What is Data Governance?

Data Governance is the process, and procedure organizations use to manage, utilize, and
protect their data. In this context, data can mean either all or a subset of a company’s
digital and/or hard copy assets. In fact, defining what data means to an organization is
one of the data governance best practices. Once you have defined data, you can
brainstorm all the ways you could use your data to advance your business.

Think of data governance as the who, what, when, where, and why about your
organization’s data.

Another aspect of data governance is protecting the company and customer private data,
which should be a high priority task for organizations in this day and age. Data breaches
are near-daily occurrences in 2019 and governments are enacting laws – HIPAA,
GDPR, CCPA, and more – to protect the private data of citizens. A data governance
program builds controls to protect data and help organizations adhere to compliance
regulations.

What is a Data Governance Framework?

A data governance framework is the how for your data governance. The data
governance framework is the guidelines and definition of how organizations set up and
enforce your data governance.

What is the Data Governance Institute (DGI)?

The Data Governance Institute (DGI) provides vendor-neutral data governance best
practices and guidance since 2004. They actually wrote the book on data governance.

Why Data Governance is Important for Businesses?

Imagine that you are working on a multi-national project worth approximately $125
million. Now imagine that just as your project is going to touch down on Mars – the
project explodes. Obviously not a great outcome, but that’s exactly what happened to
the first Mars rover in 1999. The root cause of this catastrophic failure? One team used
the imperial system instead of the metric system. The lack of a data governance plan
lead to the failure of that project. NASA implemented a data governance standard, and
now Mars is inhabited by robots.
That is a simple example of how data governance can help your organization be
successful. Here are a few other advantages:

 Centralized policies and systems reduce IT costs related to data governance

 Data standards allow for better cross-functional decision making and
communication
 Compliance audits are easier to manage, and compliance standards are easier to
maintain
A data governance plan can also be a competitive advantage as you grow your business.
Modern business runs on data, so without proper planning and business intelligence,
you will fall behind your competitors.

 Data fuels business intelligence for short and long term planning, including
mergers and acquisitions
 Data governance keeps data growth under control and organized
  Stable data makes adapting to new data and privacy legislation easier
Pros
There are so many pros to implementing a data governance plan. Here are just a few of
them for you to consider.

 Data governance helps you protect against damaging and costly cyberattacks and
data breaches
 Good data governance reduces the cost of managing data and increases ROI of
your data analytics
 Data governance reduces the load of data management from the IT team and
spreads the burden throughout the organization
Cons
And where there are pros, there are always cons.

 Data governance requires a company-wide mandate to implement correctly.

 Good data governance requires focus. You will be taking time from your teams
to manage data, so make sure it’s worth it in the end.
Challenges
There are several challenges you will encounter as you establish a data governance plan:

 Data governance is a part of a larger IT governance policy. The two initiatives

need to work in concert with each other for both to be successful.
 Change of any kind is hard – but getting employees to care about data
governance is especially difficult. Users need incentives and motivation to follow
your new data governance initiatives.
 Data governance efforts need to be flexible to team needs and simple for users.
If data governance impedes work efforts, it will not promote business goals.
 Selecting technology and tools to manage a data governance strategy can be
complicated. Use resources like Gartner to research technology and request
references for systems that fit your strategy.
Considerations
Is your organization governed by privacy regulations? HIPAA, CCPA, GDPR, or PCI,
for example? If yes, then you need a data governance program.

Does your organization use analytics and business intelligence to make strategic
decisions? You need data governance to ensure the quality of your data inputs.

Are you finding your storage costs increasing, and you don’t know why? You need a
data governance framework to get your data growth under control.
The Anatomy of Data Governance Framework

There are several data governance frameworks out there, but they all follow the same
basic formulas. Each framework defines different controls that organizations need to
implement and roles for humans to take on to make the data governance machine run
smoothly.

Roles in the Framework

Chief Data Officer
Chief Data Officers (CDO) are a fast-growing job over the last few years. Companies
are beginning to understand the importance of managing data and implementing a data
governance framework, and that means hiring a CDO.  The CDO is the company leader
of the data governance strategy, and hiring a CDO shows the commitment to data and
buy-in from the top to take a data governance program seriously.

Data Owners 
Data Owners are the people that have direct responsibility for data. They are involved in
the protection and quality of data as a business asset. A data owner will be on the team
that uses the data. For example, a member of the finance team should be a Data Owner
for the Finance team’s data.

Varonis automates the process for Data Owners to manage access to their data. Data
Owners know who in their organization should have access to their data, and providing
them the tools they need to manage and audit access to data is good data governance.

Data Stewards
Data Stewards are the champions of your data governance strategy. They meet with
Data Owners and enforce data governance policies and procedures, as well as train new
data owners and employees in data governance.

Data Governance Committees

The Data Governance Committee sets policies and procedures for data governance. This
committee works with the CDO to establish the who, what, when, where, and why of
data governance.

Aspects of the Framework

We have already discussed the data governance framework as the who, what, when,
where, and why of data in your organization. Now let’s expand on what that could mean
for you.

Who: These are the people – the CDO to Data Stewards and Owners, the Data
Governance Committee, and the employees that touch and create data during their jobs.
Each person in their organization needs to be aware of their responsibilities to data and
their role in maintaining the quality and care of data. Data governance is not just a job
of the CDO and Data Owners – the whole organization has to be on board.
You can implement technology to ease the burden of data governance on your end-
users. Automation can help maintain privacy and protect your data from breaches, keep
data in the proper storage areas, and enforce data retention policies.

What: The data, obviously. But what data? You don’t need to worry about that
marketing guys finely curated GIF collection the same way you would govern the
company’s financial documents. Define what data is of import to your business, both
from a compliance and privacy and operational perspective. This is the data that you are
going to focus your data governance policies upon.
When: When is the time portion of our data governance framework. What kind of data
retention policies do you have to adhere to? HIPAA, PCI, and other laws can help
inform you, as well as your own business goals and requirements to your customers.
When can also tell you how often to audit data and data access rights.
Where: Where do you store and secure data? Where does your data live right now?
Where do you have control of your data? Where is an important question, because
unless you know where all of your important data lives, and your Data Owners are
responsible to keep track of data, you will fall into the trap of the ever-exploding data
problem. Data governance is about keeping control of your data, and the “where” is a
vital aspect of your program.
Why: Why is last in this list, but first in importance. Why tells your organization why
you worry about data, and why each employee should care. Why is the overarching
principles or the mission of your data governance program. By clearly explaining why
you are building the case for your team to embrace data governance. It is difficult to get
large teams of people to buy-in to a new procedure.
Why could mean “so we are compliant and don’t get fined,” or “so we understand our
customers better” or “optimize our production capability.” Whatever your why, keep the
message to your team clear and consistent.
People don’t like to change or feel like they are being told how to do their jobs.
Automation and technology can help your business thrive with data governance and
limit the impact on your people and productivity.

How Do Data Governance Frameworks Operate?

Gartner defines seven principles for good data governance in 2020.

Value and Outcomes
Align data governance with a business goal or outcome. You will need a data analytics
process in place, so you can measure progress and outcomes.

Accountability and Decision Rights

Make sure your team is on board with your data governance strategy, and hold the
CDO, data stewards, data owners, and employees accountable. Clearly define who can
make which decisions about your data.

Trust
Can you trust all of your data sources? Are you in control of your data throughout its
lifetime?

A trust model of data governance builds in mechanics to account for a distributed data
ecosystem, and you should strive to understand the history and lineage of your data
inputs so you can manage expectations and results.

Transparency and Ethics

Keep data analytics about data governance open and visible, with clear established
decision-making processes, so it would stand up to external scrutiny.

Risk and Security

Do you consider risk and data security in your data governance strategy? Risk and
security are two major drivers for companies to engage in data governance. They should
be considered in addition to any business outcomes.

Education and Training

Do you have a program to train Data Owners and employees on the basic principles of
data governance? Do you train new Data Stewards? Establish an ongoing training
program to keep data governance in focus.

Collaboration and Culture

Does your team see data governance as a top-down mandate or a collaborative effort to
build the business and keep data safe?

These seven areas can help you stay focused on the goals of data governance and inform
how you are going to operate data governance.

Data Governance Challenges

There are several challenges you will encounter as you establish a data governance plan:

 Data governance is a part of a larger IT governance policy. The two

initiatives need to work in concert with each other for both to be successful.
 Change of any kind is hard, but getting employees to care about data
governance is especially difficult. Users need incentives and motivation to
follow your new data governance initiatives.
 Data governance efforts need to be flexible to team needs and simple for
users. If data governance impedes work efforts, it will not promote business goals.
 Selecting technology and tools to manage a data governance strategy can be
complicated. Use resources like Gartner to research technology and request
references for systems that fit your strategy.
Questions To Consider
Data governance is still a relatively new discipline, but according to Gartner, 90% of
large companies will have a Chief Data Officer (CDO) by 2019. In 2014 there were
only 400 CDOs. In 2017 the number of CDOs grew to over 4000. By following these
best practice guidelines and asking the following questions, you can set yourself up for
a successful data governance strategy:
 What is your business strategy?
 Have you defined and communicated key objectives throughout your
organization?
 Do you have the right data and is it of sufficient quality?
Answers to those questions will drive your data governance day-to-day activities and
long-term initiatives. Keeping the metrics in focus and the data governance plan will
keep the organization on the right path.

8 Data Governance Best Practices

How should you implement data governance given those challenges? Here are some
best practices that will help you with your data governance journey.

1. Set format standards for your data and use technology to enforce those
standards during post-processing and data ingestion into your big data platform.
You are going to be pulling data from many disparate sources, so you should
normalize your data in your big data system.
2. Unmanaged data is still data! Data that lives in your files, folders, and shares
is some of your most valuable data – and often at more risk than your managed data.
Make sure your data governance strategy covers unstructured data.
3. Map your business goals for data governance early and assign a Chief Data
Officer (CDO). Make the CDO responsible for managing and achieving the data
governance goals. Think big picture, but create manageable touchpoints along the
way.
4. Keep it simple! Data governance is not the primary job of the majority of the
organization. Minimize impact to individual contributors and teams.
5. Establish different roles for members of your data governance team. Data
Owners are key, in that they are closest to the data they create and manage. You can
assign Data Managers to work with Data Owners for guidance and to facilitate
communication. Your data governance team should be cross-functional and
empowered to push your data governance initiatives.
6. Classify and tag all of your data. Establish standards for metadata that promote
your business goals and allow for reuse of data.
7. Measure your progress in several different ways. The more metrics you can
gather the better. A few key metrics for data governance might be how much stale
data you are saving, how many folders have assigned data owners, and how much
sensitive data you are creating.
8. Automate as much as possible. Automate workflows, approval processes, data
requests, permissions requests, and anything else you can to make your data
governance initiatives work.