Author: Bunny Tharpe

Categories
erwin Expert Blog

Five Pillars of Data Governance Readiness: Organizational Support

It’s important that business leaders foster organizational support for their data governance efforts.

The clock is counting down to the May 25 effective date for the General Data Protection Regulation (GDPR). With the deadline just a stone’s throw away, organizations need to ensure they are data governance-ready.

We’re continuing our blog series on the Five Pillars of Data Governance (DG). Today, we’ll explore the second pillar of data governance, organizational support, and why it’s essential to ensuring DG success.

In the modern, data-driven business world, data is an organization’s most valuable asset, and successful organizations treat it as such. In this respect, we can see data governance as a form of asset maintenance.

Take a production line in a manufacturing facility, for example. Organizations understand that equipment maintenance is an important and on-going process. They require employees using the equipment to be properly trained, ensuring it is clean, safe and working accordingly with no misuse.

They do this because they know that maintenance can prevent, or at the very least postpone repair that can be costly and lead to lost revenue during downtime.

Organizational Support: Production Lines of Information

Data Governance: Organizational Support

Despite the intangible nature of data, the same ideas for maintaining physical assets can and should be applied. After all, data-driven businesses are essentially data production lines of information. Data is created and moved through the pipeline/organization, eventually driving revenue.

In that respect – as with machinery on a production line and those who use it – everybody that uses data should be involved in maintaining and governing it.

Poor data governance leads to similar problems as poor maintenance of a production line. If it’s not well-kept, the fallout can permeate throughout the whole business.

If a DG initiative is failing, data discovery becomes more difficult, slowing down data’s journey through the pipeline.

Inconsistencies in a business glossary lead to data units with poor or no context. This in turn leads to data units that the relevant users don’t know how to put together to create information worth using.

Additionally, and perhaps most damning, if an organization has poorly managed systems of permissions, the wrong people can access data. This could lead to unapproved changes, or in light of GDPR, serious fines – and ultimately diminished customer trust, falling stock prices and tarnished brands.

Facebook has provided a timely reminder of the importance of data governance and the potential scale of fallout should its importance be understated. Facebook’s lack of understanding as to how third-party vendors could use and were using its data landed them in hot PR water (to put it lightly).

Reports indicate 50 million users were affected, and although this is nowhere near the biggest leak in history (or even in recent history, see: Equifax), it’s proof that the reputational damage of a data breach is extensive. And with GDPR fast approaching, that cost will only escalate.

At the very least, organization’s need to demonstrate that they’ve taken the necessary steps to prevent such breaches. This requires understanding what data they currently have, where it is, and also how it may be used by any third parties with access. This is where data governance comes in, but for it to work, many organizations need a culture change.

A Change in Culture

Fostering organizational support for data governance might require a change in organizational culture.

This is especially apparent in organizations that have only adopted the Data Governance 1.0 approach in which DG is siloed from the wider organization and viewed as an “IT-problem.” Such an approach denies data governance initiatives the business contexts needed to function in a data-driven organization.

Data governance is based primarily on three bodies of knowledge: the data dictionary, business glossary and data usage catalog. For these three bodies of knowledge to be complete, they need input from the wider business.

In fact, countless past cases of failed DG implementations can be attributed to organizations lacking organizational support for data governance.

For example, leaving IT to document and assemble a business glossary naturally leads to inconsistencies. In this case, IT departments are tasked with creating a business glossary for terms they often aren’t aware of, don’t understand the context of, or don’t recognize the applications or implications for.

This approach preemptively dooms the initiative, ruling out the value-adding benefits of mature data governance initiatives from the onset.

In erwin’s 2018 State of Data Governance Report, it found that IT departments continue to foot the bill for data governance at 40% of organizations. Budget for data governance comes from the audit and compliance function at 20% of organizations, while the business covers the bill at just 8% of the companies surveyed.

To avoid the aforementioned pitfalls, business leaders need to instill a culture of data governance throughout the organization. This means viewing DG as a strategic initiative and investing in it with inherent organizational and financial support as an on-going practice.

To that end, organizations tend to overvalue the things that can be measured and undervalue the things that cannot. Most organizations want to quantify the value of data governance. As part of a culture shift, organizations should develop a business case for an enterprise data governance initiative that includes calculations for ROI.

By limiting its investment to departmental budgets, data governance must contend with other departmental priorities. As a long-term initiative, it often will lose out to short-term gains.

Of course, this means business leaders need to be heavily invested and involved in data governance themselves – a pillar of data governance readiness in its own right.

Ideally, organizations should implement a collaborative data governance solution to facilitate the organization-wide effort needed to make DG work.

Collaborative in the sense of enabling inter-departmental collaboration so the whole organization’s data assets can be accounted for, but also  in the sense that it works with the other tools that make data governance effective and sustainable – e.g., enterprise architecture, data modeling and business process.

We call this all-encompassing approach to DG an ‘enterprise data governance experience’ or ‘EDGE.’ It’s the Data Governance 2.0 approach, made to reflect how data can be used within the modern enterprise for greater control, context, collaboration and value creation.

To determine your organization’s current state of data governance readiness, take the erwin DG RediChek.

To learn more about the erwin EDGE, reserve your seat for this webinar.

Take the DG RediChek

Categories
erwin Expert Blog

Five Pillars of Data Governance Readiness: Initiative Sponsorship

“Facebook at the center of global reckoning on data governance.” This headline from a March 19 article in The Wall Street Journal sums up where we are. With only two months until the General Data Protection Regulation (GDPR) goes into effect, we’re going to see more headlines about improper data governance (DG) – leading to major fines and tarnished brands.

Since the news of the Facebook data scandal broke, the company’s stock has dropped and Nordea, the largest bank in the Nordic region, put a stop to Facebook investments for three months because “we see that the risks related to governance around data protection may have been severely compromised,” it said in a statement.

Last week, we began discussing the five pillars of data governance readiness to ensure the data management foundation is in place for mitigating risks, as well as accomplishing other organizational goals. There can be no doubt that data governance is central to an organization’s customer relationships, reputation and financial results.

So today, we’re going to explore the first pillar of DG readiness: initiative sponsorship. Without initiative sponsorship, organizations will struggle to obtain the funding, resources, support and alignment necessary for successful implementation and subsequent performance.

A Common Roadblock

Data governance isn’t a one-off project with a defined endpoint. It’s an on-going initiative that requires active engagement from executives and business leaders. But unfortunately, the 2018 State of Data Governance Report finds lack of executive support to be the most common roadblock to implementing DG.

This is historical baggage. Traditional DG has been an isolated program housed within IT, and thus, constrained within that department’s budget and resources. More significantly, managing DG solely within IT prevented those in the organization with the most knowledge of and investment in the data from participating in the process.

This silo created problems ranging from a lack of context in data cataloging to poor data quality and a sub-par understanding of the data’s associated risks. Data Governance 2.0 addresses these issues by opening data governance to the whole organization.

Its collaborative approach ensures that those with the most significant stake in an organization’s data are intrinsically involved in discovering, understanding, governing and socializing it to produce the desired outcomes. In this era of data-driven business, C-level executives and department leaders are key stakeholders.

But they must be able to trust it and then collaborate based on their role-specific insights to make informed decisions about strategy, identify new opportunities, address redundancies and improve processes.

So, it all comes back to modern data governance: the ability to understand critical enterprise data within a business context, track its physical existence and lineage, and maximize its value while ensuring quality and security.

Initiative Sponsorship: Encouraging Executive Involvement

This week’s headlines about Facebook have certainly gotten Mark Zuckerberg’s attention, as there are calls for the CEO to appear before the U.S. Congress and British Parliament to answer for his company’s data handling – or mishandling as it is alleged.

Public embarrassment, Federal Trade Commission and GDPR fines, erosion of customer trust/loyalty, revenue loss and company devaluation are real risks when it comes to poor data management and governance practices. Facebook may have just elevated your case for implementing DG 2.0 and involving your executives.

Initiative Sponsorship Data Governance GDPR

Business heads and their teams, after all, are the ones who have the knowledge about the data – what it is, what it means, who and what processes use it and why, and what rules and policies should apply to it. Without their perspective and participation in data governance, the enterprise’s ability to intelligently lock down risks and enable growth will be seriously compromised.

Appropriately implemented – with business data stakeholders driving alignment between DG and strategic enterprise goals and IT handling the technical mechanics of data management – the door opens to trusting data and using it effectively.

Also, a chief data officer (CDO) can serve as the bridge between IT and the business to remove silos in the drive toward DG and subsequent whole-of-business outcomes. He or she would be the ultimate sponsor, leading the charge for the necessary funding, resources, and support for a successful, ongoing initiative.

Initiative Sponsorship with an ‘EDGE’

Once key business leaders understand and buy into the vital role they play in a Data Governance 2.0 strategy, the work of building the infrastructure enabling the workforce and processes to support actively governing data assets and their alignment to the business begins.

To find it, map it, make sure it’s under control, and promote it to appropriate personnel requires a technology- and business-enabling platform that covers the entire data governance lifecycle across all data producer and consumer roles.

The erwin EDGE delivers an ‘enterprise data governance experience’ to unify critical DG domains, use role-appropriate interfaces to bring together stakeholders and processes to support a culture committed to acknowledging data as the mission-critical asset that it is, and orchestrate the key mechanisms that are required to discover, fully understand, actively govern and effectively socialize and align data to the business.

To assess your organizations current data governance readiness, take the erwin DG RediChek.

To learn more about the erwin EDGE, reserve your seat for this webinar.

Take the DG RediChek

Categories
erwin Expert Blog

Data Governance Readiness: The Five Pillars

In light of the General Data Protection Regulation (GDPR) taking effect in just three months, an understanding of data governance readiness has become paramount. Organizations need to make sure they’re ready to meet the world’s most comprehensive data privacy law’s requirements:

  • Understanding all the systems in which personal data is located and all the interactions that touch it
  • Knowing the original instance of the data plus its entire lineage and how it’s handled across the complete ecosystem
  • Ensuring changes, purges or other customer requests are adhered to in a timely manner
  • Notifying customers of a data breach within 72 hours

GDPR becomes effective in an age of rapidly proliferating customer data. For organizations to meet its demands, data governance (DG) must become operational. Done right, it holds great promise not only for regulatory compliance but also for creating data-driven opportunities that drive innovation and greater value.

The 2018 State of Data Governance Report shows that customer trust/satisfaction, decision-making, reputation management, analytics and Big Data are the key drivers of data governance adoption, behind meeting regulatory obligations.

Data Governance Readiness: Data Governance Drivers

A Question of Approach

There’s no question data governance is important and should be the cornerstone of data management to both reduce risks and realize larger organizational results, such as increasing customer satisfaction, improving decision-making, enhancing operational efficiency and growing revenue. The question is how to implement DG, so it does all that.

The boom in data-driven business, as well as new regulatory pressures, have thrust DG into a new spotlight. But the historical approach to DG, being housed in IT siloed from the parties who could use it the most, won’t work in the age of digital power brands like Airbnb, Amazon and Uber.

Data governance done right requires the participation of the entire enterprise and should be measured and measurable in the context of the business. Fortunately, Data Governance 2.0 builds on the principle that everyone in the organization has a role in the initiative, which is ongoing.

IT handles the technical mechanics of data management, but data governance is everyone’s business with stakeholders outside IT responsible for aligning DG with strategic organizational goals.

This creates an environment in which data is treated as an organizational asset that must be inventoried and protected as any physical asset, but it also can be understood in context and shared to unleash greater potential.

The Pillars of Data Governance Readiness

If you accept that data governance is a must for understanding critical data within a business context, tracking its physical existence and lineage, and maximizing its security, quality and value, are you ready to implement it as an enterprise initiative?

We’ve identified what we believe to be the five pillars of data governance readiness.

  1. Initiative Sponsorship

Without executive sponsorship, you’ll have difficulty obtaining the funding, resources, support and alignment necessary for successful DG. 

  1. Organizational Support

DG needs to be integrated into the data stewardship teams and wider culture. It also requires funding.

  1. Team Resources

Most successful organizations have established a formal data management group at the enterprise level. As a foundational component of enterprise data management, DG would reside in such a group.

  1. Enterprise Data Management Methodology

DG is foundational to enterprise data management. Without the other essential components (e.g., metadata management, enterprise data architecture, data quality management), DG will be struggle.

  1. Delivery Capability

Successful and sustainable DG initiatives are supported by specialized tools, which are scoped as part of the DG initiative’s technical requirements.

We’re going to explore these pillars of data governance readiness in future blog posts and through a new, free app to help you build – or shore up – your data governance initiative. By applying them, you’ll establish a solid data governance foundation to achieve the desired outcomes, from limiting the risk of data exposures to growing revenue.

In the meantime, you might want to check out our latest white paper that focuses on the impending GDPR and how to increase DG expertise because no organization with even one customer in the EU is outside its grasp. Click here to get the white paper.

Data Governance and GDPR: GDPR and Your Business Whitepaper

Categories
erwin Expert Blog Data Governance

Data Governance & GDPR: How it Will Affect Your Business

If you’re a data professional, data governance and GDPR are likely at the top of your agenda right now.

Because if your organization exists within the European Union (EU) or trades with the EU, the General Data Protection Regulation (GDPR) will affect your operations.

Despite this fact, only 6% of organizations say they are “completely prepared” ahead of the mandate’s May 25 effective date, according to the 2018 State of Data Governance Report.

Perhaps some solace can be found in that 39% of those surveyed for the report indicate they are “somewhat prepared,” with 27% starting preparations.

But 11% indicate they are “not prepared at all,” and the most damning of revelations is that 17% of organizations believe GDPR does not affect them.

I’m afraid these folks and their organizations are misguided because any company in any industry is within GDPR’s reach. Even if only one EU citizen’s data is included within an organization’s database(s), compliance is mandatory.

So it’s important for organizations to understand exactly what they need to do before the deadline and the potential fines of up to €20 million or 4% of annual turnover, whichever is greater.

How Does GDPR Affect My Business

With the advent of any new regulation, it’s crucial that organizations know which elements of their organization are affected and what they need to do to stay compliant. Regarding the latter, the GDPR requires organizations to have a comprehensive and effective data governance strategy. In terms of the areas affected, organizations need to be aware of the following:

Personally Identifiable Information (PII)

GDPR introduces tighter regulations around the storage, management and transfer of PII. According to the GDPR, personal data is any information related to a person such as a name, a photo, an email address, bank details, updates on social networking websites, location details, medical information, or a computer IP address.

Personal data also comes in many forms and extends to the combination of different data elements that individually are not PII but contribute to PII status when consolidated.

Data governance allows organizations to more easily identify and classify PII and in turn, introduce appropriate measures to keep it safe.

Therefore, a good data governance solution should enable organizations to add and manage metadata – the data about data – regarding a unit of data’s sensitivity. It should also have strong data discoverability capabilities, and the ability to control access to data through user-based permissions.

Active Consent, Data Processing and the Right to Be Forgotten

GDPR also strengthens the conditions for consent, which must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it.​

Data subjects also have the right to obtain confirmation as to whether their personal data is being processed, where and for what purpose. The data controller must provide a copy of said personal data in an electronic format – free of charge. This change is a dramatic shift in data transparency and consumer empowerment.

The right to be forgotten entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.

The information and processes required to address these restrictions can be found in the metadata and managed via metadata management tools – a key facet of data governance. Better management of such metadata is key to optimizing an organization’s data processing capabilities. Without such optimization, compliance with the GDPR-granted “right to be forgotten” can become too complex to effictively manage.

Gartner Magic Quadrant

Documenting Compliance and Data Breaches

GDPR also looks to curb data breaches that have become more extensive and frequent in recent years. Data’s value has sky-rocketed, making data-driven businesses targets of cyber threats.

Organizations must document what data they have, where it resides, the controls in place to protect it, and the measures that will be taken to address mistakes/breaches. In fact, data breach notification is mandatory within 72 hours if that breach is likely to “result in risk for the rights and freedoms of individuals.”

A comprehensive data governance strategy encompasses and enables the documentation process outlined above. However, a data governance strategy decreases the likelihood of such breaches occurring as it provides organizations with greater insight as to which data should be more closely guarded.

Data Governance and GDPR Compliance

Based on the results of the State of DG Report referenced at the beginning of this post, organizations aren’t as GDPR-ready as they should be. But there’s still time to act.

Data governance and GDPR go hand in hand. A strong data governance program is critical to the data visibility and categorization needed for GDPR compliance. And it will help in assessing and prioritizing data risks and enable easier verification of compliance with GDPR auditors.

Data governance enables an organization to discover, understand, govern and socialize its data assets – not just within IT but across the entire organization. Not only does it encompass data’s current iteration but also its entire lineage and connections through the data ecosystem.

Understanding data lineage is absolutely necessary in the context of GDPR. Take the right to be forgotten, for example. Such compliance requires an organization to locate all an individual’s PII and any information that can be cross-referenced with other data points to become PII.

With the right data governance approach and supporting technology, organizations can ensure GDPR compliance with their current, as-is architecture and data assets – and ensure new data sources and/or changes to the to-be architecture incorporate the appropriate controls.

Stakeholders across the enterprise need to be GDPR aware and enabled so that compliance is built in at a cultural level.

For more information about increasing your expertise in relation to data governance and GDPR, download our guide to managing GDPR with data governance.

Data Governance, GDPR and Your Business

Categories
erwin Expert Blog

Understanding and Justifying Data Governance 2.0

In the past, justifying data governance was notoriously difficult. The siloed nature of Data Governance 1.0, and its lack of focus on adding value meant buy-in was low.

While housing data governance (DG) within IT might have made sense in its early stage, data and data governance has evolved.

Today, we generate a staggering 2.5 quintillion bytes of data per day. With growing regulatory demands and the opportunities of infonomics, data search and discovery from an IT silo aren’t enough.

Data governance as a practice, and the solutions that power it, must be part of an organization’s culture to ensure the people and departments that use data are involved in its discovery, understanding, governance and socialization for peak performance.

So, how do you go about justifying data governance as an enterprise-wide initiative?

Justifying Data Governance – The Roadblocks

First, we must look at the shortcomings of the Data Governance 1.0 approach that are clearly reflected in the 2018 State of Data Governance Report. The lack of executive support is cited as the most common roadblock to implementing data governance at 42%, with a lack of organizational support closely following at 39%.

For data-driven enterprises, executives arguably have the biggest stake in improving DG practices. Decisions surrounding strategic direction – e.g., emerging markets to target, insights into operational efficiency, performance of marketing campaigns – are best made with accurate data.

By implementing a sound data governance initiative, data availability and context improves so employees – from executives to the front line – can make better and faster decisions. Additionally, decisions will be made with more confidence, knowing the data can be trusted. As a result, there will be fewer risks, false starts and wasted budgets on projects doomed to fail because they were based on faulty premises.

The State of DG Report also found a lack of effective tools to be another roadblock to successfully implementing data governance. This is no surprise because they weren’t built with collaboration in mind.

As mentioned, the data produced by modern society – and business – is staggering, and it permeates the whole business. Furthermore, data regulations – such as GDPR – demand that organizations understand their data lineage, being able to show who has access to what.

Governing massive volumes of data and being able to demonstrate its lineage from department to department and employee to employee fundamentally requires a collaborative approach.

Another area in which Data Governance 1.0 fell short was in articulating a business case. Of the organizations surveyed for the State of DG Report, 27% say this as a roadblock to successful data governance.

Those frustrations are understandable, as DG 1.0 wasn’t conceived for proactively adding value. But DG 2.0 has opened significant opportunities for organizations to add value, so data governance is easier to justify as a means of identifying and implementing new ideas and improvements more quickly.

For example, financial services companies stand to generate $30 billion in extra revenue through better governance of their data.

Justifying Data Governance – A New Direction

Data Governance 2.0 ploughs through the roadblocks associated with old-school DG.

It takes an enterprise-wide approach to ensure data governance really works, meaning “data owners” and “data stakeholders” are involved in the cataloging process. Everyone benefits from having access to data in context to their roles with a better grasp of its history and lineage.

Of course, regulatory compliance is the main driver for revisiting or implementing a DG initiative. However, the benefits of data governance go well beyond GDPR compliance. Better data quality, context and lineage lead to greater customer satisfaction, improved decision-making and the ability to maintain or even enhance an organization’s reputation – all mentioned as reasons to implement DG in the State of DG Report.

Indeed, understanding and governing enterprise assets has become more important to the C-suite. And DG 2.0 presupposes that CTOs in addition to CFOs, CMOs and other business executives are involved in data management on a day-to day basis. Therefore, they have to be part of the initiative and enabled to share information for agile innovation and business transformation.

It’s clear this new, proactive take on data governance is catching on. The hyper-competitive nature of data-driven business demands it – with or without the threat of GDPR penalties.  Organizations reluctant or slow to adopt Data Governance 2.0 will be left behind.

To get the full State of DG Report, including survey results and insights, click here.

State of DG: Get the full report

Categories
erwin Expert Blog

State of DG: Shocking Number of Organizations Unprepared for GDPR, Is Yours?

The General Data Protection Regulation (GDPR) goes into effect in May, but a new study reveals that most organizations are overwhelmingly unprepared.

The State of Data Governance Report finds that only 6% of respondents consider themselves completely prepared for GDPR. That means a shocking 94% of the organizations surveyed are not ready for what is one of the most important data privacy and security regulations passed in recent years.

Failure to implement data governance (DG) to comply with GDPR will leave these organizations liable for fines of up to €20 million or 4% annual global turnover – whichever is greater.

But the news isn’t all bad; promising signs can be found. Although 46% of those surveyed indicate having “no formal strategy” in place for DG, 42% describe their data governance initiatives as a “work in progress.”

State of DG: Regulatory Compliance Driving Data Governance

Historically, data governance has left a lot to be desired. The value and ROI were insignificant to non-existent, and so executive buy-in and funding also has been low.

Business leaders usually left DG to their IT departments, but that created silos that cut off DG from it’s day to day “data owners” and “data stakeholders,” – in essence, everybody that uses data to drive business. With poor data discovery, lineage and context, data governance was largely abandoned or at least out of sight, out of mind.

Forty-two percent of the organizations participating in the State of DG Report survey indicate that lack of executive support is still a roadblock. But GDPR is spurring new interest in DG because companies must articulate what their data is, where it resides, what controls are in place to protect it, and the measures they will use to address mistakes/breaches.

An effective data governance initiative is critical for the data visibility and categorization needed to comply with GDPR. It also will help assess and prioritize data risks and enable easier verification of GDPR compliance to auditors.

Perhaps this is why 66% of those surveyed for the State of DG Report say understanding and governing enterprise assets has become more important or very important for their executives. And regulatory compliance is in fact the No. 1 driver for data governance.

State of DG: Implementing Data Governance for GDPR

It’s safe to say that organizations should be much further along with GDPR than they are.

The biggest challenge is to establish compliance with their current data architectures and then to build GDPR compliance into the processes for designing and deploying new data sources.

This requires visibility into the strategic roadmap and well-defined processes to govern new data deployments so that constant GDPR retrofits aren’t required.

Thankfully data governance has evolved from a siloed, IT-owned program primarily for data cataloging to support search and discovery. It has given way to proactive, enterprise-wide data governance to support regulatory compliance in addition to data-driven insights for achieving other organizational objectives.

Data Governance 2.0 understands that CTOs, CMOs and other C-level executives and business leaders across the enterprise are involved in data creation, management and use on a day-to-day basis. And GDPR compliance requires that all stakeholders be aware and empowered so that data governance is built in, and part of the culture.

By integrating data governance with enterprise architecture, business process and data modeling, you’ll have a GDPR compliance framework to:

  • Discover and harvest data assets
  • Classify data and create a GDPR inventory
  • Perform GDPR risk analysis
  • Define GDPR controls and standard operating procedures
  • Socialize and apply GDPR requirements across the organization
  • Implement GDPR controls into IT and business roadmaps for “compliance by design”
  • Prove compliance/respond to audits

Is your organization GDPR-ready?

Click here to get your State of DG Report to see how your organization compares to those we surveyed.

Of if you’d like to discuss how to improve your GDPR readiness with one of our solution specialists, click here.

State of DG: Get the full report

Categories
erwin Expert Blog Data Governance

The Top Five Data Governance Use Cases and Drivers

As the applications for data have grown, so too have the data governance use cases. And the legacy, IT-only approach to data governance, Data Governance 1.0, has made way for the collaborative, enterprise-wide Data Governance 2.0.

In addition to increasing data applications, Data Governance 1.0’s decline is being hastened by recurrent failings in its implementation. Leaving it to IT, with no input from the wider business, ignores the desired business outcomes and the opportunities to contribute to and speed their accomplishment. Lack of input from the departments that use the data also causes data quality and completeness to suffer.

So Data Governance 1.0 was destined to fail in yielding a significant return. But changing regulatory requirements and mega-disruptors effectively leveraging data has spawned new interest in making data governance work.

The 2018 State of Data Governance Report indicates that 98% of organizations consider data governance important. Furthermore, 66% of respondents say that understanding and governing enterprise assets has become more or very important for their executives.

Below, we consider the primary data governance use cases and drivers as outlined in this report.

The Top 5 Data Governance Use Cases

1. Changing Regulatory Requirements

Changing regulations are undoubtedly the biggest driver for data governance. The European Union’s General Data Protection Regulation (GDPR) will soon take effect, and it’s the first attempt at a near-global, uniform approach to regulating the way organizations use and store data.

Data governance is mandatory under the new law, and failure to comply will leave organizations liable for huge fines – up to €20 million or 4% of the company’s global annual turnover. For context, GDPR fines could wipe off two percentage points of revenue from Google parent company, Alphabet.

Although 60% of the organizations surveyed for the State of DG Report indicate that regulatory compliance is the key driver for implementing data governance, only 6% of enterprises are prepared for GDPR with less than four months to go.

But data governance use cases go beyond just compliance.

2. Customer Satisfaction

Another primary driver for data governance is improving customer satisfaction, with 49% of our survey respondents citing it.

A Data Governance 2.0 approach is paramount to this use case and should be strong justification to secure C-level buy-in. In fact, the correlation between effective data governance and customer satisfaction is clear. A 2017 report from Aberdeen Group shows that the user-base of organizations with more effective data governance programs are far happier with:

  • The business’ ability to share data (66% – Data Governance Leaders vs. 21% Data Governance followers)
  • Data systems’ ease of use (64% vs. 24%)
  • Speed of information delivery (61% vs. 18%)

3. Decision-Making

Another data governance use case as indicated by the State of DG Report is improved decision-making. Forty-five percent of respondents identify it as the third key driver, and for good reason.

Data governance success manifests itself as well-defined data that is consistent throughout the business, understood across departments, and used to pull the business in the desired direction. It also improves the quality of the data.

By moving data governance out of its IT silo, the employees responsible for business outcomes are part of its governance. This collaboration makes data both more discoverable, more insightful and more contextual.

The decision-making process becomes more efficient, as the velocity at which data can be interpreted increases. The organization can also better interpret and trust the information it is using to determine course.

4. Reputation Management

In the survey behind the State of DG Report, 30% of respondents name reputation management as a driver for DG’s implementation.

We’ve seen it time and time again with high-profile data breaches inflicting the likes of Equifax, Uber and Yahoo. All were met with costly PR fallout. For example, Equifax’s breach had a price tag of $90 million, as of November 2017.

So the discrepancy between the 60% who cite regulatory compliance as a key driver and the 30% who cite reputation management as DG drivers is interesting. One could argue they are the same; both call for data governance to help prevent or at least limit damaging breaches.

The difference might come down to smaller businesses that believe they have less brand equity to maintain. They, as well as some of their larger counterparts, have taken a reactionary approach to data governance. But GDPR should now encourage more proactive data governance across the board.

In terms of data governance use cases for managing the risk of data breaches, consider that data governance, at a fundamental level, is about knowing where your data is, who’s responsible for it, and what it is supposed to be used for.

This understanding enables organizations to focus security spending on the areas of highest risk. Thus, they can take a more cost-effective but thorough approach to risk management.

5. Analytics and Big Data

Analytics and Big Data also were identified as key drivers for data governance among 27% and 20% of respondents, respectively.

The need for data governance in these cases is largely driven by the amount of data businesses are now tasked with overseeing. In terms of volume, Big Data speaks for itself. Twenty-two percent of respondents in the State of DG Report manage more than 10 petabytes of data, which lines up closely with those who identify Big Data as a key driver.

However, the amount of data the average organization without a Big Data strategy consumes, stores and processes has climbed considerably in recent years.

Research indicates that 90% of the world’s data has been created just in the last two years. Globally, we generate 2.5 quintillion bytes a day. Other studies equate data’s value to that of oil, so clearly there’s a lot of value to be found.

However, the “three Vs of data” (volume, velocity, variety) tend to be positively correlated. When one increases, so do the other two. Higher volumes of data mean higher velocities of data that must be processed faster for worthwhile, valuable insights. It also means an increase in the data types – both structured and unstructured – which makes processing more difficult.

A Strong DG Foundation

A strong data governance foundation ensures data is more manageable, and therefore more valuable.

With Data Governance 2.0, data governance use cases shift from reactionary to proactive with a clear focus on business outcomes.

Although new regulations can be seen as bureaucratic and cumbersome, GDPR actually presents organizations with great opportunity – at least for those that choose to take the evolved Data Governance 2.0 path. They will benefit from an outcome-focused DG initiative that adds value beyond just regulatory compliance.

To learn more, download the complete State of Data Governance Report.

2020 Data Governance and Automation Report

Categories
erwin Expert Blog

9 Data Governance Blog Posts Every C-Level Exec and Data Professional Should Read

In response to growing interest about data governance (DG), we’ve compiled a list of the data governance blog posts from 2017 you have to read.

Data industry analysts, thought-leaders and commentators largely agree that DG will have a significant influence on 2018 data trends.

Whether in response to tighter regulations (see our GDPR series here) or greater competition in data-driven business, data governance is undergoing an evolution.

Businesses are being encouraged to de-silo data governance efforts, moving the responsibility away from just IT to a more collaborative, company-wide approach. The evolution is overdue, as the siloed nature of DG is largely accredited for the failure of Data Governance 1.0.

Leaving IT to deal with data governance on its own led to a lack of context, gaps and poor data quality because the cataloging of data elements wasn’t carried out by the people who actually use the data.

We believe the following data governance blog posts will help you catch up on everything DG, so you can transition your business from Data Governance 1.0 to Data Governance 2.0.

Top 9 Data Governance Blog Posts

 

Data Governance 2.0: Collaborative Data Governance

Data Governance 1.0 has been too isolated to be truly effective, and so a new, collaborative data governance approach is necessary.

 

What Is Data Governance?

Dataversity gives its take on the definition of data governance and outlines some of its benefits.

 

Data Governance: Your Engine for Driving Results

As organizations seek to unlock more value by implementing a wider analytics footprint across more business functions, data governance will guide their journeys.

 

Data Will Change the World, and We Must Get Its governance Right

The Guardian writes that while the opportunities presented by ever-growing data are abundant, so too are the threats.

 

An Agile Data Governance Foundation for Building the Data-Driven Enterprise

The data-driven enterprise is the cornerstone of modern business, and good data governance is a key enabler.

 

He Who Rules the Data, Rules The World: A Brief History of Data Governance

According to Forbes, data rules the world, but who rules the data? The companies that collect it? The servers that store it? The cables and satellites that transmit it? Or the laws that keep it flowing into the right hands—and away from the wrong ones?

 

The Top 6 Benefits of Data Governance

It’s important we recognize the benefits of data governance beyond General Data Protection Regulation (GDPR) compliance, and we compile them here.

 

The Secret to Data Governance Success

For many organizations just getting started with DG, implementation will be reactionary because of its mandatory status under (GDPR). As such, businesses might be tempted into doing the bare minimum to meet compliance standards. But done right, data governance is a key enabler for any data-driven business.

 

Data Governance and Risk Management

As data continues to be more deeply intertwined in our day-to-day lives, the associated risks are growing in number and severity. So there’s increasing scrutiny on organizations’ data governance practices – and for good reason.

 

Stay up to date with the latest in data governance by clicking here.

Data Governance Blog - Subscribe

Categories
erwin Expert Blog

Data Governance 2.0: Biggest Data Shakeups to Watch in 2018

This year we’ll see some huge changes in how we collect, store and use data, with Data Governance 2.0 at the epicenter. For many organizations, these changes will be reactive, as they have to adapt to new regulations. Others will use regulatory change as a catalyst to be proactive with their data. Ideally, you’ll want to be in the latter category.

Data-driven businesses and their relevant industries are experiencing unprecedented rates of change.

Not only has the amount of data exploded in recent years, we’re now seeing the amount of insights data provides increase too. In essence, we’re finding smaller units of data more useful, but also collecting more than ever before.

At present, data opportunities are seemingly boundless, and we’ve barely begun to scratch the surface. So here are some of the biggest data shakeups to expect in 2018.

2018 data governance 2.0

GDPR

The General Data Protection Regulation (GDPR) has organizations scrambling. Penalties for non-compliance go into immediate effect on May 25, with hefty fines – up to €20 million or 4 percent of the company’s global annual turnover, whichever is greater.

Although it’s a European mandate, the fact is that all organizations trading with Europe, not just those based within the continent, must comply. Because of this, we’re seeing a global effort to introduce new policies, procedures and systems to prepare on a scale we haven’t seen since Y2K.

It’s easy to view mandated change of this nature as a burden. But the change is well overdue – both from a regulatory and commercial point of view.

In terms of regulation, a globalized approach had to be introduced. Data doesn’t adhere to borders in the same way as physical materials, and conflicting standards within different states, countries and continents have made sufficient regulation difficult.

In terms of business, many organizations have stifled their digital transformation efforts to become data-driven, neglecting to properly govern the data that would enable it. GDPR requires a collaborative approach to data governance (DG), and when done right, will add value as well as achieve compliance.

Rise of Data Governance 2.0

Data Governance 1.0 has failed to gain a foothold because of its siloed, un-collaborative nature. It lacks focus on business outcomes, so business leaders have struggled to see the value in it. Therefore, IT has been responsible for cataloging data elements to support search and discovery, yet they rarely understand the data’s context due to being removed from the operational side of the business. This means data is often incomplete and of poor quality, making effective data-driven business impossible.

Company-wide responsibility for data governance, encouraged by the new standards of regulation, stand to fundamentally change the way businesses view data governance. Data Governance 2.0 and its collaborative approach will become the new normal, meaning those with the most to gain from data and its insights will be directly involved in its governance.

This means more buy-in from C-level executives, line managers, etc. It means greater accountability, as well as improved discoverability and traceability. Most of all, it means better data quality that leads to faster, better decisions made with more confidence.

Escalated Digital Transformation

Digital transformation and its prominence won’t diminish this year. In fact, thanks to Data Governance 2.0, digital transformation is poised to accelerate – not slow down.

Organizations that commit to data governance beyond just compliance will reap the rewards. With a stronger data governance foundation, organizations undergoing digital transformation will enjoy a number of significant benefits, including better decision making, greater operational efficiency, improved data understanding and lineage, greater data quality, and increased revenue.

Data-driven exemplars, such as Amazon, Airbnb and Uber, have enjoyed these benefits, using them to disrupt and then dominate their respective industries. But you don’t have to be Amazon-sized to achieve them. De-siloing DG and treating it as a strategic initiative is the first step to data-driven success.

Data as Valuable Asset

Data became more valuable than oil in 2017. Yet despite this assessment, many businesses neglect to treat their data as a prized asset. For context, the Industrial Revolution was powered by machinery that had to be well-maintained to function properly, as downtime would result in loss. Such machinery adds value to a business, so it is inherently valuable.

Fast forward to 2018 with data at center stage. Because data is the value driver, the data itself is valuable. Just because it doesn’t have a physical presence doesn’t mean it is any less important than physical assets. So businesses will need to change how they perceive their data, and this is the year in which this thinking is likely to change.

DG-Enabled AI and IoT

Artificial Intelligence (AI) and the Internet of Things (IoT) aren’t new concepts. However, they’re yet to be fully realized with businesses still competing to carve a slice out of these markets.

As the two continue to expand, they will hypercharge the already accelerating volume of data – specifically unstructured data – to almost unfathomable levels. The three Vs of data tend to escalate in unison. As the volume increases, so does the velocity and speed at which data must be processed. The variety of data – mostly unstructured in these cases – also increases, so to manage it, businesses will need to put effective data governance in place.

Alongside strong data governance practices, more and more businesses will turn to NoSQL databases to manage diverse data types.

For more best practices in business and IT alignment, and successfully implementing Data Governance 2.0, click here.

Data governance is everyone's business

Categories
erwin Expert Blog

Data Governance 2.0 for Financial Services

The tempo of change for data-driven business is increasing, with the financial services industry under particular pressure. For banks, credit card, insurance, mortgage companies and the like, data governance must be done right.

Consumer trust is waning across the board, and after several high-profile data breaches, trust in the way in which organizations handle and process data is lower still.

Equifax suffered 2017’s largest breach and the fifth largest in history. The subsequent plummet in stock value should have sent a stark warning to other financial service organizations. As of November, the credit bureau reported $87.5 million in expenses following the breach, and the PR fallout plummeted profits by 27 percent.

But it could be said that Equifax was lucky. If the breach had occurred following the implementation of the General Data Protection Regulation (GDPR), it also would have been hit with hefty sanctions. Come May of 2018, fines for GDPR noncompliance will reach an upper limit of €20 million or 4 percent of annual turnover – whichever is greater.

Data governance’s purpose – knowing where your data is and who is accountable for it – is a critical factor in preventing such breaches. It’s also a prerequisite for compliance as organizations need to demonstrate they have taken reasonable precautions in governing.

Equifax’s situation clearly implies that financial services organizations need to review and improve their data governance. As a concept, data governance for regulatory compliance is widely understood. Such regulations were introduced a decade ago in response to the financial crisis.

However, data governance’s role goes far beyond just preventing data breaches and meeting compliance standards.

Data Governance 2.0 for Financial Services

Data governance has struggled to gain a foothold because the value-adds have been unclear and largely untested. After new regulations for DG were introduced for the financial services industry, most organizations didn’t bother implementing company-wide approaches, instead opting to leave it as an IT-managed program.

So IT was responsible for cataloging data elements to support search and discovery, yet they rarely knew which bits of data were related or important to the wider business. This resulted in poor data quality and completeness, and left data and its governance siloed so data-driven business was hard to do.

Now data-driven business is more common – truly data-driven business with data at the core of strategy. The precedent has been set thanks to Airbnb, Amazon and Uber being some of the first businesses to use data to turn their respective markets on their heads.

These businesses don’t just use data to target new customers, they use data to help dictate strategy, find new gaps in the market, and highlight areas for performance improvement.

With that in mind, there’s a lot the financial services industry can learn and apply. FinTech start-ups continue to shake up the sector, and although the financial services industry is a more difficult industry to topple, traditional financial organizations need to innovate to stay competitive.

Alongside compliance, the aforementioned purpose of DG – knowing where data is stored and who is accountable for it – is also a critical factor in fostering agility, squashing times to market, and improving overall business efficiency, especially in the financial services industry.

In fact, the biggest advantage of data governance for financial services is making quality and reliable data readily available to the right people, so the right decisions can be made faster. Good DG also helps these companies better capitalize on revenue opportunities, solve customer issues, and identify fraud while improving the standard for reporting on such data.

These benefits are especially important within financial services because their big decisions have big financial impacts. To make such decisions, they need to trust that the data they use is sound and efficiently traceable.

Such data accountability is paramount. To achieve it, organizations must move away from the old, ineffective Data Governance 1.0 approach to the collaborative, outcome-driven Data Governance 2.0.

This means introducing data governance to the wider business, not just leaving it to IT. It means line-of-business managers and C-level executives take leading roles in data governance. But most importantly, it means a more efficient approach to data-driven business for increased revenue. A BCG study implies that financial services could be leaving up to $30 billion on the table.

Although the temptation to just meet regulatory compliance might be strong, the financial services industry clearly has a lot to gain from taking the extra step. Therefore, new regulations don’t have to be seen as a burden but as a catalyst for greater, proactive and forward-thinking change.

For more best practices in business and IT alignment, and successfully implementing data governance, click here.

Data governance is everyone's business