Data governance

On the macro level data governance refers to the governing of cross-border data flows by countries, and hence is more precisely called international data governance. This new field consists of "norms, principles and rules governing various types of data." [1]

Here the focus is on an individual company. Here data governance is a data management concept concerning the capability that enables an organization to ensure that high data quality exists throughout the complete lifecycle of the data, and data controls are implemented that support business objectives. The key focus areas of data governance include availability, usability, consistency[2], data integrity and data security and includes establishing processes to ensure effective data management throughout the enterprise such as accountability for the adverse effects of poor data quality and ensuring that the data which an enterprise has can be used by the entire organization.

A data steward is a role that ensures that data governance processes are followed and that guidelines enforced, as well as recommending improvements to data governance processes.

Data governance encompasses the people, processes, and information technology required to create a consistent and proper handling of an organization's data across the business enterprise. It provides all data management practices with the necessary foundation, strategy, and structure needed to ensure that data is managed as an asset and transformed into meaningful information.[3] Goals may be defined at all levels of the enterprise and doing so may aid in acceptance of processes by those who will use them. Some goals include

• Increasing consistency and confidence in decision making
• Decreasing the risk of regulatory fines
• Improving data security, also defining and verifying the requirements for data distribution policies[4]
• Maximizing the income generation potential of data
• Designating accountability for information quality
• Enable better planning by supervisory staff
• Minimizing or eliminating re-work
• Optimize staff effectiveness
• Establish process performance baselines to enable improvement efforts
• Acknowledge and hold all gain

These goals are realized by the implementation of Data governance programs, or initiatives using Change Management techniques.

When companies desire, or are required, to gain control of their data, they empower their people, set up processes and get help from technology to do it.[5]

According to one vendor, data governance is a quality control discipline for assessing, managing, using, improving, monitoring, maintaining, and protecting organizational information. It is a system of decision rights and accountabilities for information-related processes, executed according to agreed-upon models which describe who can take what actions with what information, and when, under what circumstances, using what methods.[6]

While data governance initiatives can be driven by a desire to improve data quality, they are more often driven by C-Level leaders responding to external regulations. In a recent report conducted by CIO WaterCooler community, 54% stated the key driver was efficiencies in processes; 39% - regulatory requirements; and only 7% customer service. [7] Examples of these regulations include Sarbanes–Oxley Act, Basel I, Basel II, HIPAA, GDPR, cGMP[8], and a number of data privacy regulations. To achieve compliance with these regulations, business processes and controls require formal management processes to govern the data subject to these regulations.[9] Successful programs identify drivers meaningful to both supervisory and executive leadership.

Common themes among the external regulations center on the need to manage risk. The risks can be financial misstatement, inadvertent release of sensitive data, or poor data quality for key decisions. Methods to manage these risks vary from industry to industry. Examples of commonly referenced best practices and guidelines include COBIT, ISO/IEC 38500, and others. The proliferation of regulations and standards creates challenges for data governance professionals, particularly when multiple regulations overlap the data being managed. Organizations often launch data governance initiatives to address these challenges.

Data governance initiatives improve quality of data by assigning a team responsible for data's accuracy, completeness, consistency, timeliness, validity, and uniqueness [10]. This team usually consists of executive leadership, project management, line-of-business managers, and data stewards. The team usually employs some form of methodology for tracking and improving enterprise data, such as Six Sigma, and tools for data mapping, profiling, cleansing, and monitoring data.

Data governance initiatives may be aimed at achieving a number of objectives including offering better visibility to internal and external customers (such as supply chain management), compliance with regulatory law, improving operations after rapid company growth or corporate mergers, or to aid the efficiency of enterprise knowledge workers by reducing confusion and error and increasing their scope of knowledge. Many data governance initiatives are also inspired by past attempts to fix information quality at the departmental level, leading to incongruent and redundant data quality processes. Most large companies have many applications and databases that can't easily share information. Therefore, knowledge workers within large organizations often don't have access to the data they need to best do their jobs. When they do have access to the data, the data quality may be poor. By setting up a data governance practice or Corporate Data Authority, these problems can be mitigated.

The structure of a data governance initiative will vary not only with the size of the organization, but with the desired objectives or the 'focus areas' [11] of the effort.

Implementation of a Data Governance initiative may vary in scope as well as origin. Sometimes, an executive mandate will arise to initiate an enterprise wide effort, sometimes the mandate will be to create a pilot project or projects, limited in scope and objectives, aimed at either resolving existing issues or demonstrating value. Sometimes an initiative will originate lower down in the organization’s hierarchy, and will be deployed in a limited scope to demonstrate value to potential sponsors higher up in the organization. The initial scope of an implementation can vary greatly as well, from review of a one-off IT system, to a cross-organization initiative.

Leaders of successful data governance programs declared in December 2006 at the Data Governance Conference in Orlando, FL, that data governance is between 80 and 95 percent communication."[12] That stated, it is a given that many of the objectives of a Data Governance program must be accomplished with appropriate tools. Many vendors are now positioning their products as Data Governance tools; due to the different focus areas of various data governance initiatives, any given tool may or may not be appropriate, in addition, many tools that are not marketed as governance tools address governance needs and demands.

DAMA International[13]

DAMA (the Data Management Association) is a not-for-profit, vendor-independent, international association of technical and business professionals dedicated to advancing the concepts and practices of information resource management (IRM) and data resource management (DRM).

Data Governance Professionals Organization (DGPO)[14]

The Data Governance Professionals Organization (DGPO) is a non-profit, vendor neutral, association of business, IT and data professionals dedicated to advancing the discipline of data governance. The objective of the DGPO is to provide a forum that fosters discussion and networking for members and to encourage, develop and advance the skills of members working in the data governance discipline.

OpenStreetMap Foundation

Is a company limited by guarantee, registered in England and Wales on 22 August 2006.[15]

The Data Governance Society [16]

The Data Governance Society, Inc. is dedicated to fostering a new paradigm for the effective use and protection of information in which Data is governed and leveraged as a unique corporate asset.

The Data Governance Council [17]

The Data Governance Council is an organization formed by IBM consisting of companies, institutions and technology solution providers with the stated objective to build consistency and quality control in governance, which will help companies better protect critical data.

Enterprise Data Management Council[18]

The EDM Council is a non-profit organization created to elevate the practice of data management as a business priority. We are advocates for both content standards and data management best practices.

IQ International -- the International Association for Information and Data Quality[19]

IQ International is a not-for-profit, vendor neutral, professional association formed in 2004, dedicated to building the information and data quality profession.

Data Governance Australia[20]

Originally initiated by Data Republic, Data Governance Australia (DGA) is a not-for-profit association, established to promote the responsible use of data.

The Compliance Governance and Oversight Council[21]

The Compliance Governance and Oversight Council (CGOC), is a forum for legal, IT, records and information management professionals dedicated to provide the insight, interaction, and information they need to make good business decisions.

Wikimedia Foundation/Wikidata division

Is an American non-profit and charitable organization headquartered in San Francisco, California.[22] It is mostly known for participating in the Wikimedia movement. It owns the internet domain name WIKIDATA.org and operates the site and founds. The Project chat is the main decision body of Wikidata.

A number of major conferences relevant to data governance are held annually:

Data Governance and Information Quality Conference[23]

Commercial conferences held each year in the USA

Data Governance Conference Europe,[24]

Commercial conferences held annually in London, England .

Information and Data Quality Conference

Not for profit conference run by IQ International in the USA

Master Data Management & Data Governance Conferences[25]

Seven major conferences are run annually by the MDM Institute in London, San Francisco, Sydney, Toronto, Madrid, Frankfurt, and New York City.

Financial Information Summit series of conferences[26]

Hosted by Inside Reference Data magazine in New York, London, Hong Kong, Toronto, Chicago, Frankfurt, Paris and Tokyo.

Compliance Governance Oversight Council (CGOC) Regional Meetings[27]

Regional meetings are held twice a year throughout USA and in Europe.

• Information Architecture
• Information governance
• Information technology governance
• Business semantics management
• Semantics of Business Vocabulary and Business Rules
• Master data management
• COBIT
• ISO/IEC 38500
• ISO/TC 215
• Operational risk management
• Basel II Accord
• HIPAA
• Sarbanes-Oxley Act
• Information technology controls
• Data Protection Directive (EU)
• Universal Data Element Framework
• Asset Description Metadata Schema
• Simulation Governance