7 Stages for Effective Data Governance
Data Governance provides the framework for the intersection of IT and business working together to establish confidence and credibility in the enterprise's information.
Executive Summary
Data governance is not just a collection of ad-hoc data quality projects, but the development and integration of a set of rules - policies, guidelines, and standards - for managing the corporation's data. It is implemented by a data governance management team of information technology and business associates who are unified by a common goal to ensure that:
- data is what it is supposed to be (Data Quality)
- data is in the correct context (Data Integrity)
- data and its associated metadata are accessible (Data Usability)
The data governance structure is formed to ensure that authority to manage data is properly delegated from the senior-most levels, and that parties are held accountable for executing governance policies as required by their respective mandates.
This authorization, in turn, is accomplished by instituting processes to understand the cause and effect of poor data in an organization. Then solutions can be developed to correct the problem and a means for monitoring and evaluating the implementation of these solutions can be adopted.
The Data Governance Maturity Model
There are several important elements for successfully implementing a data governance program:
- a team structure that encourages commitment, cooperation, and accountability
- an understanding of the differences between and benefits of data governance
- and master data management
- experience
- funding
- a plan or framework
We don't have the space to describe all of the important elements here, so we'll focus on the last - and most important - element: a plan or framework. This is also called the data governance maturity model.
Just as there is a capability maturity model for software development processes, there is also a maturity model for data governance. If you start your program by understanding and adhering to the spirit of this model, you greatly increase your program's chances of success.
In the data governance maturity model, seven layers of maturity define the growth cycle and associated benefits that can be attained by organizations as they embrace the principles, policies, procedures, and standards of a well defined data governance program. A pictorial representation of the model is shown in Figure 1. Each stage of the data governance maturity model is described on the pages that follow.
When learning about each stage, it may be helpful to know that stages 1 through 3 require an average of two years to fully implement. The remaining four stages are totally dependant on the organization and situational factors, such as merger and acquisition activity, changes in executive management, and the willingness of management to embrace data governance.
A firm's ability to reach the final stage - stage 7 - does not rely on tasks or procedures that were put in place in prior stages. Rather, the ability to reach stage 7 depends on the organization's overall adaptation to data governance.
Stage 1: Strategy and Framework
STRATEGY. The implementing organization starts by identifying data issues, their causes and effects, and methods to solve the issues. To do this, in stage 1 a charter is developed, which states how the data governance team will develop and deploy integrated business and technical support policies, guidelines, and standards to manage the organization's data assets. The charter further defines the roles and organizational structure that responsively and proactively focus on ensuring data integrity.
FRAMEWORK. The framework defines the roles and responsibilities of the data governance team. The framework also defines the relationships and dependencies between the data governance team and data architecture.
ORGANIZATIONAL BENEFITS. Until the strategy and framework are implemented, there are no realized organizational benefits from stage one.
Stage 2: Scenarios and Validation
To test its data governance strategy and framework, an organization will typically take an existing data issue and follow the reactive process to determine the cause and effect of the issue, and then propose a solution. The results of the exercise provide a means to:
- refine the data governance processes and framework
- determine the communications steps involved
- identify how best to formulate those steps (e.g., via e-mail or telephone)
- identify the most appropriate individuals to play these roles moving forward
ORGANIZATIONAL BENEFITS. Stage 2 offers a proof-of-concept approach that provides the opportunity to leverage industry best practices while adapting to the nuances of the organization. In conducting the exercise, some value in resolving data issues can also be attained.
Stage 3: Formalized Organization and Responsive Process Rollout
As the responsive process is being played out, the roles of data governance (e.g., data governance manager or business steward) are formally defined within Human Resources. As appropriate, new positions within the organization are created and filled, preferably with internal resources having the required skills and aptitude to carry out the specified responsibilities. As these roles are filled, the responsive process can then be rolled out enterprise-wide in full force.
ORGANIZATIONAL BENEFITS. The company now has a structured approach to bridge business and IT through a common goal, providing accountability for establishing and maintaining data quality. This typically leads to project improvements in meeting deadlines and budgets, higher satisfaction rates with the application's usability, and reduced overhead costs dealing with data quality problems.
Stage 4: Proactive Process Rollout
As the governance team members become proficient in identifying the causes of data issues, they also become more aware of the things that can be done to prevent data issues from occurring in the first place. At this stage, stewards take on the responsibility to identify business events or activities that trigger the process.
ORGANIZATIONAL BENEFITS. Development of proactive processes generally results in organizational process improvements, enhanced communication between business units and IT, and enablement for business people to collaboratively manage data in a workflow-driven environment.
Stage 5: Expanded Business Involvement
Reaching this stage is marked by the explicit buy-in from key stakeholders and executive management in the data governance program. Priorities have been established to aid in the difficult decisions often required in resolving data issues. Standards compliance monitoring is incorporated as a part of performance measurement; and data-specific technology, processes, and organizational components are aligned with the company's most important business objectives.
ORGANIZATIONAL BENEFITS. Continuous improvement efforts are enabled by the establishment of measurable metrics that are monitored and reported on a timely basis. Project management offices (PMO) can improve project performance by incorporating data governance to enhance their SDLC methodology. Data governance efficiency is enhanced as the organization employs its knowledge base to reduce future project efforts and to reduce the cycle time of reactive and proactive resolution processes.
Stage 6: Stewardship Culture
Governance protocols include procedures across divisions and departments that explicitly reconcile priorities, expedite conflict resolution, and build cooperation in support of data quality as a common objective shared at every level of the enterprise. Data quality education and awareness programs are an integral part of the organization's in-house on-going employee training programs.
ORGANIZATIONAL BENEFITS. There is a common focus and delivery throughout the organization that empowers the workforce. Every corporate associate considers himself a data steward, and this perspective extends beyond the boundaries of the organization to its partners in data sharing, data integration, and enabling of a service-oriented architecture.
Stage 7: Strategic Governance
At this stage, the organization transforms data governance and compliance from time-based audits to real-time, change-driven, on-demand business processes that continually assess risks, update policies, and manage resources across the enterprise. Ultimately it is the organization's people, processes, and technology working together organically and autonomically that result in an effective data governance program.
ORGANIZATIONAL BENEFITS. Utility of information can now drive flexibility and agility of the organization. Bad decisions, overhead costs for rework and workarounds and other problems due to data quality issues have been fully minimized, leading to a more streamlined and efficient organization.
Conclusion
There is a tendency in organizations to be complacent about data quality and integrity issues, as though these issues are things one just has to deal with. This is at odds with the increasing demands of government regulations such as Sarbanes Oxley and Basel II, which dictate that data management must address any quality or integrity issues that could compromise credibility of the organization's information. Enterprises must employ a crosscompany control model to govern how information is used, to promote the security and integrity of all data, and to protect privacy on both the individual and the corporate level. An organization's data governance policies and procedures must also balance effective information access with appropriate use of the information. It must be emphasized that a data governance program is not an application that can be purchased, installed, and implemented with a specified end date, but a process that, over time, affects the culture and the way an organization conducts business.
To learn more about data governance, data governance team roles and responsibilities, the differences between data governance and master data management, or other issues in IT, download our white papers at www.ciber.com/downloads/whitepapers/.
by Martha Dember,Principal Consultant with CIBER, Inc.'s Global Enterprise Integration Practice. She specializes in the areas of business intelligence and data governance, risk, and compliance. She is a sought-after speaker about data governance issues, and just recently spoke at an international data conference in Seoul, South Korea. Ms. Dember can be reached at mdember@ciber.com.
edited by J. B. Rawlings, an IT consultant for CIBER's Global Enterprise Integration Practice; he specializes in systems integration, and data and service-oriented architectures. He has over 30 years of experience in IT and hardware design methodologies, and IT and R&D management within government. Mr. Rawlings can be reached at jrawlings@ciber.com.
