Categories
erwin Expert Blog

Five Pillars of Data Governance Readiness: Team Resources

The Facebook scandal has highlighted the need for organizations to understand and apply the five pillars of data governance readiness.

All eyes were on Mark Zuckerberg this week as he testified before the U.S. Senate and Congress on Facebook’s recent data drama.

A statement from Facebook indicates that the data snare was created due to permission settings leveraged by the Facebook-linked third-party app ‘thisisyourdigitallife.’

Although the method used by Cambridge Analytica to amass personal data from 87 million Facebook users didn’t constitute a “data breach,” it’s still a major data governance (DG) issue that is now creating more than a headache for the company.

The #DeleteFacebook movement is gaining momentum, not to mention the company’s stock dip.

With Facebook’s DG woes a mainstay in global news cycles, and the General Data Protection Regulation’s (GDPR) implementation just around the corner, organizations need to get DG-ready.

During the past few weeks, the erwin Expert Blog has been exploring the five pillars of data governance readiness. So far, we’ve covered initiative sponsorship and organizational support. Today, we talk team resources.

Facebook and the Data Governance Awakening

Most organizations lack the enterprise-level experience required to advance a data governance initiative.

This function may be called by another name (e.g., data management, information management, enterprise data management, etc.), a successful organization recognizes the need for managing data as an enterprise asset.

Data governance, as a foundational component of enterprise data management, would reside within such a group.

You would think an organization like Facebook would have this covered. However, it doesn’t appear that they did.

The reason Facebook is in hot water is because the platform allowed ‘thisisyourdigitallife’ to capture personal data from the Facebook friends of those who used the app, increasing the scope of the data snare by an order of magnitude.

Pillars of Data Governance; Facebook

For context, it took only 53 Australian ‘thisisyourdigitallife’ users to capture 310,000 Australian citizens’ data.

Facebook’s permission settings essentially enabled ‘thisisyourdigitallife’ users to consent on behalf of their friends. Had GDPR been in effect, Facebook would have been non-compliant.

Even so, the extent of the PR fallout demonstrates that regulatory compliance shouldn’t be the only driver for implementing data governance.

Understanding who has access to data and what that data can be used for is a key use case for data governance. This considered, it’s not difficult to imagine how a more robust DG program could have covered Facebook’s back.

Data governance is concerned with units of data – what are they used for, what are the associated risks, and what value do they have to the business? In addition, DG asks who is responsible for the data – who has access? And what is the data lineage?

It acts as the filter that makes data more discoverable to those who need it, while shutting out those without the required permissions.

The Five Pillars of Data Governance: #3 Team Resources

Data governance can’t be executed as a short-term fix. It must be an on-going, strategic initiative that the entire organization supports and is part of. But ideally, a fixed and formal data management group needs to oversee it.

As such, we consider team resources one of the key pillars of data governance readiness.

Data governance requires leadership with experience to ensure the initiative is a value-adding success, not the stifled, siloed programs associated with data governance of old (Data Governance 1.0).

Without experienced leadership, different arms of the organization will likely pull in different directions, undermining the uniformity of data that DG aims to introduce. If such experience doesn’t exist within the organization, then outside consultants should be tapped for their expertise.

As the main technical enabler of the practice, IT should be a key DG participant and even house the afore-mentioned data management group to oversee it. The key word here is “participant,” as the inclination to leave data governance to IT and IT alone has been a common reason for Data Governance 1.0’s struggles.

With good leadership, organizations can implement Data Governance 2.0: the collaborative, outcome-driven approach more suited to the data-driven business landscape. DG 2.0 avoids the pitfalls of its predecessor by expanding the practice beyond IT and traditional data stewards to make it an enterprise-wide responsibility.

By approaching data governance in this manner, organizations ensure those with a stake in data quality (e.g., anyone who uses data) are involved in its discovery, understanding, governance and socialization.

This leads to data with greater context, accuracy and trust. It also hastens decision-making and times to market, resulting in fewer bottlenecks in data analysis.

We refer to this collaborative approach to data governance as the enterprise data governance experience (EDGE).

Back to Facebook. If they had a more robust data governance program, the company could have discovered the data snare exploited by Cambridge Analytica and circumvented the entire scandal (and all its consequences).

But for data governance to be successful, organizations must consider team resources as well as enterprise data management methodology and delivery capability (we’ll cover the latter two in the coming weeks).

To determine your organization’s current state of data governance readiness, take the erwin DG RediChek.

To learn more about how to leverage data governance for GDPR compliance and an EDGE on the competition, click here.

Take the DG RediChek

Categories
erwin Expert Blog

Five Pillars of Data Governance Readiness: Initiative Sponsorship

“Facebook at the center of global reckoning on data governance.” This headline from a March 19 article in The Wall Street Journal sums up where we are. With only two months until the General Data Protection Regulation (GDPR) goes into effect, we’re going to see more headlines about improper data governance (DG) – leading to major fines and tarnished brands.

Since the news of the Facebook data scandal broke, the company’s stock has dropped and Nordea, the largest bank in the Nordic region, put a stop to Facebook investments for three months because “we see that the risks related to governance around data protection may have been severely compromised,” it said in a statement.

Last week, we began discussing the five pillars of data governance readiness to ensure the data management foundation is in place for mitigating risks, as well as accomplishing other organizational goals. There can be no doubt that data governance is central to an organization’s customer relationships, reputation and financial results.

So today, we’re going to explore the first pillar of DG readiness: initiative sponsorship. Without initiative sponsorship, organizations will struggle to obtain the funding, resources, support and alignment necessary for successful implementation and subsequent performance.

A Common Roadblock

Data governance isn’t a one-off project with a defined endpoint. It’s an on-going initiative that requires active engagement from executives and business leaders. But unfortunately, the 2018 State of Data Governance Report finds lack of executive support to be the most common roadblock to implementing DG.

This is historical baggage. Traditional DG has been an isolated program housed within IT, and thus, constrained within that department’s budget and resources. More significantly, managing DG solely within IT prevented those in the organization with the most knowledge of and investment in the data from participating in the process.

This silo created problems ranging from a lack of context in data cataloging to poor data quality and a sub-par understanding of the data’s associated risks. Data Governance 2.0 addresses these issues by opening data governance to the whole organization.

Its collaborative approach ensures that those with the most significant stake in an organization’s data are intrinsically involved in discovering, understanding, governing and socializing it to produce the desired outcomes. In this era of data-driven business, C-level executives and department leaders are key stakeholders.

But they must be able to trust it and then collaborate based on their role-specific insights to make informed decisions about strategy, identify new opportunities, address redundancies and improve processes.

So, it all comes back to modern data governance: the ability to understand critical enterprise data within a business context, track its physical existence and lineage, and maximize its value while ensuring quality and security.

Initiative Sponsorship: Encouraging Executive Involvement

This week’s headlines about Facebook have certainly gotten Mark Zuckerberg’s attention, as there are calls for the CEO to appear before the U.S. Congress and British Parliament to answer for his company’s data handling – or mishandling as it is alleged.

Public embarrassment, Federal Trade Commission and GDPR fines, erosion of customer trust/loyalty, revenue loss and company devaluation are real risks when it comes to poor data management and governance practices. Facebook may have just elevated your case for implementing DG 2.0 and involving your executives.

Initiative Sponsorship Data Governance GDPR

Business heads and their teams, after all, are the ones who have the knowledge about the data – what it is, what it means, who and what processes use it and why, and what rules and policies should apply to it. Without their perspective and participation in data governance, the enterprise’s ability to intelligently lock down risks and enable growth will be seriously compromised.

Appropriately implemented – with business data stakeholders driving alignment between DG and strategic enterprise goals and IT handling the technical mechanics of data management – the door opens to trusting data and using it effectively.

Also, a chief data officer (CDO) can serve as the bridge between IT and the business to remove silos in the drive toward DG and subsequent whole-of-business outcomes. He or she would be the ultimate sponsor, leading the charge for the necessary funding, resources, and support for a successful, ongoing initiative.

Initiative Sponsorship with an ‘EDGE’

Once key business leaders understand and buy into the vital role they play in a Data Governance 2.0 strategy, the work of building the infrastructure enabling the workforce and processes to support actively governing data assets and their alignment to the business begins.

To find it, map it, make sure it’s under control, and promote it to appropriate personnel requires a technology- and business-enabling platform that covers the entire data governance lifecycle across all data producer and consumer roles.

The erwin EDGE delivers an ‘enterprise data governance experience’ to unify critical DG domains, use role-appropriate interfaces to bring together stakeholders and processes to support a culture committed to acknowledging data as the mission-critical asset that it is, and orchestrate the key mechanisms that are required to discover, fully understand, actively govern and effectively socialize and align data to the business.

To assess your organizations current data governance readiness, take the erwin DG RediChek.

To learn more about the erwin EDGE, reserve your seat for this webinar.

Take the DG RediChek

Categories
erwin Expert Blog

Data Governance Readiness: The Five Pillars

In light of the General Data Protection Regulation (GDPR) taking effect in just three months, an understanding of data governance readiness has become paramount. Organizations need to make sure they’re ready to meet the world’s most comprehensive data privacy law’s requirements:

  • Understanding all the systems in which personal data is located and all the interactions that touch it
  • Knowing the original instance of the data plus its entire lineage and how it’s handled across the complete ecosystem
  • Ensuring changes, purges or other customer requests are adhered to in a timely manner
  • Notifying customers of a data breach within 72 hours

GDPR becomes effective in an age of rapidly proliferating customer data. For organizations to meet its demands, data governance (DG) must become operational. Done right, it holds great promise not only for regulatory compliance but also for creating data-driven opportunities that drive innovation and greater value.

The 2018 State of Data Governance Report shows that customer trust/satisfaction, decision-making, reputation management, analytics and Big Data are the key drivers of data governance adoption, behind meeting regulatory obligations.

Data Governance Readiness: Data Governance Drivers

A Question of Approach

There’s no question data governance is important and should be the cornerstone of data management to both reduce risks and realize larger organizational results, such as increasing customer satisfaction, improving decision-making, enhancing operational efficiency and growing revenue. The question is how to implement DG, so it does all that.

The boom in data-driven business, as well as new regulatory pressures, have thrust DG into a new spotlight. But the historical approach to DG, being housed in IT siloed from the parties who could use it the most, won’t work in the age of digital power brands like Airbnb, Amazon and Uber.

Data governance done right requires the participation of the entire enterprise and should be measured and measurable in the context of the business. Fortunately, Data Governance 2.0 builds on the principle that everyone in the organization has a role in the initiative, which is ongoing.

IT handles the technical mechanics of data management, but data governance is everyone’s business with stakeholders outside IT responsible for aligning DG with strategic organizational goals.

This creates an environment in which data is treated as an organizational asset that must be inventoried and protected as any physical asset, but it also can be understood in context and shared to unleash greater potential.

The Pillars of Data Governance Readiness

If you accept that data governance is a must for understanding critical data within a business context, tracking its physical existence and lineage, and maximizing its security, quality and value, are you ready to implement it as an enterprise initiative?

We’ve identified what we believe to be the five pillars of data governance readiness.

  1. Initiative Sponsorship

Without executive sponsorship, you’ll have difficulty obtaining the funding, resources, support and alignment necessary for successful DG. 

  1. Organizational Support

DG needs to be integrated into the data stewardship teams and wider culture. It also requires funding.

  1. Team Resources

Most successful organizations have established a formal data management group at the enterprise level. As a foundational component of enterprise data management, DG would reside in such a group.

  1. Enterprise Data Management Methodology

DG is foundational to enterprise data management. Without the other essential components (e.g., metadata management, enterprise data architecture, data quality management), DG will be struggle.

  1. Delivery Capability

Successful and sustainable DG initiatives are supported by specialized tools, which are scoped as part of the DG initiative’s technical requirements.

We’re going to explore these pillars of data governance readiness in future blog posts and through a new, free app to help you build – or shore up – your data governance initiative. By applying them, you’ll establish a solid data governance foundation to achieve the desired outcomes, from limiting the risk of data exposures to growing revenue.

In the meantime, you might want to check out our latest white paper that focuses on the impending GDPR and how to increase DG expertise because no organization with even one customer in the EU is outside its grasp. Click here to get the white paper.

Data Governance and GDPR: GDPR and Your Business Whitepaper

Categories
erwin Expert Blog

Understanding and Justifying Data Governance 2.0

In the past, justifying data governance was notoriously difficult. The siloed nature of Data Governance 1.0, and its lack of focus on adding value meant buy-in was low.

While housing data governance (DG) within IT might have made sense in its early stage, data and data governance has evolved.

Today, we generate a staggering 2.5 quintillion bytes of data per day. With growing regulatory demands and the opportunities of infonomics, data search and discovery from an IT silo aren’t enough.

Data governance as a practice, and the solutions that power it, must be part of an organization’s culture to ensure the people and departments that use data are involved in its discovery, understanding, governance and socialization for peak performance.

So, how do you go about justifying data governance as an enterprise-wide initiative?

Justifying Data Governance – The Roadblocks

First, we must look at the shortcomings of the Data Governance 1.0 approach that are clearly reflected in the 2018 State of Data Governance Report. The lack of executive support is cited as the most common roadblock to implementing data governance at 42%, with a lack of organizational support closely following at 39%.

For data-driven enterprises, executives arguably have the biggest stake in improving DG practices. Decisions surrounding strategic direction – e.g., emerging markets to target, insights into operational efficiency, performance of marketing campaigns – are best made with accurate data.

By implementing a sound data governance initiative, data availability and context improves so employees – from executives to the front line – can make better and faster decisions. Additionally, decisions will be made with more confidence, knowing the data can be trusted. As a result, there will be fewer risks, false starts and wasted budgets on projects doomed to fail because they were based on faulty premises.

The State of DG Report also found a lack of effective tools to be another roadblock to successfully implementing data governance. This is no surprise because they weren’t built with collaboration in mind.

As mentioned, the data produced by modern society – and business – is staggering, and it permeates the whole business. Furthermore, data regulations – such as GDPR – demand that organizations understand their data lineage, being able to show who has access to what.

Governing massive volumes of data and being able to demonstrate its lineage from department to department and employee to employee fundamentally requires a collaborative approach.

Another area in which Data Governance 1.0 fell short was in articulating a business case. Of the organizations surveyed for the State of DG Report, 27% say this as a roadblock to successful data governance.

Those frustrations are understandable, as DG 1.0 wasn’t conceived for proactively adding value. But DG 2.0 has opened significant opportunities for organizations to add value, so data governance is easier to justify as a means of identifying and implementing new ideas and improvements more quickly.

For example, financial services companies stand to generate $30 billion in extra revenue through better governance of their data.

Justifying Data Governance – A New Direction

Data Governance 2.0 ploughs through the roadblocks associated with old-school DG.

It takes an enterprise-wide approach to ensure data governance really works, meaning “data owners” and “data stakeholders” are involved in the cataloging process. Everyone benefits from having access to data in context to their roles with a better grasp of its history and lineage.

Of course, regulatory compliance is the main driver for revisiting or implementing a DG initiative. However, the benefits of data governance go well beyond GDPR compliance. Better data quality, context and lineage lead to greater customer satisfaction, improved decision-making and the ability to maintain or even enhance an organization’s reputation – all mentioned as reasons to implement DG in the State of DG Report.

Indeed, understanding and governing enterprise assets has become more important to the C-suite. And DG 2.0 presupposes that CTOs in addition to CFOs, CMOs and other business executives are involved in data management on a day-to day basis. Therefore, they have to be part of the initiative and enabled to share information for agile innovation and business transformation.

It’s clear this new, proactive take on data governance is catching on. The hyper-competitive nature of data-driven business demands it – with or without the threat of GDPR penalties.  Organizations reluctant or slow to adopt Data Governance 2.0 will be left behind.

To get the full State of DG Report, including survey results and insights, click here.

State of DG: Get the full report

Categories
erwin Expert Blog

Data Governance 2.0: Biggest Data Shakeups to Watch in 2018

This year we’ll see some huge changes in how we collect, store and use data, with Data Governance 2.0 at the epicenter. For many organizations, these changes will be reactive, as they have to adapt to new regulations. Others will use regulatory change as a catalyst to be proactive with their data. Ideally, you’ll want to be in the latter category.

Data-driven businesses and their relevant industries are experiencing unprecedented rates of change.

Not only has the amount of data exploded in recent years, we’re now seeing the amount of insights data provides increase too. In essence, we’re finding smaller units of data more useful, but also collecting more than ever before.

At present, data opportunities are seemingly boundless, and we’ve barely begun to scratch the surface. So here are some of the biggest data shakeups to expect in 2018.

2018 data governance 2.0

GDPR

The General Data Protection Regulation (GDPR) has organizations scrambling. Penalties for non-compliance go into immediate effect on May 25, with hefty fines – up to €20 million or 4 percent of the company’s global annual turnover, whichever is greater.

Although it’s a European mandate, the fact is that all organizations trading with Europe, not just those based within the continent, must comply. Because of this, we’re seeing a global effort to introduce new policies, procedures and systems to prepare on a scale we haven’t seen since Y2K.

It’s easy to view mandated change of this nature as a burden. But the change is well overdue – both from a regulatory and commercial point of view.

In terms of regulation, a globalized approach had to be introduced. Data doesn’t adhere to borders in the same way as physical materials, and conflicting standards within different states, countries and continents have made sufficient regulation difficult.

In terms of business, many organizations have stifled their digital transformation efforts to become data-driven, neglecting to properly govern the data that would enable it. GDPR requires a collaborative approach to data governance (DG), and when done right, will add value as well as achieve compliance.

Rise of Data Governance 2.0

Data Governance 1.0 has failed to gain a foothold because of its siloed, un-collaborative nature. It lacks focus on business outcomes, so business leaders have struggled to see the value in it. Therefore, IT has been responsible for cataloging data elements to support search and discovery, yet they rarely understand the data’s context due to being removed from the operational side of the business. This means data is often incomplete and of poor quality, making effective data-driven business impossible.

Company-wide responsibility for data governance, encouraged by the new standards of regulation, stand to fundamentally change the way businesses view data governance. Data Governance 2.0 and its collaborative approach will become the new normal, meaning those with the most to gain from data and its insights will be directly involved in its governance.

This means more buy-in from C-level executives, line managers, etc. It means greater accountability, as well as improved discoverability and traceability. Most of all, it means better data quality that leads to faster, better decisions made with more confidence.

Escalated Digital Transformation

Digital transformation and its prominence won’t diminish this year. In fact, thanks to Data Governance 2.0, digital transformation is poised to accelerate – not slow down.

Organizations that commit to data governance beyond just compliance will reap the rewards. With a stronger data governance foundation, organizations undergoing digital transformation will enjoy a number of significant benefits, including better decision making, greater operational efficiency, improved data understanding and lineage, greater data quality, and increased revenue.

Data-driven exemplars, such as Amazon, Airbnb and Uber, have enjoyed these benefits, using them to disrupt and then dominate their respective industries. But you don’t have to be Amazon-sized to achieve them. De-siloing DG and treating it as a strategic initiative is the first step to data-driven success.

Data as Valuable Asset

Data became more valuable than oil in 2017. Yet despite this assessment, many businesses neglect to treat their data as a prized asset. For context, the Industrial Revolution was powered by machinery that had to be well-maintained to function properly, as downtime would result in loss. Such machinery adds value to a business, so it is inherently valuable.

Fast forward to 2018 with data at center stage. Because data is the value driver, the data itself is valuable. Just because it doesn’t have a physical presence doesn’t mean it is any less important than physical assets. So businesses will need to change how they perceive their data, and this is the year in which this thinking is likely to change.

DG-Enabled AI and IoT

Artificial Intelligence (AI) and the Internet of Things (IoT) aren’t new concepts. However, they’re yet to be fully realized with businesses still competing to carve a slice out of these markets.

As the two continue to expand, they will hypercharge the already accelerating volume of data – specifically unstructured data – to almost unfathomable levels. The three Vs of data tend to escalate in unison. As the volume increases, so does the velocity and speed at which data must be processed. The variety of data – mostly unstructured in these cases – also increases, so to manage it, businesses will need to put effective data governance in place.

Alongside strong data governance practices, more and more businesses will turn to NoSQL databases to manage diverse data types.

For more best practices in business and IT alignment, and successfully implementing Data Governance 2.0, click here.

Data governance is everyone's business

Categories
erwin Expert Blog

The Key to Improving Business and IT Alignment

Fostering business and IT alignment has become more important than ever.

Gone are the days when IT was a fringe department, resigned to providing support. But after so long on the sidelines, many businesses still struggle to bring IT into the fold, ensuring its alignment with the wider business. But this should be a priority for any data-driven enterprise.

On a fundamental level, it requires a change of perception and culture. The stereotype of basement-housed IT teams was widely acknowledged and satirized. It formed the basis of the popular British sitcom The IT Crowd, which focused on the escapades of three IT staff members in the dingy basement of a huge corporation. Often their best professional input was “turn it off and on again.”

Today, the idea of such a small IT team supporting a huge business is almost too ridiculous to satirize..

Bring IT Out of the Basement

In the age of data-driven business, IT now takes center stage. And it has been promoted out of the basement – at least in principle.

Although IT has moved away from its legacy of support and “keeping the lights on,” many businesses still have a long way to go in fostering business and IT alignment.

But the data-driven nature of modern business demands it. Not only is the wider business responsible for understanding, making use of and capitalizing on data; the business as a whole, including IT, is responsible for upholding the regulations associated with it.

Fostering Business and IT Alignment

The key here, then, is a collaborative data governance program. For business and IT to be sufficiently aligned, the business needs access to all the data relevant to its various departments, whenever it is needed.

This means the right data of the right quality, regardless of format or where it is stored, must be available for use, but only by the right people for the right purpose.

Therefore, the notion that IT can manage and govern data independently is unthinkable. It’s the business that will use data the most, and it’s the business that stands to lose the most when decisions are made based on bad data.

Companies had long neglected this reality. Past efforts to implement data governance programs (Data Governance 1.0) often fell short in adding value. When left solely to IT, Data Governance 1.0 was solely focussed on cataloging data. This, and the disparity between IT and the business meant the meaning of data assets, and their relationship within the wider data landscape, was unclear.

This is what Data Governance 2.0, and its innately collaborative nature aims to resolve. With Data Governance 2.0, the strategy encompasses defined business, IT and business-IT requirements.

Data Governance for Business and IT Alignment

Business Requirements: The business is responsible for defining data, including setting standards for the ownership and meaning of data assets so the organization can use data with a uniformed approach.

IT Requirements: IT manages data at the base level: from mapping data – which may exist across various systems, reports and data models – to physical data assets (databases, files, documents and so on). This, in turn, enables IT to accurately assume the impact of things like data-glossary changes across the enterprise. That’s a key enabling factor in enterprise architecture, allowing for cost-effective and thorough risk management by identifying data points that require the most security.

Business-IT Requirements: A joint effort allows IT to effectively publish data to relevant roles/people. This way, the business can readily use data that is meaningful and relevant to it across various departments, while maintaining compliance with existing and upcoming data protection regulations.

Additionally, those using data can follow data chains back to the source, providing a wider, less ambiguous view of data assets and thus reducing the likelihood of poor decision-making.

For more best practices in business and IT alignment, and successfully implementing data governance, click here.

Business and IT alignment - Data governance

Categories
erwin Expert Blog

Data Governance and Risk Management

Risk management is crucial for any data-driven business. Former FBI Director Robert Mueller famously said, “There are only two types of companies: those that have been hacked and those that will be.” This statement struck a chord when first spoken in 2012, and the strings are still ringing.

As data continues to be more deeply intertwined in our day-to-day lives, the associated risks are growing in number and severity. So, there’s increasing scrutiny on organizations’ data governance practices – and for good reason.

Governmental scrutiny, in particular, is gearing up. The General Data Protection Regulation (GDPR) introduces strict formality in the way data is governed across the European Union, including organizations outside the EU that wish to do business with its member nations.

But in certain sectors, public scrutiny is just as – if not more – important to consider. We’ve been talking since September about the data breach at Equifax, which has just been hit with a 50-state, class-action lawsuit.

And we just learned that Uber was hacked, resulting in the personal data of 57 million customers and Uber drivers being stolen. What’s more, the company concealed the breach for more than a year.

Whether we’re talking about financial or reputational damage, it’s absolutely clear that bad data governance is bad business.

Risk Management Data Governance

Risk Management for IoT

Think about the Internet of Things (IoT) for a moment …

IoT devices are gaining more stock in daily life – from the mundane of smart refrigerators and thermostats to the formidable of medical devices. Despite the degree of severity here, personal data is personal data, and the steps taken to mitigate security risks must be evidenced to be compliant.

Data governance is fundamental to risk mitigation and management. That’s because data governance is largely concerned with understanding two key things: where your data is kept and what it’s used for. Considering the scope of IoT data, this is no easy feat.

Estimates indicate that by 2020, 50 billion connected devices will be in circulation. Misunderstanding where and what this data is could leave the records of millions exposed.

On top of the already pressing need for effective data governance for risk management, we’re constantly approaching uncharted territories in data applications.

Lessons from Driverless Cars

The driverless car industry is one such example on the not-too-distant horizon.

Businesses from BMW to Google are scrambling to win the driverless car race, but fears that driverless cars could be hacked are well founded. Earlier this year, a Deloitte Insights report considered the likely risks of introducing autonomous vehicles onto public roads.

It reads, “The very innovations that aim to enhance the way we move from place to place entail first-order cybersecurity challenges.” It also indicates that organizations need to make radical changes in how they view cybersecurity to ensure connected vehicles are secure, vigilant and resilient:

  • Secure – Work on risk management by prioritizing sensitive assets to balance security and productivity.
  • Vigilant – Integrate threat data, IT data and business data to be equipped with context-rich alerts to prioritize incident handling and streamline incident investigation.
  • Resilient – Rapidly adapt and respond to internal or external changes to continue operations with limited business impacts.

The first thing organizations should take away is that this advice applies to the handling of all sensitive data; it’s by no means exclusive to autonomous vehicles. And second, security, vigilance and resilience all are enabled by data governance.

Data Governance Leads the Way

As discussed, data governance is about knowing where your data is and what it’s used for.  This understanding indicates where security resources should be spent to help mitigate data breaches.

Data governance also makes threat data, IT data and business data more readily discoverable, understandable and applicable, meaning any decisions you make regarding security investments are well informed.

In terms of resilience and the ability to rapidly respond, businesses must be agile and collaborative, points of contention in traditional data governance. However, Data Governance 2.0 as defined by Forrester addresses agility in terms of “just enough controls for managing risk, which enables broader and more insightful use of data required by the evolving needs of an expanding business ecosystem.”

As GDPR looms ever near, an understanding of data governance best practices will be indispensable. To get the best of them, click here.

Data governance is everyone's business

Categories
erwin Expert Blog

Data Governance 2.0: Collaborative Data Governance

Data Governance 1.0 has been too isolated to be truly effective, and so a new, collaborative data governance approach is necessary.

This rings especially true when considering the imminent implementation of the General Data Protection Regulation (GDPR). Compliance is required from all EU-based companies and those trading with the EU.

It’s extremely likely that your business falls under GDPR’s scope. Failure to comply will leave your company liable for penalties up to €20 million or 4% or annual global turnover – whichever is greater.

With the amount of data a modern business has to manage, and the copious access points, GDPR compliance will require everyone to sing from the same hymn sheet.

This is where Data Governance 2.0 comes in. As defined by Forrester, it is “an agile approach to data governance focused on just enough controls for managing risk, which enables broader and more insightful use of data required by the evolving needs of an expanding business ecosystem.”

The principles of Data Governance 2.0 were designed with modern, data-driven business in mind. This new approach acknowledges the demand for collaborative data governance, tears down organizational silos, and spreads responsibilities across more roles.

Collaborative Data Governance

Collaborative Data Governance – Shattering Silos

As addressed above, modern businesses must deal with volumes of data that legacy systems and policies just weren’t designed to manage. This problem is exacerbated by the variety of data, both structured and unstructured, historically managed by different departments within an organization.

To shatter such silos, organizations can leverage a collaborative data governance approach to foster better data use and accountability. A governance tool that can sort, regulate and manage data access through secure checkpoints and assigned roles is key. Then the right data of the right quality, regardless or format or location, is available to the right people for the right purpose.

Such a data governance tool is paramount not only to help ensure GDPR compliance but also for effective business operations. It’s important to stress that data governance is a key revenue driver.

In this digital age, data is more valuable than oil. But as with oil, it must be refined.

Collaborative Data Governance – The Data Refinery

Data Governance 1.0 was mainly concerned with cataloging data to support search and discovery. However, it fell short in adding value because it neglected the meaning of data assets and their relationships within the wider data landscape.

Many of the IT professionals involved in data governance recognized this, but calls for business leaders to be more active in governance often fell on deaf ears. Now that data has become a more critical business asset, we’re starting to see a shift.

Collaborative data governance encourages involvement throughout the organizational hierarchy. This is especially important now that business leaders, from CMOs to CTOs, are intrinsically involved in data management on a day-to-day basis.

As the best placed individuals in an organization to advocate and implement change, bringing ranking business leaders into the fold helps inform and enable the effort’s return on investment – both in limiting data exposures and driving new opportunities.

In the case of the CMO, data analysis might indicate that email open rates exceed targets, but click-through rates are underperforming. The CMO then can adjust content strategy to provide prospects with more relevant information and calls to action.

To learn more about collaborative data governance and the tool to foster this approach, click here.

Data governance is everyone's business