Data governance is an organization's internal policy framework that determines the way people make data management decisions. All aspects of data management must be carried out in accordance with the organization's governance policies.
What Does Data Governance Policy Cover?
The Data Management Body of Knowledge framework is a commonly used model to describe data governance. This framework describes a hub-and-spoke structure of data management, with good governance as the hub at the center of everything.
The main spokes of the data management structure are:
- Data architecture
- Data modeling and design
- Data storage and operations
- Data security
- Data integration and interoperability
- Document and content management
- Reference and master data
- Data warehousing and business intelligence
- Metadata
- Data quality
Each of these spokes must be implemented in compliance with the governance framework.
What are the Elements of a Data Governance Framework?
Data governance is comprised of several elements.
People
Each organization needs a team of people to oversee, implement, and review data governance. This team can include internal auditors, data experts, compliance advisors, and business unit representatives. Some organizations have a Chief Data Officer (CDO) to represent data governance at a board level.
Policy
Each organization defines its own set of policies regarding the individual spokes of the data management framework, such as data architecture and security. These policies must be clearly documented and regularly reviewed. Because data policy impacts everyone in the organization, even if they're not directly involved in data or compliance, these policies should be communicated in straightforward language.
Rules
All organizations must comply with any regulatory requirements related to data, such as GDPR, CCPA, or data protection laws. Certain types of data might be subject to other rules, such as the requirement to retain medical and financial records for a minimum time. Organizations are also bound by internal rules, such as those described in the service agreement offered to customers. Any data-related activity must comply with all applicable rules.
Technology
Data governance policy controls what kind of technology each organization can use. Technology also influences the effectiveness of the data governance framework, as some systems are better at producing reports and implementing compliance requirements. Organizations should look to adopt technology that makes good governance easier, not harder.
Oversight
Organizations should have processes in place to ensure that everyone is adhering to the data governance framework. This can involve regular audits, meetings with leaders, self-reporting from individual teams, and automated testing where possible. When an issue is flagged up, the governance framework should be clear about who is responsible for fixing things.
Interaction and feedback
Data governance is a living thing that is shaped by the people within the organization. The data governance should have channels for gathering feedback and amending policy where required. Equally, this team should reach out to people in the organization to ensure that everyone is aware of the current best practices.