Data governance has yet to mature

The management of the data landscape can quickly become a nightmare for even the most dedicated and skilled teams, due to the vastness and implications of the task.
Read time 4min 10sec

Data governance (DG) is taking centre stage around the world again, as the European Commission proposes a Data Governance Act to support a European data economy, the G20 surfaces proposals on global data governance and interoperability, and South African businesses respond to compliance and efficiency demands.

Seeking to deal with the perpetual increase in data, information and content volumes, local businesses, ranging from financial and credit institutions, to retailing and telecommunications firms, are actively recruiting much-needed data management and governance skills to deploy and sustain DG.

Data governance job specifications are complex and wide, requiring people with knowhow of regulatory requirements, policy institution, data and process management, data architecture and design, and project planning, among others.

The rush for skills is an encouraging sign that local businesses are starting to take DG more seriously, but although many organisations have started implementing DG frameworks and programmes, the articulation “making governance real” for evidencing controls in the data and process landscapes is still not at an acceptable maturity level.

Organisations benefit from the institution of DG practice, especially in situations where there is a large portfolio of systems and complexities that cannot be properly managed using traditional management models/methods, when cross-functional programmes have to be implemented, and when regulations, compliance or contractual obligations require comprehensive control and transparency over the data assets and related components/artefacts.

However, their poor progression of maturity is mainly due to:

  • Budgetary and cost constraints.
  • Value product or project priorities.
  • Not leveraging DG frameworks that help organisations to articulate (link, evidence) all data, processes, architectural components (technology) and people (roles) within their business landscapes.
  • Agile “quick delivery” implementation methods which often ignore standards and controls.
  • Ignorance about enabling practices such as metadata management.
  • Adopting compliance requirements and controls as a culture, and not as un-sustained project/programme implementations.
  • Executive pressure.

Making data governance real

To achieve comprehensive control and transparency, organisations need to know, within their landscapes, who is responsible and accountable for their resources (computing, people, technological, process, data, information/content) and how these resources are related. This enables monitoring, controlling and reporting of data lineages and process lifecycles from end to end.

Outside the demand for implementing and evidencing the application of PPSGs (principles, policies, procedures, standards and guidelines), the management of the data landscape can quickly become a nightmare for even the most dedicated and skilled teams, when considering the number of users, the existence of potentially hundreds of siloed/overlapping data stores/pockets and spreadsheets, and the maintenance of cross-functional departments, divisions and business units.

The rush for skills is an encouraging sign that local businesses are starting to take data governance more seriously.

The resulting chaos filters through the processes that they support where customers, stakeholders or involved parties meet the business – this has a direct negative impact on efficiencies, client experience and hence profit.

But what do businesses do to achieve effective DG; for example, making it “real” and applicable? How do they orchestrate DG throughout the organisation?

The following guidelines can be considered:

  1. Obtain a formal DG mandate and institute a DG framework – this is essential to position DG as a key control practice of (or service to) the organisation.
  2. Conduct a DG maturity assessment to identify gaps and opportunities.
  3. Ensure all data, process, technological and people artefacts/resources are registered, including PPSG clauses.
  4. Entrench a lifecycle management programme that tracks all processes that create, store, process, consume and destroy data/information/content in the business.
  5. Map the lifecycles to the organisation’s implementation or project methodology, the software development lifecycle, agile methods, change and release management processes, or to whatever is specifically used in the business, for new implementations and changes. This is crucial for articulating DG (making it “real” and applicable).
  6. The lifecycles must also map to the processes, data/information/content artefacts or assets, the relevant PPSGs and to the people (business units, roles) involved – these mappings are done at the stages of the lifecycles and control gates/checkpoints of the processes. The stages, control gates and/or checkpoints are the cross-references between the organisation’s resources/assets/artefacts. It is here where articulation is realised. The beauty of this is that the mappings and most of the controls are done once-off and can be automated so they do not place additional burdens on the personnel.
  7. Repeat steps 2 to 5 for each data domain or business unit/division.

This approach can be applied to both structured and unstructured data, even though unstructured information may call upon specialised technologies such as enterprise content management, for example.

Mervyn Mooi

Director of Knowledge Integration Dynamics (KID) and represents the ICT services arm of the Thesele Group.

Mervyn Mooi is a director of Knowledge Integration Dynamics (KID). His competencies and focus is within data/information management and governance.

He has been in the ICT and data solutions industry for 38 years, beginning his career as an operator at the CICS bureau in Johannesburg in the early 1980s. Thereafter, he was appointed as a programmer at state-owned oil exploration and production company SOEKOR.

In 1986, Mooi joined Anglo American's head office ICT department where he remained for almost 12 years. Here he progressed to become a senior programmer, analyst, database administrator and technical support specialist.

After completing his degree in informatics, he then left to join Software Futures, where he worked as a senior consultant for 18 months in the data warehousing and business intelligence arena.

Mooi joined KID in 1999 as a data warehouse and business intelligence specialist. His experience in ICT disciplines includes operations, business and systems analysis, application development, database administration, data governance/management, data architecture/modelling, software support, data warehousing and business intelligence.    

See also