘clean’ the data and integrate it into a better and more manageable solution. By cleaning data, we mean getting your data consistent. For example, ensuring that city and customer names are spelled correctly, that identity numbers all have 13 numbers that correspond to the official structure of these numbers and so on.

Grosvenor adds that you can’t do it all, meaning that unless you are a small company, you can’t incorporate all the data in a business in the governance project. You have to decide what is necessary and required and start with that. Perhaps one could start on financial systems and the related data and ensure it is all 100% before moving onto the next department?

This, according to Lillie, means it is vital that you understand the value and meaning of the data to your business. The data architecture designed should then marry the data’s value to the business requirements while also tying the technology used to the business value attainable from the information.

A key element of data governance is not simply to make the data look nice at one particular stage of the company’s existence, but to align business and IT to ensure that data collected in the future will be captured and treated according to the new rules – data governance is a huge project and you don’t want to have to start at the beginning every few years. This means aligning the strategic, tactical and operational levels of your data strategy and keeping them aligned.

As an example, she says that companies often have a well-managed database of information, but then someone would pull data from the database to populate a spreadsheet they are working on. Data would be changed or added, but not updated back to the main data store, leaving two sets of different data – starting the problem all over again.

Everybody needs a data governance strategy

While the financial industry has its own set of regulations it needs to comply to, the same can be said for every company in South Africa that collects information. The GDPR, for one, requires every company dealing with EU residents to have a handle on their data to ensure the personal data of residents is secured according to the legislation’s guidelines.

On the local front, the Protection of Personal Information Act (PoPIA) will also require similar data standards to be in place, and these rules apply to everyone in South Africa (as well as juristic persons) and failure to observe them can result in stiff fines or even incarceration.

Unfortunately, Grosvenor notes that PoPIA is going to be a data wake-up call for many South African businesses as they discover how out of control their data governance processes actually are. In fact, some companies may choose to pay the fines as they would be less than the cost of getting their data under control (did we mention that data governance is a huge task?).

On a journey

Grosvenor concludes that data governance is not a simple project, but a journey. The more data you have stored in different places and formats, the tougher the process will be. The key is to devise a strategy and get on with it. You may not get it all done at once, but you need to start and follow a strategic process to get it done over time, ensuring that the wins you have attained are maintained as you integrate new data and data sources.

For more information, contact APPSolve, +27 (0)12 743 5115, [email protected], www.appsolve.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

A closed security concept for test halls and perimeter
Dallmeier Electronic Southern Africa Editor's Choice
At its factory facilities in Vilsbiburg, Germany, Flottweg SE relies on tailored video security technology from Dallmeier for perimeter security and workplace safety.

Read more...
What to do in the face of growing ransomware attacks
Technews Publishing Cyber Security Security Services & Risk Management
Ransomware attacks are proliferating, with attackers becoming more sophisticated and aggressive, and often hitting the same victims more than once, in more than one way.

Read more...
Texecom launches the Midnight Black Collection
Technews Publishing Perimeter Security, Alarms & Intruder Detection Products
Working in harmony with darker environments, the Midnight Black Collection has been created for businesses and sites that require or prefer a security solution which offers discreet protection that compliments their surroundings.

Read more...
SAN market set for growth
Technews Publishing News IT infrastructure
Storage-area network (SAN) market to hit US$ 26,86 billion in revenue by the end of 2029 due to factors like widespread adoption of Hybrid SAN-NAS solutions.

Read more...
Optimising remote technical support
Technews Publishing Asset Management, EAS, RFID Products
Sanden Intercool Kenya improves efficiency, removes manual processes with FIELDForce from MACmobile, making its technical backup and support staff more productive, while also optimising record keeping.

Read more...
Where does SA logistics stand as far as cybersecurity is concerned?
Logistics (Industry) Security Services & Risk Management
Lesiba Sebola, director of information technology at Bidvest International Logistics, says it is paramount to safeguard IT infrastructure given how central it has become to operations.

Read more...
Enterprise threats in 2023
News Cyber Security
Large businesses and government structures should prepare for cybercriminals using media to blackmail organisations, reporting alleged data leaks, and purchasing initial access to previously compromised companies on the darknet.

Read more...
Advanced server performance and energy efficient design
Editor's Choice IT infrastructure Products
Dell PowerEdge server portfolio expansion offers more performance, including up to 2.9x greater AI inferencing while Dell Smart Flow design and Dell Power Manager software advancements deliver greater energy efficiency.

Read more...
Free-to-use solar score for South African homes
Technews Publishing Editor's Choice
The LookSee Solar Score is one of the first of its kind to provide insight into the potential of solar power for South Africa’s residential properties.

Read more...
CA Southern Africa unmasks container security
Technews Publishing IT infrastructure Cyber Security
Adoption of software containers has risen dramatically as more organisations realise the benefits of this virtualised technology.

Read more...