Categories
erwin Expert Blog

Five Pillars of Data Governance Readiness: Organizational Support

It’s important that business leaders foster organizational support for their data governance efforts.

The clock is counting down to the May 25 effective date for the General Data Protection Regulation (GDPR). With the deadline just a stone’s throw away, organizations need to ensure they are data governance-ready.

We’re continuing our blog series on the Five Pillars of Data Governance (DG). Today, we’ll explore the second pillar of data governance, organizational support, and why it’s essential to ensuring DG success.

In the modern, data-driven business world, data is an organization’s most valuable asset, and successful organizations treat it as such. In this respect, we can see data governance as a form of asset maintenance.

Take a production line in a manufacturing facility, for example. Organizations understand that equipment maintenance is an important and on-going process. They require employees using the equipment to be properly trained, ensuring it is clean, safe and working accordingly with no misuse.

They do this because they know that maintenance can prevent, or at the very least postpone repair that can be costly and lead to lost revenue during downtime.

Organizational Support: Production Lines of Information

Data Governance: Organizational Support

Despite the intangible nature of data, the same ideas for maintaining physical assets can and should be applied. After all, data-driven businesses are essentially data production lines of information. Data is created and moved through the pipeline/organization, eventually driving revenue.

In that respect – as with machinery on a production line and those who use it – everybody that uses data should be involved in maintaining and governing it.

Poor data governance leads to similar problems as poor maintenance of a production line. If it’s not well-kept, the fallout can permeate throughout the whole business.

If a DG initiative is failing, data discovery becomes more difficult, slowing down data’s journey through the pipeline.

Inconsistencies in a business glossary lead to data units with poor or no context. This in turn leads to data units that the relevant users don’t know how to put together to create information worth using.

Additionally, and perhaps most damning, if an organization has poorly managed systems of permissions, the wrong people can access data. This could lead to unapproved changes, or in light of GDPR, serious fines – and ultimately diminished customer trust, falling stock prices and tarnished brands.

Facebook has provided a timely reminder of the importance of data governance and the potential scale of fallout should its importance be understated. Facebook’s lack of understanding as to how third-party vendors could use and were using its data landed them in hot PR water (to put it lightly).

Reports indicate 50 million users were affected, and although this is nowhere near the biggest leak in history (or even in recent history, see: Equifax), it’s proof that the reputational damage of a data breach is extensive. And with GDPR fast approaching, that cost will only escalate.

At the very least, organization’s need to demonstrate that they’ve taken the necessary steps to prevent such breaches. This requires understanding what data they currently have, where it is, and also how it may be used by any third parties with access. This is where data governance comes in, but for it to work, many organizations need a culture change.

A Change in Culture

Fostering organizational support for data governance might require a change in organizational culture.

This is especially apparent in organizations that have only adopted the Data Governance 1.0 approach in which DG is siloed from the wider organization and viewed as an “IT-problem.” Such an approach denies data governance initiatives the business contexts needed to function in a data-driven organization.

Data governance is based primarily on three bodies of knowledge: the data dictionary, business glossary and data usage catalog. For these three bodies of knowledge to be complete, they need input from the wider business.

In fact, countless past cases of failed DG implementations can be attributed to organizations lacking organizational support for data governance.

For example, leaving IT to document and assemble a business glossary naturally leads to inconsistencies. In this case, IT departments are tasked with creating a business glossary for terms they often aren’t aware of, don’t understand the context of, or don’t recognize the applications or implications for.

This approach preemptively dooms the initiative, ruling out the value-adding benefits of mature data governance initiatives from the onset.

In erwin’s 2018 State of Data Governance Report, it found that IT departments continue to foot the bill for data governance at 40% of organizations. Budget for data governance comes from the audit and compliance function at 20% of organizations, while the business covers the bill at just 8% of the companies surveyed.

To avoid the aforementioned pitfalls, business leaders need to instill a culture of data governance throughout the organization. This means viewing DG as a strategic initiative and investing in it with inherent organizational and financial support as an on-going practice.

To that end, organizations tend to overvalue the things that can be measured and undervalue the things that cannot. Most organizations want to quantify the value of data governance. As part of a culture shift, organizations should develop a business case for an enterprise data governance initiative that includes calculations for ROI.

By limiting its investment to departmental budgets, data governance must contend with other departmental priorities. As a long-term initiative, it often will lose out to short-term gains.

Of course, this means business leaders need to be heavily invested and involved in data governance themselves – a pillar of data governance readiness in its own right.

Ideally, organizations should implement a collaborative data governance solution to facilitate the organization-wide effort needed to make DG work.

Collaborative in the sense of enabling inter-departmental collaboration so the whole organization’s data assets can be accounted for, but also  in the sense that it works with the other tools that make data governance effective and sustainable – e.g., enterprise architecture, data modeling and business process.

We call this all-encompassing approach to DG an ‘enterprise data governance experience’ or ‘EDGE.’ It’s the Data Governance 2.0 approach, made to reflect how data can be used within the modern enterprise for greater control, context, collaboration and value creation.

To determine your organization’s current state of data governance readiness, take the erwin DG RediChek.

To learn more about the erwin EDGE, reserve your seat for this webinar.

Take the DG RediChek

Categories
erwin Expert Blog

Data Governance 2.0 for Financial Services

The tempo of change for data-driven business is increasing, with the financial services industry under particular pressure. For banks, credit card, insurance, mortgage companies and the like, data governance must be done right.

Consumer trust is waning across the board, and after several high-profile data breaches, trust in the way in which organizations handle and process data is lower still.

Equifax suffered 2017’s largest breach and the fifth largest in history. The subsequent plummet in stock value should have sent a stark warning to other financial service organizations. As of November, the credit bureau reported $87.5 million in expenses following the breach, and the PR fallout plummeted profits by 27 percent.

But it could be said that Equifax was lucky. If the breach had occurred following the implementation of the General Data Protection Regulation (GDPR), it also would have been hit with hefty sanctions. Come May of 2018, fines for GDPR noncompliance will reach an upper limit of €20 million or 4 percent of annual turnover – whichever is greater.

Data governance’s purpose – knowing where your data is and who is accountable for it – is a critical factor in preventing such breaches. It’s also a prerequisite for compliance as organizations need to demonstrate they have taken reasonable precautions in governing.

Equifax’s situation clearly implies that financial services organizations need to review and improve their data governance. As a concept, data governance for regulatory compliance is widely understood. Such regulations were introduced a decade ago in response to the financial crisis.

However, data governance’s role goes far beyond just preventing data breaches and meeting compliance standards.

Data Governance 2.0 for Financial Services

Data governance has struggled to gain a foothold because the value-adds have been unclear and largely untested. After new regulations for DG were introduced for the financial services industry, most organizations didn’t bother implementing company-wide approaches, instead opting to leave it as an IT-managed program.

So IT was responsible for cataloging data elements to support search and discovery, yet they rarely knew which bits of data were related or important to the wider business. This resulted in poor data quality and completeness, and left data and its governance siloed so data-driven business was hard to do.

Now data-driven business is more common – truly data-driven business with data at the core of strategy. The precedent has been set thanks to Airbnb, Amazon and Uber being some of the first businesses to use data to turn their respective markets on their heads.

These businesses don’t just use data to target new customers, they use data to help dictate strategy, find new gaps in the market, and highlight areas for performance improvement.

With that in mind, there’s a lot the financial services industry can learn and apply. FinTech start-ups continue to shake up the sector, and although the financial services industry is a more difficult industry to topple, traditional financial organizations need to innovate to stay competitive.

Alongside compliance, the aforementioned purpose of DG – knowing where data is stored and who is accountable for it – is also a critical factor in fostering agility, squashing times to market, and improving overall business efficiency, especially in the financial services industry.

In fact, the biggest advantage of data governance for financial services is making quality and reliable data readily available to the right people, so the right decisions can be made faster. Good DG also helps these companies better capitalize on revenue opportunities, solve customer issues, and identify fraud while improving the standard for reporting on such data.

These benefits are especially important within financial services because their big decisions have big financial impacts. To make such decisions, they need to trust that the data they use is sound and efficiently traceable.

Such data accountability is paramount. To achieve it, organizations must move away from the old, ineffective Data Governance 1.0 approach to the collaborative, outcome-driven Data Governance 2.0.

This means introducing data governance to the wider business, not just leaving it to IT. It means line-of-business managers and C-level executives take leading roles in data governance. But most importantly, it means a more efficient approach to data-driven business for increased revenue. A BCG study implies that financial services could be leaving up to $30 billion on the table.

Although the temptation to just meet regulatory compliance might be strong, the financial services industry clearly has a lot to gain from taking the extra step. Therefore, new regulations don’t have to be seen as a burden but as a catalyst for greater, proactive and forward-thinking change.

For more best practices in business and IT alignment, and successfully implementing data governance, click here.

Data governance is everyone's business