Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:
GOVERNANCE & AWARENESS
Home / GOVERNANCE & AWARENESS
/
Data Governance
Data Governance

Objectives:

Data Governance (DG) is defined as the exercise of authority and control (planning, monitoring and implementation) in the management of data assets. All organisations make decisions about data regardless of whether they have a formal Data Governance function. Those that formally establish a Data Governance programme exercise authority and control with greater intentionality. Such organisations are better able to increase the value they get from their data assets.

The function of Data Governance leads all the other management functions. The objective of the Data Governance is to ensure that data is properly managed in compliance with policies and best practices. While the general purpose of data management is to ensure that the organisation obtains value from its data, Data Governance focuses on how decisions on data are made and on how people and processes are expected to behave in relation to data. The purpose and objective of a particular Data Governance programme depend on the needs of the organisation, but most programmes include:

  • Strategy: Defining, communicating and guiding the carrying out of Data Strategy and of Data Governance Strategy;
  • Policy: Definition and implementation of policies related to data and Metadata Management, access, use, security and quality;
  • Standards and quality: Definition and implementation of Data Quality and Data Architecture standards;
  • Control: Support on operational controls, audits and corrections in key areas such as quality, policy and data management;
  • Compliance: Ensuring that the organisation can meet regulatory compliance requirements with regard to data;
  • Anomalies management: Identifications, definition, escalation and resolutions of anomalies related to data security, access, quality, regulatory compliance, data stewardship, policies, standards, terminology or to data management procedures;
  • Data management projects: Promote the effort to improve data management practices;
  • Data asset assessment: Define standards and processes to consistently define the business value of data assets.

To achieve these objectives, a Data Governance programme will develop policies and procedures, will encourage data stewardship practices within the organisation at different levels and it will be steered toward an organisational change that effectively communicates to the organisation the benefits of an improved data management and the behaviours required to successfully manage data as an asset.


Activities carried out by our Team:

Defining a Data Governance for the organisation

The efforts of the Data Governance have to support business strategy and objectives. An organisation’s business strategy and objectives concern both the overall data strategy and how data governance and management are to be applied operationally in the organisation.

Data governance enables shared responsibility for data-related decisions. Data governance activities cross organisational and system boundaries to support an integrated view of data. Successful data governance requires a clear understanding of what and who is to be governed as well as who is to govern it.

Carrying out an assessment on the situation

Assessments that describe the current organisation’s information management capabilities, maturity and efficiency are crucial in planning a DG programme. Since they can be used to measure the effectiveness of a programme, the assessments are also important in managing and supporting a DG programme.

Typical assessments are:

  • Maturity on data management
  • Ability to change
  • Willingness to collaborate
  • Alignment to business

Carrying out a discovery and an alignment to Business

A DG programme has to contribute to the organisation by identifying and giving specific benefits (e.g. reducing fines paid to the legislator). The discovery activity will identify and evaluate the effectiveness of existing policies and guidelines – what risks they address, what behaviour they encourage and how well they have been implemented. Discovery may also identify opportunities for the DG to improve the usefulness of data and contents.

Developing organisational process steps

Part of the adaptation includes the development of organisational steps within Data Governance activities and the sharing of a corporate and managerial approach to data governance in areas outside the direct authority of the Chief Data Officer, such as:

  • Tenders and Contracts
  • Budget and Funds
  • Regulatory Compliance
  • SDLC / development framework

Developing a Data Governance Strategy

A Data Governance Strategy defines the boundary and prediction of the effort needed. The DG strategy should be defined in a comprehensible form and should be structured in relation to the overall business strategy, as well as the data and IT management strategies. It should be implemented iteratively as components are developed and approved.

The content will be specific for each organisation, but the deliverables include:

  • Charter
  • Operational framework and responsibility
  • Implementation roadmap
  • Operational plan for success

Defining an operational framework of DG

While the development of a basic definition of a DG is undemanding, creating an operational model that an organisation will have to adopt might be complex. The following areas have to be considered when creating an operational model for the organisation:

  • Data value for the organisation
  • Business model
  • Cultural factors
  • Impact of the legislation

Developing Objectives, Principles and Policies

The development of objectives, principles and policies derived from the Data Governance Strategy will guide the organisation towards the desired future position.

Objectives, principles and policies are usually decided either by data management professionals, business personnel or by a combination of them under the data governance directions.

Supporting Data Management Projects
Initiatives to improve data management capacities provide benefits at company level. They usually require a cross sponsorship or directions by the DGC. They can be difficult to spread because they are perceived as obstacles “just for the sake of something”. The key to promoting them is to illustrate the ways in which they improve efficiency and reduce risk. The organisations that wish to get more value from their data have to prioritise developments or improvements in data management skills.

Involving Change Management

The Organisational Change Management (OCM) represents the vehicle to support change in the organisation’s systems and processes. The Change Management Institute highlights that organisational change is much more than simply “people in support of projects”. It should be seen as the approach that the whole organisation envisages to use to manage change well.

Involving anomalies management

Anomalies management is the process to identify, quantify, prioritise and solve anomalies connected to data governance, including:

  • Authority
  • Change management escalation
  • Compliance
  • Conflicts
  • Contracts
  • Data security and identity
  • Data quality

Assessing Regulatory Compliance Requirements

Each organisation is subjected to a government and an industry regulation, including the legislation defining how data and information have to be managed.

Part of the Data Governance function is to monitor and ensure regulatory compliance.

Regulatory compliance is often the initial reason for implementing Data Governance. Data Governance guides the implementation of appropriate controls to monitor and document compliance with data-related regulations.

Implementing Data Governance

Data Governance requires planning not only to lead organisational change, but also because it entails numerous and complex activities that have to be coordinated. It is best to create an implementation scheme outlining the timing and relationships between the different activities. 

Priority activities in the early stages include:

  • Describing data governance procedures required to meet the highest priority objectives
  • Determining a business glossary and documentation of terminologies and standards
  • Coordinating with Enterprise Architecture and Data Architecture to better support understanding of data and systems
  • Assigning an economic value to data assets to enable better decision making and increase understanding of the role data plays in the success of the organisation

Promoting Standards and Data Procedures

By adopting a standard, the organisation only makes a decision once and codifies it in a set of statements (the standard). It is not necessary to make the same decision again in the same project. Applying standards should lead to consistent results for the process using them.

Developing a Business Glossary

A glossary is necessary since people use words differently. It is especially important to have a clear definition of data because data represents objects other than themselves. Developing and documenting data standards reduces ambiguity and improves communication. Definitions must be clear, strict in description, and specify exceptions, synonyms or variations.

Promoting Data Assets Assessment

Data and information are assets because they have value or can create it. Current practices regard data as more of an intangible asset than software, documentation, professional experience, trade secrets and other intellectual property.

Integrating Data Governance

An objective of the data governance organisation is to integrate it into a series of processes related to the management of data as an assets. The daily activities of DG requires planning. The operational plan includes the list of events required to implement and apply DG activities. It defines activities, timelines and techniques required to achieve success.

Recommended to you

Big Data and Data Science Data Quality Metadata Management Data Warehousing and Business Intelligence Reference und Master Data Document and Content Management Data Integration and Interoperability Data Security Data Storage and Operations Data Modeling and Design Data Architecture Data Governance