A safeguard in the digital economy
While data is being used in myriad new ways, the rules for effective governance must prevail.
The sheer volume and variety of data coming into play in the increasingly digital enterprise presents massive opportunities for companies to analyse this information and apply the insights derived therefrom to achieve business growth and realise efficiencies.
Digital transformation has made data management central to business operations and created a plethora of new data sources and challenges. New technology is enabling data management and analysis to be more widely applied, supporting companies that are increasingly viewing data as a strategic business asset that could be utilised for gaining a competitive advantage.
To stay ahead, companies must be agile and quick in this regard, which has prompted some industry experts to take the view that data governance needs a new approach, with data discovery carried out first, before data governance rules are decided on and applied in an agile, scalable and iterative way.
While approaching data management, analysis and associated data governance in an iterative way using smaller packets of data makes sense, the rules that must be applied must still comply with legislation and best practice. As a prerequisite, these rules should therefore be formalised before any data project or data discovery is undertaken. Governance rules must be consistent and support the overall governance framework of the company throughout the data life cycles of each data asset, regardless of where and when the data is generated, processed, consumed and retired.
In an increasingly connected world, data is shared and analysed across multiple platforms all the time - by both companies and individuals. Most of that data is being governed in some way, and where it is not, there is risk.
Poor quality data alone is a significant cause for concern among global CEOs.
Governed data is secure, applied correctly and of quality (reliable), and - crucially - it helps mitigate both legal and operational risk. Poor quality data alone is a significant cause for concern among global CEOs, with a recent Forbes Insights and KPMG study finding 45% of CEOs saying their customer insight is hindered by a lack of quality data, and 56% saying they have concerns about the quality of data they base their strategic decisions on; while Gartner reports the average financial impact of poor quality data could amount to around $9.7 million annually.
On top of this, the potential cost of unsecured data or non-compliance could be significant. Fines, lawsuits, reputational damage and the loss of potential business from highly regulated business partners and customers are among the risks faced by the company failing to implement effective data governance frameworks, policies and processes.
Ungoverned data results in poor business decisions and exposes the company and its customers to risk.
On your marks
Internationally, data governance is taking top priority, as companies prepare for legislation such as the new EU GDPR, formally known as the General Data Protection Regulation legislation, which is set to come into effect next year. Data Governance Australia is ready to launch a new draft Code of Practice on benchmarks for the responsible collection, use, management and disclosure of data. SA, surprisingly, is at the forefront, with its POPI regulations and wide implementation of other guidelines, such as King III and Basel. And new chief data officer roles are being introduced around the world.
Now, more than ever before, all companies must have up-to-date data governance frameworks in place and, more importantly, have the rules articulated or mapped into its processes and data assets. Companies must look from the bottom up, to ensure the rules on the floor align with the compliance rules and regulations from the top. These rules and conditions must be formally mapped to the actual physical rules and technical conditions in place throughout the business.
By doing this, the company can illustrate its data governance framework is real and articulated into its operations, across physical business and technical processes, methodologies, access controls and data domains, ICT included. This mapping process should begin with a data governance maturity assessment upfront. Alongside this, the company should deploy dedicated data governance resources for sustained stewardship.
Mapping the rules and conditions, and the due configuration of the relevant toolsets to enforce data governance, can be a complex and lengthy process. But, they are necessary in order to entrench data governance throughout the company. Formalised data governance mapping proves to the world where and how the company has implemented data governance, demonstrating that policies are entrenched throughout its processes, and so supporting audit and reducing compliance risk and operational risk.
To support agility and speed of delivery iterations for data management and analyses initiatives and instances, data governance can be 'sliced' specifically for the work at hand, and also applied in an iterative fashion, organically covering all data assets over time.
Mervyn Mooi is a director of Knowledge Integration Dynamics (KID) and represents the ICT services arm of the Thesele Group. His competencies and focus is within data/information management and governance.
Mooi has been in the ICT and data solutions industry for 38 years, beginning his career as an operator at the CICS bureau in Johannesburg in the early 1980s. Thereafter, he was appointed as a programmer at state-owned oil exploration and production company SOEKOR.
In 1986, Mooi joined Anglo American's head office ICT department where he remained for almost 12 years. Here he progressed to become a senior programmer, analyst, database administrator and technical support specialist. After completing his degree in informatics, he then left to join Software Futures, where he worked as a senior consultant for 18 months in the data warehousing and business intelligence arena.
Mooi joined KID in 1999 as a data warehouse and business intelligence specialist. His experience in ICT disciplines includes operations, business and systems analysis, application development, database administration, data governance/management, data architecture/modelling, software support, data warehousing and business intelligence.