Categories
erwin Expert Blog

What’s the State of Data Governance and Empowerment in 2021?

erwin by Quest just released the “2021 State of Data Governance and Empowerment” report. Building on prior research, we worked with Enterprise Strategy Group (ESG) to understand how organizations are defining, adopting and prioritizing data governance, as well as examine the current drivers and challenges of governing data through its lifecycle and integration points.

It’s safe to say that the world looks a lot different than it did just 15 months ago. Today, data needs to fuel rapid decisions that make an organization more effective, customer-centric and competitive. That was true before COVID-19, and it’s even more important in the face of the radical disruption it’s caused.

As a matter of fact, according to the report, 84% of organizations believe their data represents the best opportunity for gaining a competitive advantage during the next 12 to 24 months.

This past year also saw a major shift as the silos between data governance, data operations and data protection diminished, with enterprises seeking to understand their data and the systems they use and secure to empower smarter decision-making.

Highlighting this shift, 82% of organizations have mostly, if not completely, aligned their data governance and data protection strategies, with 55% of survey respondents citing “data protection” as the term they most closely associate with data governance. Additionally, 85% monitor their databases and other data systems as part of their data governance programs. Furthermore, nearly three-quarters reported a need to dramatically improve data infrastructure.

Data Governance Strategy

What else did we learn?

Data Governance Definition Varies

There is still no consensus on how to define data governance. When asked for a definition, the two most popular responses were:

  • Building a set of policies that governs data.
  • Ensuring data usage follows defined rules.

While neither of these answers are wrong, they continue to illustrate that there’s no standard definition.

At erwin, we define data governance as helping organizations establish a sound yet flexible framework for awareness of and access to available data assets, guidance on their use, and guardrails to ensure data policies and best practices are followed.

A New Level of Maturity

When asked “how mature is your data governance program/what stage are you in,” 42% of organizations said they’ve fully implemented data governance.

That’s in sharp contrast to our last study that showed 38% of data governance programs were a work in progress and 31% were just getting started.

So it appears that enterprise data governance programs have indeed reached a new level of maturity, but the majority (58%) say their data governance programs are evolving. However, if we’ve learned anything, isn’t it that data governance is an ever-evolving, ever-changing tenet of modern business?

Key Bottlenecks and Challenges

We explored the bottlenecks and issues causing delays across the entire data value chain.

Thematically “data quality” is at the heart desired data governance outcomes, challenges and bottlenecks, pointing to its overall importance.

Finding, identifying and harvesting data assets, the performance of systems where data is stored, documenting end-to-end data lineage, and visibility into mechanisms to protect data round out the top five bottlenecks to achieving optimal data value.

These are largely consistent with what we learned in our last study, with data system performance and protection making their debut this year as highly relevant problems to address.

With regard to challenges, respondents cite data quality and accuracy, skills shortages/gaps, cost, cultural change and operationalizing data governance – making it a working reality as opposed to a concept – as the top issues to address in maximizing data governance ROI.

Interestingly, 5% said they have no challenges – wouldn’t we like them to share their rose-colored glasses data governance glasses?

Other Key Findings

The report has a lot to unpack, but here is a snapshot of some other key findings:

Time is a major factor.

  • Data stewards still spend too much time on data-related activities, including analyzing (23%), protecting (23%) and searching for data (20%).
  • It takes most business users (e.g., developers, analysts, data scientists) one to two business days to receive the data they request from IT.

More automation opportunities exist.

  • While 42% of organizations have some mix of manual and automated processes, 93% say there’s room to incorporate more automation into their data operations.
  • In line with ensuring trust in data, data quality (27%), data integration (17%), and data preparation (14%) are the three data operations automated the most.

Self-service done right is a game-changer.

  • 93% of organizations have already or plan to leverage self-service in provisioning data, showing that self-service is more important than ever.
  • Seven out of 10 respondents report their organizations’ self-service data provisioning enablement has had a significant business impact.

The Path to Data Empowerment

The report validates Quest’s newly launched Data Empowerment strategy and platform that bridges the gaps between data infrastructure, security and governance initiatives to mitigate risk and unleash more value from data.

Data governance provides visibility, automation, governance and collaboration for data democratization.

As part of a Data Empowerment platform — data governance puts real-time, relevant, role-based data in context in the hands of users to optimize the enterprise data capability.

So with these solutions working in concert, you can ensure the availability of secure, high-quality data to empower everyone in your organization to be more successful – that’s a win-win for employees and the organization in accomplishing its mission.

Click here to download a free copy of the “2021 State of Data Governance and Empowerment” report.

And join us for the Quest Data Empowerment Summit this week, May 18-20. It includes three unique tracks —Data OperationsData Protection and Data Governance — with sessions about the latest trends, best practices and technologies to align these critical areas and close the gaps between your front and back office.

Categories
erwin Expert Blog Data Governance

Data Governance Maturity and Tracking Progress

Data governance is best defined as the strategic, ongoing and collaborative processes involved in managing data’s access, availability, usability, quality and security in line with established internal policies and relevant data regulations.

erwin recently hosted the third in its six-part webinar series on the practice of data governance and how to proactively deal with its complexities. Led by Frank Pörschmann of iDIGMA GmbH, an IT industry veteran and data governance strategist, this latest webinar focused on “Data Governance Maturity & Tracking Progress.”

The webinar looked at how to gauge the maturity and progress of data governance programs and why it is important for both IT and the business to be able to measure success

Data Governance Is Business Transformation

Data governance is about how an organization uses its data. That includes how it creates or collects data, as well as how its data is stored and accessed. It ensures that the right data of the right quality, regardless of where it is stored or what format it is stored in, is available for use – but only by the right people and for the right purpose.

Quite simply, data governance is business transformation, as Mr. Pörschmann highlights in the webinar. Meaning that it is a complex system that changes from one stable state into another stable state.

The basic principles of transformation are:

  • Complexity
  • Predictability
  • Synchronicity

However, the practice of data governance is a relatively new discipline that is still evolving. And while its effects will be felt throughout the entire organization, the weight of its impact will be felt differently across the business.

“You have to deal with this ambiguity and it’s volatile,” said Mr. Pörschmann. “Some business units benefit more from data governance than others, and some business units have to invest more energy and resources into the change than others.”

Maturity Levels

Data governance maturity includes the ability to rely on automated and repeatable processes, which ultimately helps to increase productivity. While it has gained traction over the past few years, many organizations are still formalizing it as a practice.

Implementing a data governance initiative can be tricky, so it is important to have clear goals for what you want it to achieve.

According to Mr. Pörschman, there are six levels of maturity with one being the lowest.

  1. Aware: Partial awareness of data governance but not yet started
  2. Initiated: Some ad-hoc data governance initiatives
  3. Acknowledged: An official acknowledgement of data governance from executive management with budget allocated
  4. Managed: Dedicated resources, managed and adjusted with KPIs
  5. Monitored: Dedicated resources and performance monitoring
  6. Enhanced: Data managed equally

For a fully mature or “enhanced” data governance program, IT and the business need to take responsibility for selling the benefits of data governance across the enterprise and ensure all stakeholders are properly educated about it. However, IT may have to go it alone, at least initially, educating the business on the risks and rewards, as well as the expectations and accountabilities in implementing it.

To move data governance to the next level, organizations need to discover, understand, govern and socialize data assets. Appropriately implemented — with business stakeholders driving alignment between data governance and strategic enterprise goals and IT handling the technical mechanics of data management — the door opens to trusting data, planning for change, and putting it to work for peak organizational performance.

The Medici Maturity Approach

In a rush to implement a data governance methodology and system, you can forget that a system must serve a process – and be governed/controlled by one.

To choose the correct system and implement it effectively and efficiently, you must know – in every detail – all the processes it will impact, how it will impact them, who needs to be involved and when.

Business, data governance and data leaders want a methodology that is lean, scalable and lightweight. This model has been dubbed the Medici maturity model – named after Romina Medici, head of data management and governance for global energy provider E.ON.

Ms. Medici found that the approaches on the market did not cover transformation challenges, and only a few addressed the operational data management disciplines. Her research also found that it doesn’t make sense to look at your functional disciplines unless you already have a minimum maturity (aware plus initiated levels).

People, process, technology and governance structure are on the one side of the axis with functional data management disciplines on the other.

The Medici Maturity Approach is a data governance methodology.

Mr. Pörschman then shared the “Data Maturity Canvas” that incorporates core dimensions, maturity levels and execution disciplines. The first time you run this, you can define the target situation, all the actions needed, and the next best actions.

This methodology gives you a view of the four areas, people, process, technology and governance, so you can link your findings across them. It is an easy method that you can run for different purposes including:

  • Initial assessment
  • Designing a data governance program
  • Monitoring a whole program
  • Beginning strategy processes
  • Benchmarking

Data governance can be many things to many people. Before starting, decide what your primary objectives are: to enable better decision-making or to help you meet compliance objectives. Or are you looking to reduce data management costs and improve data quality through formal, repeatable processes? Whatever your motivation, you need to identify it first and foremost to get a grip on data governance.

Click here to read our success story on how E.ON used erwin Data Intelligence for its digital transformation and innovation efforts.

Register for the fifth webinar in this series “Transparency in Data Governance – Data Catalogs & Business Glossaries” which takes place on April 27. This webinar will discuss how to answer critical questions through data catalogs and business glossaries, powered by effective metadata management. You’ll also see a demo of the erwin Data Intelligence Suite  that includes both data catalog, business glossary and metadata-driven automation.

[blog-cta header=”erwin Data Intelligence” body=”Click here to request a demo of erwin Data Intelligence by Quest.” button=”Request Demo” button_link=”https://s38605.p1254.sites.pressdns.com/erwin-data-intelligence-free-demo/” image=”https://s38605.p1254.sites.pressdns.com/wp-content/uploads/2018/11/iStock-914789708.jpg” ]

Categories
erwin Expert Blog Data Governance

How Data Governance Protects Sensitive Data

 

Data governance reduces the risk of sensitive data.

Organizations are managing more data than ever. In fact, the global datasphere is projected to reach 175 zettabytes by 2025, according to IDC.

With more companies increasingly migrating their data to the cloud to ensure availability and scalability, the risks associated with data management and protection also are growing.

How can companies protect their enterprise data assets, while also ensuring their availability to stewards and consumers while minimizing costs and meeting data privacy requirements?

Data Security Starts with Data Governance

Lack of a solid data governance foundation increases the risk of data-security incidents. An assessment of the data breaches that crop up like weeds each year supports the conclusion that companies, absent data governance, wind up building security architectures strictly from a technical perspective.

Given that every company has in its possession important information about and relationships with people based on the private data they provide, every business should understand the related risks and protect against them under the banner of data governance—and avoid the costs and reputation damage that data breaches can inflict more intelligently and better. That’s especially true as the data-driven enterprise momentum grows along with self-service analytics that enable users to have greater access to information, often using it without IT’s knowledge.

Indeed, with nearly everyone in the enterprise involved either in maintaining or using the company’s data, it only makes sense that both business and IT begin to work together to discover, understand, govern and socialize those assets. This should come as part of a data governance plan that emphasizes making all stakeholders responsible not only for enhancing data for business benefit, but also for reducing the risks that unfettered access to and use of it can pose.

With data catalog and literacy capabilities, you provide the context to keep relevant data private and secure – the assets available, their locations, the relationships between them, associated systems and processes, authorized users and guidelines for usage.

Without data governance, organizations lack the ability to connect the dots across data governance, security and privacy – and to act accordingly. So they can’t answer these fundamental questions:

  • What data do we have and where is it now?
  • Where did it come from and how has it changed?
  • Is it sensitive data or are there any risks associated with it?
  • Who is authorized to use it and how?

When an organization knows what data it has, it can define that data’s business purpose. And knowing the business purpose translates into actively governing personal data against potential privacy and security violations.

Do You Know Where Your Sensitive Data Is?

Data is a valuable asset used to operate, manage and grow a business. While sometimes at rest in databases, data lakes and data warehouses; a large percentage is federated and integrated across the enterprise, management and governance issues that must be addressed.

Knowing where sensitive data is located and properly governing it with policy rules, impact analysis and lineage views is critical for risk management, data audits and regulatory compliance.

For example, understanding and protecting sensitive data is especially critical for complying with privacy regulations like the European Union’s General Data Protection Regulation (GDPR).

The demands GDPR places on organizations are all-encompassing. Protecting what traditionally has been considered personally identifiable information (PII) — people’s names, addresses, government identification numbers and so forth — that a business collects, and hosts is just the beginning of GDPR mandates. Personal data now means anything collected or stored that can be linked to an individual (right down to IP addresses), and the term doesn’t only apply to individual pieces of information but also to how they may be combined in revealing relationships. And it isn’t just about protecting the data your business gathers, processes and stores but also any data it may leverage from third-party sources.

When key data isn’t discovered, harvested, cataloged, defined and standardized as part of integration processes, audits may be flawed putting your organization at risk.

Sensitive data – at rest or in motion – that exists in various forms across multiple systems must be automatically tagged, its lineage automatically documented, and its flows depicted so that it is easily found, and its usage easily traced across workflows.

Fortunately, tools are available to help automate the scanning, detection and tagging of sensitive data by:

  • Monitoring and controlling sensitive data: Better visibility and control across the enterprise to identify data security threats and reduce associated risks
  • Enriching business data elements for sensitive data discovery: Comprehensive mechanism to define business data element for PII, PHI and PCI across database systems, cloud and Big Data stores to easily identify sensitive data based on a set of algorithms and data patterns
  • Providing metadata and value-based analysis: Discovery and classification of sensitive data based on metadata and data value patterns and algorithms. Organizations can define business data elements and rules to identify and locate sensitive data including PII, PHI, PCI and other sensitive information.

Minimizing Risk Exposure with Data Intelligence

Organizations suffering data losses won’t benefit from the money spent on security technologies nor the time invested in developing data privacy classifications if they can’t get a handle on how they handle their data.

They also may face heavy fines and other penalties – not to mention bad PR.

Don’t let that happen to your organization.

A well-formed security architecture that is driven by and aligned by data intelligence is your best defense. Being prepared means you can minimize your risk exposure.

With erwin Data Intelligence by Quest, you’ll have an unfettered view of where sensitive data resides with the ability to seamlessly apply privacy rules and create access privileges.

Additionally, with Quest’s acquisition of erwin comes the abilities to mask, encrypt, redact and audit sensitive data for an automated and comprehensive solution to resolve sensitive-data issues.

When an organization knows what data it has, it can define that data’s business purpose. And knowing the business purpose translates into actively governing personal data against potential privacy and security violations.

From risk management and regulatory compliance to innovation and digital transformation, you need data intelligence. With erwin by Quest, you will know your data so you can fully realize its business benefits.

[blog-cta header=”erwin Data Intelligence” body=”Click here to request a demo of erwin Data Intelligence by Quest.” button=”Request Demo” button_link=”https://s38605.p1254.sites.pressdns.com/erwin-data-intelligence-free-demo/” image=”https://s38605.p1254.sites.pressdns.com/wp-content/uploads/2018/11/iStock-914789708.jpg” ]

Categories
erwin Expert Blog Data Governance

The Value of Data Governance and How to Quantify It

erwin recently hosted the second in its six-part webinar series on the practice of data governance and how to proactively deal with its complexities. Led by Frank Pörschmann of iDIGMA GmbH, an IT industry veteran and data governance strategist, the second webinar focused on “The Value of Data Governance & How to Quantify It.”

As Mr. Pörschmann highlighted at the beginning of the series, data governance works best when it is strongly aligned with the drivers, motivations and goals of the business.

The business drivers and motivation should be the starting point for any data governance initiative. If there is no clear end goal in sight, it will be difficult to get stakeholders on board. And with many competing projects and activities vying for people’s time, it must be clear to people why choosing data governance activities will have a direct benefit to them.

“Usually we talk about benefits which are rather qualitative measures, but what we need for decision-making processes are values,” Pörschmann says. “We need quantifiable results or expected results that are fact-based. And the interesting thing with data governance, it seems to be easier for organizations and teams to state the expected benefits.”

The Data Governance Productivity Matrix

In terms of quantifying data governance, Pörschmann cites the productivity matrix as a relatively simple way to calculate real numbers. He says, “the basic assumption is if an organization equips their managers with the appropriate capabilities and instruments, then it’s management’s obligation to realize productivity potential over time.”

According to IDC, professionals who work with data spend 80 percent of their time looking for and preparing data and only 20 percent of their time on analytics.

Specifically, 80 percent of data professionals’ time is spent on data discovery, preparation and protection, and only 20 percent on analysis leading to insights.

Data governance maturity includes the ability to rely on automated and repeatable processes, which ultimately helps to increase productivity.

For example, automatically importing mappings from developers’ Excel sheets, flat files, Access and ETL tools into a comprehensive mappings inventory, complete with automatically generated and meaningful documentation of the mappings, is a powerful way to support governance while providing real insight into data movement — for data lineage and impact analysis — without interrupting system developers’ normal work methods.

When data movement has been tracked and version-controlled, it’s possible to conduct data archeology — that is, reverse-engineering code from existing XML within the ETL layer — to uncover what has happened in the past and incorporating it into a mapping manager for fast and accurate recovery.

With automation, data professionals can meet the above needs at a fraction of the cost of the traditional, manual way. To summarize, just some of the benefits of data automation are:

  • Centralized and standardized code management with all automation templates stored in a governed repository
  • Better quality code and minimized rework
  • Business-driven data movement and transformation specifications
  • Superior data movement job designs based on best practices
  • Greater agility and faster time to value in data preparation, deployment and governance
  • Cross-platform support of scripting languages and data movement technologies

For example, one global pharmaceutical giant reduced cost by 70 percent and generated 95 percent of production code with “zero touch.” With automation, the company improved the time to business value and significantly reduced the costly re-work associated with error-prone manual processes.

Risk Management and Regulatory Compliance

Risk management, specifically around regulatory compliance, is an important use case to demonstrate the true value of data governance.

According to Pörschmann, risk management asks two main questions.

  1. How likely is a specific event to happen?
  2. What is the impact or damage if this event happens? (e.g.m, cost of repair, cost of reputation, etc.)

“You have to understand the concept or thinking of risk officers or the risk teams,” he says. The risk teams are process-oriented, and they understand how to calculate and how to cover IT risks. But to be successful in communicating data risks with the risk management team, you need to understand how your risk teams are thinking in terms of the risk matrix.

Take the European Union’s General Data Protection Regulation (GDPR) as an example of a data cost. Your team needs to ask, “what is the likelihood that we will fail on data-based activities related to GDPR?” And then ask, “what can we do from the data side to reduce the impact or the total damage?”

But it’s not easy to design and deploy compliance in an environment that’s not well understood and difficult in which to maneuver. Data governance enables organizations to plan and document how they will discover and understand their data within context, track its physical existence and lineage, and maximize its security, quality and value.

With the right technology, organizations can automate and accelerate regulatory compliance in five steps:

  1. Catalog systems. Harvest, enrich/transform and catalog data from a wide array of sources to enable any stakeholder to see the interrelationships of data assets across the organization.
  2. Govern PII “at rest”. Classify, flag and socialize the use and governance of personally identifiable information regardless of where it is stored.
  3. Govern PII “in motion”. Scan, catalog and map personally identifiable information to understand how it moves inside and outside the organization and how it changes along the way.
  4. Manage policies and rules. Govern business terminology in addition to data policies and rules, depicting relationships to physical data catalogs and the applications that use them with lineage and impact analysis views.
  5. Strengthen data security. Identify regulatory risks and guide the fortification of network and encryption security standards and policies by understanding where all personally identifiable information is stored, processed and used.

It’s also important to understand that the benefits of data governance don’t stop with regulatory compliance.

A better understanding of what data you have, where it’s stored and the history of its use and access isn’t only beneficial in fending off non-compliance repercussions. In fact, such an understanding is arguably better put to use proactively.

Data governance improves data quality standards, it enables better decision-making and ensures businesses can have more confidence in the data informing those decisions.

[blog-cta header=”erwin DG Webinar Series” body=”Register now for the March 30 webinar ‘Data Governance Maturity & Tracking Progress.'” button=”Register Now” button_link=”https://register.gotowebinar.com/register/8531817018173466635″ image=”https://s38605.p1254.sites.pressdns.com/wp-content/uploads/2018/11/iStock-914789708.jpg” ]

Categories
erwin Expert Blog Data Governance

Top Data Management Trends for Chief Data Officers (CDOs)

Chief Data Officer (CDOs) 2021 Study

The role of chief data officer (CDO) is becoming essential at forward-thinking organizations — especially those in financial services — according to “The Evolving Role of the CDO at Financial Organizations: 2021 Chief Data Officer (CDO) Study” just released by FIMA and sponsored by erwin.

The e-guide takes a deep dive into the evolving role of CDOs at financial organizations, tapping into the minds of 100+ financial global financial leaders and C-suite executives to look at the latest trends and provide a roadmap for developing an offensive data management strategy.

Data Governance Is Not Just About Compliance

Interestingly, the report found that 45% of respondents say compliance is now handled so well that it is no longer the top driver for data governance, while 38% say they have fully realized a “governance 2.0” model in which the majority of their compliance concerns are fully automated.”

Chief data officers and other data professionals have taken significant steps toward a data governance model that doesn’t just safeguard data but also drives business improvements.

erwin also found this to be the case as revealed in our 2020 “State of Data Governance and Automation” report.

However, while compliance is no longer the top driver of data governance, it still requires a significant investment. According to the CDO report, 88% of organizations devote 40% or more of their data practice’s operating budget to compliance activities.

COVID’s Impact on Data Management

FIMA also looked at 2020 and the pandemic’s impact on data management.

Some financial organizations that were approaching a significant level of data management maturity had to put their initiatives on hold to address more immediate issues. But it led some sectors to innovate, moving processes that were once manual to the digital realm.

The research team asked respondents to describe how their data practices were impacted by the need to adapt to changes in the work environment created by COVID-19. “Overall, most respondents said they avoided any catastrophic impact on their data operations. Most of these respondents note the fact that they had been updating their tools and programs ahead of time to prepare for such risks, and those investments inevitably paid off.”

The respondents who did note that the pandemic caused a disruption repeatedly said that they nonetheless managed to “keep everything in check.” As one CIO at an investment bank puts it, “Data practices became more precise and everyone got more conscious as the pandemic reached its first peak. Key programs have been kept in check and have been restarted securely.”

What Keeps CDOs Up at Night

Financial services organizations are usually at the forefront of data management and governance because they operate in such a heavily regulated environment. So it’s worth knowing what’s on those data executives’ minds, even if your organization is in another sector.

For example, the FIMA study indicates that:

  • 70% of CDOs say risk data aggregation is a primary regulatory concern within the IT departments.
  • Compliance is secondary to overall business improvement, but 88% of organizations devote 40%+ of their data practice’s operating budget to it.
  • Lack of downstream visibility into data consumption (69%) and unclear data provenance and tagging information (65%) are significant challenges.
  • They struggle to apply metadata.
  • Manual processes remain.

The e-guide discusses how data executives must not only secure data and meet rigorous data requirements but also find ways to create new business value with it.

All CDOs and other data professionals likely must deal with the challenges mentioned above – plus improve customer outcomes and boost profitability.

Both mitigating risk and unleashing potential is possible with the right tools, including data catalog, data literacy and metadata-driven automation capabilities for data governance and any other data-centric use case.

Harmonizing Data Management and Data Governance Processes

With erwin Data Intelligence by Quest, your organization can harness and activate your data in a single, unified catalog and then make it available to your data communities in context and in line with business requirements.

The solution harmonizes data management and governance processes to fuel an automated, real-time, high-quality data pipeline enterprise stakeholders can tap into for the information they need to achieve results. Such data intelligence leads to faster, smarter decisions to improve overall organizational performance.

Data is governed properly throughout its lifecycle, meeting both offensive and defensive data management needs. erwin Data Intelligence provides total data visibility, end-to-end data lineage and provenance.

To download the full “The Evolving Role of the CDO at Financial Organizations: 2021 Chief Data Officer (CDO) Study,” please visit: https://go.erwin.com/the-evolving-role-of-the-cdo-at-financial-organizations-report.

[blog-cta header=”Free trial of erwin Data Intelligence” body=”Improve enterprise data access, literacy and knowledge to support data governance, digital transformation and other critical initiatives.” button=”Start Free Demo” button_link=”https://s38605.p1254.sites.pressdns.com/erwin-data-intelligence-free-demo/” image=”https://s38605.p1254.sites.pressdns.com/wp-content/uploads/2018/11/iStock-914789708.jpg” ]