Data Governance Success: Growing and Sustaining Data Governance 9811650853, 9789811650857

Table of contents :
Foreword by Dan Power
Preface
Acknowledgments
About This Book
Contents
About the Author
Acronyms and Abbreviations
List of Figures
List of Tables
1 Data Governance Journey—Introduction
1.1 Data Governance
1.2 Data Management Discipline
1.3 Data and Its Governance
Reference
2 Data Governance Challenges and Dynamics
2.1 Introduction
2.2 Data Governance Failures
2.3 Data Governance—Perceptions and Challenges
2.3.1 Vastness and Complexity of the Data Landscape
2.3.2 Data and Data Governance not Priorities
2.3.3 Individuals Needed on Data Governance are in High Demand
2.3.4 Collaboration Challenges
2.3.5 Data Governance Connotations
2.3.6 Executive Buy-in and Lack of Executive and Organizational Support
2.3.7 Costs and Budgets
2.3.8 Organizational Culture, Politics, and Conflicts
2.3.9 Restrictive Nature of Data Governance
2.3.10 Data Governance Perceptions and Misunderstandings
2.4 Key Factors for Ensuring Data Governance Success
2.4.1 Leadership and Management
2.4.2 Strategy and Execution
2.4.3 Organizational Change Management (OCM)
2.5 Data Governance Program—Do’s, Don’ts, Tips, and Lessons Learnt
2.5.1 Tailor Data Governance to your Organization—“One Size Does not Fit All” Approach
2.5.2 Adopt a Non-invasive and Non-disruptive Approach
2.5.3 Accept That the Data Governance Journey will be Difficult
2.5.4 Establish a Strong Base
2.5.5 Identification of Areas for Proof of Concept (POC)
2.5.6 Get Some Quick and Meaningful Wins
2.5.7 Share Lessons Learnt and Success Stories
2.5.8 Keep It as Clear and Consumable as you Can
2.5.9 Have a Clear Focus and Stay Focused
2.5.10 Have the Right Candidates for the Data Governing Body
2.5.11 Strike the Right Balance Between Opposing Goals
2.5.12 Understand the Data Governance Scope First and Then Form the Data Governance Body
2.5.13 Plan for Longevity
2.5.14 Incentivize Participation
2.5.15 Do a Data Governance Program Health Check
2.5.16 Do not Design Data Governance Without Integrating the Key Decision-making Bodies and Other Data Initiatives in your Organization
2.5.17 Avoid Establishing Big Committees
2.5.18 Do not Take the Tick Box Approach to Satisfy the Regulators
2.6 Concluding Thoughts
References
3 Strategy and Data Governance
3.1 Introduction
3.2 Are You Ready for Data Governance?
3.3 Data Governance Maturity Assessment
3.4 Strategy
3.5 Corporate Strategy, Data Strategy, and Data Governance
3.6 Data Governance Strategy
3.7 Building a Business Case for Data Governance
3.8 Data Governance Roadmap
3.9 Data Governance Pilot
3.9.1 Critical Data Domains and Data Sets
3.9.2 The Data Function or Data Initiative
3.10 Role of the Chief Data Officer in Data Governance
3.11 Concluding Thoughts
References
4 Data Governance Maturity Models
4.1 Introduction
4.2 Data Governance Maturity Models
4.3 Data Governance Maturity Model Metamodel
4.4 Data Governance Maturity Models by Different Industry Practitioners
4.4.1 Kalido
4.4.2 DataFlux
4.4.3 Microsoft
4.4.4 Informatica
4.4.5 Oracle
4.4.6 IBM
4.5 Data Governance Maturity Model Proposal
4.6 Data Governance Maturity Assessment
4.7 Summary
References
5 Data Governance Components and Framework
5.1 Data Governance—People, Process, and Tools and Technology
5.2 Data Governance Framework
5.3 Data Governance Components—Broad Categories
5.4 Data Governance—The People Component
5.4.1 Data Governance Organization Structures, Roles, Responsibilities, and Operating Rhythms
5.4.2 Data Ownership
5.4.3 Data Stewards and Data Stewardship
5.4.4 Data Stewardship Models
5.5 Data Governance—The Process Component
5.5.1 Data Principles
5.5.2 Data Policies
5.5.3 Guidelines
5.5.4 Processes
5.5.5 Rules and Standards
5.6 Data Governance—The Tools and Technology Component
5.7 Data Governance Operating Models
5.7.1 Top Down
5.7.2 Centralized
5.7.3 Decentralized
5.7.4 Hybrid
5.7.5 Federated
5.7.6 Crowdsourced
5.8 Concluding Thoughts
References
6 Data Governance—Metrics
6.1 Data Governance Metrics—Introduction
6.2 Desired Characteristics of Data Governance Metrics
6.3 Data Governance Metrics—Health Check
6.4 Data Governance Metrics—Don’ts
6.5 Data Governance Metrics Identification and Selection
6.6 Data Governance Metrics—Categories and Examples
6.6.1 Quantitative and Qualitative Metrics
6.6.2 Progress, Verification, and Impact/Value Metrics
6.6.3 People, Process, Technology, and Data Metrics
6.6.4 Efficiency, Enablement, and Enforcement Metrics
6.7 Data Governance Metric Documentation
6.8 Dashboard and Scorecards
6.9 Concluding Thoughts
References
7 Data Governance Success—Concluding Thoughts and the Way Forward
7.1 Data Governance—A Success Factor
7.2 Data Governance in a Page
7.3 Evaluating Data Governance—The Journey Ahead
References
Appendix A Glossary of Terms
Appendix B Data Governance—Perceptions Versus Realities
Appendix C Bibliography
Index

Citation preview

Data Governance: The Way Forward

Rupa Mahanti

Data Governance Success Growing and Sustaining Data Governance

Data Governance Success “Whatever you may be interested in, if data governance is part of that equation for you, this book will give you new insights, ammunition to bring back into your day to day work, and an introduction to a community of data governance practitioners.” —From the foreword by Dan Power, Founder and President, Hub Designs Inc. “Rupa Mahanti’s strong engagement with questions central to the success of data governance continues in the third volume of her comprehensive DG series. In Data Governance Success: Growing and Sustaining Data Governance, she takes up the challenge of developing data governance practices over time through strategy, organizational structure, and effective metrics. Based on a maturity model framework, she presents a practical approach to data governance and, through it, a clearer path for organizations to get more value from their data.” —Laura Sebastian-Coleman, Author of Navigating the Labyrinth: An Executive Guide to Data Management. “The road to a successful and enduring Data Governance practice has challenges that can impact its effectiveness or event stop it altogether. These challenges include the resistance by some IT groups to share the necessary information about their systems and data, or the “business as usual” mindset that prevents workers from focusing on the enterprise and its information value chains. This book provides a practical approach to effectively identify and address these challenges from a strategic to a tactical perspective.” —Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co. “Implementing data governance it’s not difficult, but it is challenging. Rupa Mahanti covers a lot of areas on what you need to know in order to implement a data governance program successfully while navigating its pitfalls.” —George Firican, Founder of LightsOnData. “Nothing ever stands still, it is either growing and moving forward or it is failing. Data Governance Success: Growing and Sustaining Data Governance is an essential tool for any organization trying to transform its data governance into a successful, ongoing program instead of a well-intentioned, but failed project.” —Dr. John R. Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners. “I can hear readers who open this book for the first time thinking, “This book will help me figure out how to start our data governance project.” I’m hoping that by the time they reach the end, these same readers will be fortified by the experiential knowledge that Rupa Mahanti and her band of data experts have imparted throughout these pages. Data has moved beyond a byproduct of the systems that generate it to become the major driving force behind business, and indeed our own evolution. It’s more than a project, it could very well be our salvation.” —Jill Dyché, Author and Data Strategy Consultant. “Segueing from data governance imperatives, strategy, and ecosystem, this volume of the trilogy arms readers with crucial practical insight about data governance success factors, and provides means to surmount challenges and achieve mastery.” —Jeannine Siviy, Director, Healthcare Solutions, SDLC Partners, Co-author of CMMI and Six Sigma.

Rupa Mahanti

Data Governance Success Growing and Sustaining Data Governance

Rupa Mahanti Strathfield NSW, Australia

ISBN 978-981-16-5085-7 ISBN 978-981-16-5086-4 (eBook) https://doi.org/10.1007/978-981-16-5086-4 © The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether the whole or part of the material is concerned, specifically the rights of reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Singapore Pte Ltd. The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721, Singapore

Data Governance: The Way Forward This mini-series of three volumes looks at different aspects of data governance. The volumes do not assume any prior or specialist knowledge in data governance. Data governance is an important component of the data management discipline, and these books should appeal aspiring information management candidates, aspiring/current BI and reporting analysts, project managers heading information management projects, business and IT consultants, especially those involved with data, university students, professionals in organisations from all industries and sectors who wish to gain a comprehensive understanding of data governance.

To my parents, for their unwavering support, dedication, love and encouragement. To my teachers and mentors, for their guidance and patience.

Foreword by Dan Power

The final book in the series opens with a discussion of the challenges and dynamics of data governance. Sometimes achieving success in data governance seems easier said than done. Data governance is an inherently political area, involving a wide range of stakeholders and constituencies, often with divergent interests, both within and outside of the enterprise. But there are “rookie mistakes” to avoid and best practices that organizations can apply. According to Gartner, about 90% of organizations fail in their first run at data governance. A lack of executive sponsorship and uninterrupted funding are two of the biggest reasons. Another is treating data governance as a one-off project, rather than a long-term, ongoing program. Other challenges include lack of alignment between the business and IT and a data strategy that does not line up with the overall corporate strategy. Large organizations can have thousands of different application databases, data warehouses and other repositories, often of differing value to the enterprise. Often, companies find it difficult to identify what is truly critical and to prioritize the many different kinds of data. One often disastrous challenge is when the business abdicates its responsibility for data to IT, feeling that, since data is ultimately stored in a database, and databases reside on computers, that this is all IT’s responsibility and does not require the business to be involved. The reality is that strong business/IT alignment and collaboration are required. Chapter 2 does an excellent job reviewing and debunking common misperceptions about data governance and goes on to outline several key factors for ensuring data governance success, including strong executive sponsorship, a commitment to success, alignment with corporate strategy, adequate training and education, and an orientation to approaching data governance as an organizational change management exercise first and foremost. Creating a compelling business case and a robust data strategy are usually two of the first tasks of the data governance organization. It is also useful to figure out if the organization is ready to implement a data governance initiative. Some of the biggest ix

x

Foreword by Dan Power

issues arise if there is some outside pressure to do it, but the organization is showing multiple warning signs that it is not ready. Once the overall corporate strategy is clear, and a data strategy has been developed that supports it, then a data governance strategy can be created to show how the program will be conducted over its first 18 to 24 months. And the business case for “why we need data governance” (versus what happens if we do not have data governance) can be created as well. The book does a good job covering data governance maturity models. There are a number of them from different organizations, and they typically assign a one to five score, similar to the capability maturity model (CMM) created by the U.S. Department of Defense and now maintained by the Software Engineering Institute at Carnegie Mellon University. Chapter 5 describes the components of data governance and outlines a workable framework. Start with the people component—they are the heart of a data governance program. Different people in the enterprise will participate in different ways and in different roles. Ideally, you are looking for people to do what they are already doing, but to do more of it, or to change it slightly, or even just to weave it into an enterprise-wide context where now they are doing it for a single area or department. The operating model can be a difficult question as well. A purely centralized or decentralized model often does not work well in today’s large, siloed organizations. Top-down operating models work well in traditional command-and-control-oriented organizations. Many companies find a hybrid or federated model to work well, similar to how the USA has a federal, state, and local level of government. Execution and implementation of data governance are done on a decentralized basis, by the people who are closest to the action (the state and local levels). The enterprise level provides a single point of contact and centralized accountability. It can be cumbersome and challenging to coordinate however and requires close collaboration between several different layers. Data governance is a complex, challenging topic that has arisen relatively recently in the big scheme of things. Data professionals with many years of experience are sometimes challenged by the difficulty of successfully implementing a data governance initiative. This three-book series gives a lot of great information, models, best practices, and approaches, making it an incredibly valuable resource for anyone new to the discipline of data governance. What I have found most rewarding about data governance over a thirty-threeyear career is that it continues to be challenging, interesting, and rewarding, and I have made a lot of great friends over that time with similar interests in software, technology, master data management, data quality, data governance, business, management, alliances, and project management. Whatever you may be interested in, if data governance is part of that equation for you, this book will give you new insights, ammunition to bring back into your dayto-day work, and an introduction to a community of data governance practitioners.

Foreword by Dan Power

xi

I hope that your journey in the “data world” is as rewarding as mine has been. I fell into it in 1987 and have never managed to escape, but it has been and continues to be a very rewarding profession, and it continues to become more and more relevant to our world. Good luck on your journey! Hingham, USA

Dan Power

Preface

There are no secrets to success. It is the result of preparation, hard work, and learning from failure. —Colin Powell

While good data is an enterprise asset, bad data is an enterprise liability. However, in order to have good data, it needs to be managed effectively, and effective data management requires data governance. Companies that govern and manage their data effectively are able to achieve a competitive advantage in the marketplace. Data governance is often viewed as “nice to have.” However, with the increase in value of data and data being treated as an asset, and compliance and analytics calling for better quality data and improved data protection, data governance is a “must have.” Data governance enables you to effectively and proactively manage data assets throughout the enterprise by providing guidance as in “how to do it” in the form of policies, standards, processes, and rules. It also helps in defining roles and responsibilities to define who will do what, with respect to data. While implementing data governance is not rocket science, it is also not a simple exercise. There is a lot of confusion around what data governance is, and as a result, a lot of challenges arise in the implementation of data governance. Data governance is not a “project” or a “one-off exercise” but a journey that involves a significant amount of effort, time, investment, and cultural changes that must be taken into consideration to achieve and sustain data governance success. This book entitled, Data Governance Success: Growing and Sustaining Data Governance, is the third and the last book in the data governance series which consists of three books as outlined below: • Data Governance and Compliance. This first book in the trilogy sets the stage in terms of evolution of corporate governance, laws and regulations, other forms of governance, how data governance interacts with other corporate governance subdisciplines, and goes on to explain how data governance helps in achieving compliance. xiii

xiv

Preface

• Data Governance and Data Management. This second book provides the big picture of data and data governance (data as an asset, different technical aspects of data, data governance drivers, and benefits). It also covers interactions with different data management disciplines and initiatives, and data governance technology and tools. • Data Governance Success. This final book, the one that you are currently reading, discusses the different perceptions that individuals and organizations have in relation to data governance, the challenges in implementing data governance, and the key factors that should be considered to ensure data governance success. These books share the combined knowledge related to data, and data governance that I have gained over the years of working in different industrial and research programs, and projects associated with data, processes, and technologies. I have interacted with professionals all over the world and have read many books and articles, most of which are listed in the references. The data governance trilogy will be highly beneficial for IT students, academicians, information management and business professionals, and researchers to enhance their knowledge and get guidance on their own specific data governance projects. This series is written primarily for information management professionals, risk management professionals, compliance professionals, data quality practitioners, information management researchers, and students looking forward to a career in data management or governance. In addition, this series will be useful for aspiring information management candidates, aspiring business intelligence (BI) and reporting analysts, project managers heading information management projects, business consultants, IT consultants, university students, and researchers, and professionals in organizations from all industry sectors who want to gain an understanding of data governance. Data governance is often overlooked and its value is grossly underestimated. A lot of people are highly skeptical about data governance. In order to retain interests of such an audience, I have conducted interviews with 11 thought leaders, researchers, and professors. Their interview responses have been included in the appendix section of the first book of the series—Data Governance and Compliance—with an intent to share their challenges and experiences with data governance. Each book has a slight overlap in terms of people, processes, and metrics-related aspects of data governance, though it is the third book that covers these aspects in detail. The technical aspect is a major component of the second book and will be moderately discussed in the first book in relation to compliance and is minimally discussed in this book. Data governance is an enterprise-wide program, and its implementation often fails (or the program even fails to take off) due to a number of challenges and perceptions. It is therefore important to understand these challenges and perceptions, and the factors critical to ensure data governance success. Specifically, we need to understand the different levels of data governance maturity, the role of strategy, data governance organization structure, and metrics.

Preface

xv

This book contains seven chapters as follows: • Chapter 1 introduces the readers to data governance and other data management functions in a concise fashion as these have been discussed in great detail in the second book of the series—Data Governance and Data Management. This chapter also presents the evolution of the data management discipline, the business drivers for data governance, data governance benefits, and the key factors necessary for the success of a DG program very briefly. • Chapter 2 explores the data governance failures, perceptions, and challenges in the implementation of data governance and the factors essential for data governance success. • Chapter 3 covers data governance readiness, data governance maturity assessment, strategy in general, data strategy, data governance strategy, data governance business case, the data governance roadmap, and the role of the chief data officer in data governance implementation. • Chapter 4 discusses data governance maturity and several data governance maturity models, which practitioners can use as a guiding framework to baseline their organization’s data governance maturity and set goals to move up the data governance maturity curve. • Chapter 5 explains the data governance framework, data governance organizational structures, policies and processes, data ownership, data stewardship, and the different data governance operating models. • Chapter 6 discusses the characteristics of a good data governance metric, data governance metrics categories, guidance on choosing and documenting metrics, and some examples of data governance metrics for practitioners to choose from, to track their data governance program. • Chapter 7 discusses data governance as a key success factor and the various aspects of data governance success in a nutshell. In case you have any questions or want to share your feedback about the book, please feel free to email me at [email protected]. Alternatively, you can contact me on LinkedIn at—https://www.linkedin.com/in/rupa-mahanti-62627915. Strathfield, Australia May 2020

Rupa Mahanti

Acknowledgments

Writing this book was an enriching experience and has given me great pleasure and satisfaction but has been more time consuming and challenging than I thought. I owe a debt of gratitude to many people who have directly or indirectly helped me on my data governance journey. I am extremely grateful to the many leaders in the field of data governance and related fields who have taken the time to write articles and/or books so that I and many others could gain knowledge. The bibliography in one or more books in the data governance book series shows the extent of my appreciation to those who have made that effort; special thanks to Anne-Marie Smith, Boris Otto, Chisolm Malcolm, Carlo Batini, Dan Myers, Dan Power, Dannette McGilvray, David Loshin, David Plotkin, Doug Laney, Dylan Jones, Evan Levy, George Firican, Gwen Thomas, Hubert Österle, John Ladley, John Talburt, Jill Dyché, Kelle O’Neal, Larissa Moss, Larry P. English, Laura Sebastian-Coleman, Lowell Fryman, Majid Abai, Monica Scannapieco, Neera Bhansali, Nicola Askham, Peter Aiken, Philip Russom, Prashanth H. Southekal, Robert F. Smallwood, Robert Seiner, Richard Wang, Sid Adelman, Steve Sarsfield, Sunil Soares, Thomas C. Redman, Todd Harbour, Tony Fisher, Wayne Eckerson, and Yinle Zhou. I had quite a few questions in relation to book publishing, and I am extremely grateful to Bill Hefley, Jill Dyché, Karl Wiegers, Laura Sebastian-Coleman, Nicole Radziwill, Sandeep Nagar, and Victor Squires for answering some of them. Many thanks to Satish Gawade for helping me with understanding the terms of the book contract. Many thanks to Andres Perez, Christopher Butler, George Firican, Jill Dyché, John Talburt, John Zachman, Laura Sebastian-Coleman, Phil Watt, Shannon Fuller, Stan Rifkin, and Tony Epler for agreeing for an interview and sharing their unique perspectives. I would like to thank many clients and colleagues who have challenged and collaborated with me on so many initiatives over the years. I appreciate the opportunity to work with such high-quality people. I am very grateful to Springer for giving me an opportunity to publish this book. I am particularly thankful to Anushangi Weerakoon for her continued cooperation and support for this project. She was extremely patient and flexible in accommodating xvii

xviii

Acknowledgments

my requests. Her unique perspective and feedback made this book so much better. I would like to thank Bhagyalakkshme Sreenivasan and Saranya Kalidoss for making the production process smooth for me. Thanks to the Springer team for helping me make this book a reality. The Springer team made the process and the experience very easy and enjoyable. I am also thankful to the reviewers for their time and constructive feedback that helped improve the quality of this book. Many thanks to Jeannine Siviy for her feedback and helpful suggestions that helped make this a better book. I am grateful to my teachers at Sacred Heart Convent, DAV JVM, and Birla Institute of Technology, where I received the education that created opportunities that have led me where I am today. Thanks to all my English teachers and special thanks to Miss Amarjeet Singh because of whose efforts I have acquired good reading and writing skills. My years in Ph.D. research have played a key role in my career and personal development, and I owe a special thanks to my Ph.D. guides—Dr. Vandana Bhattacherjee, Late Dr. S. K. Mukherjee, and my teacher and mentor Dr. P. K. Mahanti who supported me during this period. Though miles way, Dr. Vandana Bhattacherjee and Dr. P.K. Mahanti still provide me with guidance and encouragement, and I will always be indebted to them. I am also thankful to my students whose questions have enabled me think more and find a better solution. Last but not least, many thanks to my parents for their unwavering support, encouragement, and optimism. They have been my rock throughout my life, even when they are not near me and hence share credit for every goal I achieve. Writing this book took most of my time outside of work hours. I would not have been able to write the manuscript without they being so supportive and encouraging. They were my inspiration and fueled my determination to finish this book.

About This Book

While good data is an enterprise asset, bad data is an enterprise liability. Data governance enables you to effectively and proactively manage data assets throughout the enterprise by providing guidance in the form of policies, standards, processes, and rules, and defining roles and responsibilities outlining who will do what, with respect to data. While implementing data governance is not rocket science, it is not a simple exercise. There is a lot confusion around what data governance is and a lot of challenges in the implementation of data governance. Data governance is not a project or a one-off exercise, but a journey that involves a significant amount of effort, time, investment, and cultural change, and a number of factors need to be taken into consideration to achieve and sustain data governance success. Data Governance Success: Growing and Sustaining Data Governance is the third and final book in the data governance series entitled—Data Governance: The Way Forward and discusses the following: • Data governance perceptions and challenges • Key considerations when implementing data governance to achieve and sustain success • Strategy and data governance • Different data governance maturity frameworks • Data governance—people and process elements • Data governance metrics. This book shares the combined knowledge related to data and data governance that the author has gained over the years of working in different industrial and research programs and projects associated with data, processes, and technologies, and unique perspectives of thought leaders and data experts through interviews conducted. This book will be highly beneficial for IT students, academicians, information management, and business professionals and researchers to enhance their knowledge to support and succeed in data governance implementations. This book is technology agnostic and contains a balance of concepts and examples and illustrations making it easy for the readers to understand and relate to their own specific data projects.

xix

Contents

1 Data Governance Journey—Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 1.1 Data Governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.2 Data Management Discipline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3 Data and Its Governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

1 1 1 3 4

2 Data Governance Challenges and Dynamics . . . . . . . . . . . . . . . . . . . . . . 2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.2 Data Governance Failures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3 Data Governance—Perceptions and Challenges . . . . . . . . . . . . . . . . 2.3.1 Vastness and Complexity of the Data Landscape . . . . . . . . 2.3.2 Data and Data Governance not Priorities . . . . . . . . . . . . . . 2.3.3 Individuals Needed on Data Governance are in High Demand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3.4 Collaboration Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3.5 Data Governance Connotations . . . . . . . . . . . . . . . . . . . . . . 2.3.6 Executive Buy-in and Lack of Executive and Organizational Support . . . . . . . . . . . . . . . . . . . . . . . . . 2.3.7 Costs and Budgets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3.8 Organizational Culture, Politics, and Conflicts . . . . . . . . . 2.3.9 Restrictive Nature of Data Governance . . . . . . . . . . . . . . . . 2.3.10 Data Governance Perceptions and Misunderstandings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.4 Key Factors for Ensuring Data Governance Success . . . . . . . . . . . . 2.4.1 Leadership and Management . . . . . . . . . . . . . . . . . . . . . . . . 2.4.2 Strategy and Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.4.3 Organizational Change Management (OCM) . . . . . . . . . . . 2.5 Data Governance Program—Do’s, Don’ts, Tips, and Lessons Learnt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.5.1 Tailor Data Governance to your Organization—“One Size Does not Fit All” Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

5 5 7 9 10 13 14 14 16 18 18 19 21 21 28 30 33 41 53

53 xxi

xxii

Contents

2.5.2 2.5.3

Adopt a Non-invasive and Non-disruptive Approach . . . . Accept That the Data Governance Journey will be Difficult . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.5.4 Establish a Strong Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.5.5 Identification of Areas for Proof of Concept (POC) . . . . . 2.5.6 Get Some Quick and Meaningful Wins . . . . . . . . . . . . . . . . 2.5.7 Share Lessons Learnt and Success Stories . . . . . . . . . . . . . 2.5.8 Keep It as Clear and Consumable as you Can . . . . . . . . . . 2.5.9 Have a Clear Focus and Stay Focused . . . . . . . . . . . . . . . . . 2.5.10 Have the Right Candidates for the Data Governing Body . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.5.11 Strike the Right Balance Between Opposing Goals . . . . . . 2.5.12 Understand the Data Governance Scope First and Then Form the Data Governance Body . . . . . . . . . . . . 2.5.13 Plan for Longevity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.5.14 Incentivize Participation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.5.15 Do a Data Governance Program Health Check . . . . . . . . . 2.5.16 Do not Design Data Governance Without Integrating the Key Decision-making Bodies and Other Data Initiatives in your Organization . . . . . . . . . 2.5.17 Avoid Establishing Big Committees . . . . . . . . . . . . . . . . . . 2.5.18 Do not Take the Tick Box Approach to Satisfy the Regulators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.6 Concluding Thoughts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

55

61 62 63

3 Strategy and Data Governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.2 Are You Ready for Data Governance? . . . . . . . . . . . . . . . . . . . . . . . . 3.3 Data Governance Maturity Assessment . . . . . . . . . . . . . . . . . . . . . . . 3.4 Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.5 Corporate Strategy, Data Strategy, and Data Governance . . . . . . . . 3.6 Data Governance Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.7 Building a Business Case for Data Governance . . . . . . . . . . . . . . . . 3.8 Data Governance Roadmap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.9 Data Governance Pilot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.9.1 Critical Data Domains and Data Sets . . . . . . . . . . . . . . . . . 3.9.2 The Data Function or Data Initiative . . . . . . . . . . . . . . . . . . 3.10 Role of the Chief Data Officer in Data Governance . . . . . . . . . . . . . 3.11 Concluding Thoughts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

67 67 69 70 72 75 79 81 87 88 88 90 91 95 96

55 56 56 56 57 57 58 58 58 59 59 59 60

60 61

Contents

xxiii

4 Data Governance Maturity Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.2 Data Governance Maturity Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.3 Data Governance Maturity Model Metamodel . . . . . . . . . . . . . . . . . 4.4 Data Governance Maturity Models by Different Industry Practitioners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4.1 Kalido . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4.2 DataFlux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4.3 Microsoft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4.4 Informatica . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4.5 Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4.6 IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.5 Data Governance Maturity Model Proposal . . . . . . . . . . . . . . . . . . . 4.6 Data Governance Maturity Assessment . . . . . . . . . . . . . . . . . . . . . . . 4.7 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

99 99 100 102

5 Data Governance Components and Framework . . . . . . . . . . . . . . . . . . . 5.1 Data Governance—People, Process, and Tools and Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2 Data Governance Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.3 Data Governance Components—Broad Categories . . . . . . . . . . . . . 5.4 Data Governance—The People Component . . . . . . . . . . . . . . . . . . . 5.4.1 Data Governance Organization Structures, Roles, Responsibilities, and Operating Rhythms . . . . . . . . . . . . . . 5.4.2 Data Ownership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.4.3 Data Stewards and Data Stewardship . . . . . . . . . . . . . . . . . 5.4.4 Data Stewardship Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5 Data Governance—The Process Component . . . . . . . . . . . . . . . . . . . 5.5.1 Data Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5.2 Data Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5.3 Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5.4 Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5.5 Rules and Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.6 Data Governance—The Tools and Technology Component . . . . . . 5.7 Data Governance Operating Models . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7.1 Top Down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7.2 Centralized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7.3 Decentralized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7.4 Hybrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7.5 Federated . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.7.6 Crowdsourced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.8 Concluding Thoughts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

127

104 104 106 108 113 115 116 117 119 124 126

127 131 133 133 137 140 142 144 149 149 149 155 156 159 159 160 161 161 163 163 163 164 164 165

xxiv

Contents

6 Data Governance—Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.1 Data Governance Metrics—Introduction . . . . . . . . . . . . . . . . . . . . . . 6.2 Desired Characteristics of Data Governance Metrics . . . . . . . . . . . . 6.3 Data Governance Metrics—Health Check . . . . . . . . . . . . . . . . . . . . . 6.4 Data Governance Metrics—Don’ts . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.5 Data Governance Metrics Identification and Selection . . . . . . . . . . 6.6 Data Governance Metrics—Categories and Examples . . . . . . . . . . . 6.6.1 Quantitative and Qualitative Metrics . . . . . . . . . . . . . . . . . . 6.6.2 Progress, Verification, and Impact/Value Metrics . . . . . . . 6.6.3 People, Process, Technology, and Data Metrics . . . . . . . . . 6.6.4 Efficiency, Enablement, and Enforcement Metrics . . . . . . 6.7 Data Governance Metric Documentation . . . . . . . . . . . . . . . . . . . . . . 6.8 Dashboard and Scorecards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.9 Concluding Thoughts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

167 167 169 174 174 174 179 179 181 183 188 191 191 194 195

7 Data Governance Success—Concluding Thoughts and the Way Forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.1 Data Governance—A Success Factor . . . . . . . . . . . . . . . . . . . . . . . . . 7.2 Data Governance in a Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7.3 Evaluating Data Governance—The Journey Ahead . . . . . . . . . . . . . References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

197 197 198 200 201

Appendix A: Glossary of Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Appendix B: Data Governance—Perceptions Versus Realities . . . . . . . . . 205 Appendix C: Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211

About the Author

Rupa Mahanti, Ph.D. is a Business and Information Management consultant with extensive and diversified consulting experience in different solution environments, industry sectors, and geographies (USA, UK, India, and Australia). She has expertise in different information management disciplines, business process improvement, regulatory reporting, and more. Her research interests include quality management, information management, software engineering, empirical study, environmental management, simulation and modeling, and more. With a work experience that spans industry, academics, and research, she has guided a doctoral dissertation, published a large number of research articles, and is the author of the books—Data Quality: Dimensions, Measurement, Strategy, Management, and Governance, Data Governance and Compliance: Evolving to our Current High Stakes Environment, Data Governance and Data Management: Contextualizing Data Governance Drivers, Technologies, and Tools, and Thoughts: A Collection of Inspirational Quotes. She is an associate editor with the journal Software Quality Professional and a reviewer for several international journals.

xxv

Acronyms and Abbreviations

BI CDE CDO CEO CFO CIO CMM CMO CRM CRO DBA DBMS DCAM DDGO DG DGF DGI DGO DGPC DQ DW EDGO EDM ERP FAST GQM IAM IT MDM PII POC

Business intelligence Critical data element Chief data officer Chief executive officer Chief financial officer Chief information officer Capability Maturity Model Chief management officer Customer relationship management Chief risk officer Database administrator Database management system Data Management Capability Assessment Model Departmental Data Governance Office Data governance Data governance framework Data Governance Institute Data Governance Office Data Governance for Privacy, Confidentiality, and Compliance Data quality Data warehouse Enterprise Data Governance Office Enterprise data management Enterprise resource planning Function Analysis Systems Technique Goal Question Metric Identity access management Information technology Master data management Personally Identifiable information Proof of concept xxvii

xxviii

RACI ROI SCM SLA SME SSN

Acronyms and Abbreviations

Responsible, Accountable, Consulted, Informed Return on investment Supply chain management Service level agreement Subject matter expert Social Security Number

List of Figures

Fig. 1.1 Fig. 2.1 Fig. 2.2 Fig. 2.3 Fig. 2.4 Fig. 2.5 Fig. 2.6 Fig. 2.7 Fig. 2.8 Fig. 2.9 Fig. 2.10 Fig. 3.1 Fig. 3.2 Fig. 3.3 Fig. 3.4 Fig. 3.5 Fig. 3.6 Fig. 3.7 Fig. 3.8 Fig. 3.9 Fig. 4.1 Fig. 4.2 Fig. 5.1 Fig. 5.2 Fig. 5.3 Fig. 5.4 Fig. 5.5

Data governance tying together the data management functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance—questions to ponder . . . . . . . . . . . . . . . . . . . . . Journey of data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance challenges and barriers . . . . . . . . . . . . . . . . . . . . Countless data stores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DG perceptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance key factors model . . . . . . . . . . . . . . . . . . . . . . . . Data governance training and education-planning . . . . . . . . . . . . Factors influencing DG education and training requirements . . . Elements of a data governance communication plan . . . . . . . . . . Elements to be considered when tailoring data governance . . . . . Data governance readiness—warning signs . . . . . . . . . . . . . . . . . Gap analysis between as-is state, to-be state, and factors to consider . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Corporate strategy, data strategy, and data governance . . . . . . . . Data governance strategy—the five Ws and how . . . . . . . . . . . . . Data governance strategy, data strategy, and corporate strategy alignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DG business case-building blocks . . . . . . . . . . . . . . . . . . . . . . . . . Critical data domains, data sets, and data elements . . . . . . . . . . . Data management functions/initiatives and critical data . . . . . . . Data governance tying together the data management functions and initiatives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Maturity model structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Capability maturity model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Interacting components of data governance—high level . . . . . . . People, process, and technology components impacts . . . . . . . . . Typical trajectory of data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance—interaction of the people, process, and technology components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DG functional titles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

2 6 10 11 12 23 29 46 48 51 54 71 73 76 80 80 83 89 90 92 101 103 128 129 130 134 135 xxix

xxx

Fig. 5.6 Fig. 5.7 Fig. 5.8 Fig. 5.9 Fig. 5.10 Fig. 5.11 Fig. 5.12 Fig. 6.1 Fig. 6.2 Fig. 6.3 Fig. 6.4 Fig. 6.5 Fig. 6.6 Fig. 6.7 Fig. 6.8 Fig. 6.9 Fig. 6.10 Fig. 6.11 Fig. 7.1

List of Figures

DG program structures and bodies . . . . . . . . . . . . . . . . . . . . . . . . . Data stewardship models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Types of data stewards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Characteristics of data policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data policy sections/components . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance process stages . . . . . . . . . . . . . . . . . . . . . . . . . . . DG operating models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance questions to which metrics can provide answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Desirable characteristics of data governance metrics . . . . . . . . . . Data governance metric measurement—high level steps . . . . . . . Maintenance of data governance metrics . . . . . . . . . . . . . . . . . . . . Considerations when choosing data governance metrics . . . . . . . Data governance metric categorization . . . . . . . . . . . . . . . . . . . . . Data governance quantitative and qualitative metrics with examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance progress, verification, and impact/value metrics with example metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance metrics—people, process, technology, and data with example metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance metrics—efficiency, enablement, and enforcement metrics with example metrics . . . . . . . . . . . . . . Dashboard platform options. Adapted from Rajan and Hertzler (2017) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance in a page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

138 145 148 151 152 158 162 170 171 176 177 178 179 180 181 184 189 193 199

List of Tables

Table 2.1 Table 4.1 Table 4.2 Table 4.3 Table 4.4 Table 4.5 Table 5.1 Table 6.1 Table 6.2 Table 6.3 Table 6.4 Table B.1

Data governance communication plan template and example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance maturity models—practitioners, maturity levels, and subject areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance dimensions and descriptions with respect to maturity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance dimensions and maturity levels . . . . . . . . . . . . Table format for recording the current and future state for data governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sample table for recording the current and future state for data governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Definitions of data governance framework (DGF) . . . . . . . . . . . Quantitative and qualitative metrics—comparison . . . . . . . . . . . Data quality dimensions and metrics examples . . . . . . . . . . . . . . Business outcome related to data quality metrics . . . . . . . . . . . . Data governance metric documentation elements and description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Data governance perceptions versus the realities . . . . . . . . . . . . .

52 105 120 123 124 124 132 181 187 188 192 206

xxxi

Chapter 1

Data Governance Journey—Introduction

Success is a journey, not a destination. The doing is often more important, than the outcome. —Arthur Ashe

Abstract This chapter introduces to the audience data governance and other data management functions in a concise fashion as these have been discussed in great detail in the second book of the series- Data Governance and Data Management. This chapter also presents the evolution of the data management discipline, the business drivers for data governance, data governance benefits and the key factors necessary for success of a DG program very briefly.

1.1 Data Governance Data governance is the exercise and enforcement of policies, processes, guidelines, rules, standards, metrics, controls, decision rights, roles, responsibilities, and accountabilities to manage data as a strategic enterprise asset. Data governance should not be confused with the technical management of data.

1.2 Data Management Discipline With enterprises capturing and storing exponential volumes of data, data needs to be given priority and there needs to be adequate management around the data to derive the best value. Data management is no longer a simple discipline that existed in the early days of computing, when data management was all about inputting values through punch cards and storing data in magnetic tapes. As we saw in Book 2—Data Governance and Data Management, in the present age of computing, data management is a multifaceted discipline comprising of several closely interacting sub-disciplines or functions, with data governance being one of © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4_1

1

2

1 Data Governance Journey—Introduction

the core functions tying together all the other data management functions as shown in Fig. 1.1. As shown in the figure, there are different types of data—master data, reference data, transactional data, big data, and content and records. These data need to be managed and there are different disciplines such as master data management to manage master data and create a single version of truth; reference data management to manage reference data; data lakes to store and manage big data; and document and content management systems to manage document and content. Metadata is data about data and provides context around data with metadata management being one of core data management discplines. As data needs to be processed and stored, data storage and operations is the discipline that deals with storage of data. The data needs to be modeled, linkages need to be established, and data flows need to be established, before storage of data in repositories (for example in databases) and data architecture and modeling are the corresponding data management disciplines. Data from multiple heterogeneous sources need to be integrated and data integration is the data management discipline that deals with the same. Data warehousing and master data management are special cases of data integration. Data may need to be migrated from one platform or data structure to another structure. This process is known as

Fig. 1.1 Data governance tying together the data management functions

1.2 Data Management Discipline

3

data migration. Data can be analyzed for decision making purposes, forecasting and studying trends and data analytics is a data management initiative that deals with this.

1.3 Data and Its Governance In today’s rapidly changing digital world, with data growing out of proportions, with new regulations coming into picture and existing regulations being revised and having an impact on data, and good data being a key differentiator for organizations to gain competitive advantage and stay ahead in market, robust data governance is not optional, but an essential. Data governance empowers and facilitates good behavior with respect to data and restricts behavior that creates risks with regard to data. There are several business drivers and use cases of data governance including compliance, reputation management, improving customer satisfaction, better decision making, improving data quality, data security, data privacy, data analytics, big data, improving operational efficiency, revenue growth, mergers and acquisitions (M&A), and partnering and outsourcing. Generally any organization that captures, manages, and uses data has some form of data governance in place. While all organizations have some form of governance for individual applications or business units, the data practices lack sufficient breadth, depth or alignment of a formal governance program, instead allowing individuals, departments or business units to make their own rules and standards (Tucci 2010). Conversely, formal data governance structures are characterized by established policies, processes, guidelines, practices, and defined data roles, responsibilities and accountabilities for specific staff across the organization. As data, industry, technologies, and compliance are evolving, data governance is becoming even more crucial in the corporate world. The adoption of data governance is faster in regulated industries with compliance being one of the key business drivers. However, even for non-regulated industries, the benefits surpass the cost of establishing data governance in the organization. Data is the lifeblood of an organization and hence needs to be managed with care. Effective data management needs sound data governance. Effective data governance implementation has several benefits, namely, common understanding of data, increased collaboration, zeroing in on data location, improved data quality, increased confidence in data, improved brand protection, improved decision making, competitive advantage, improved data management, improved data security, improved compliance, improved risk mitigation, cost savings, increased revenue, support impact analysis, and business and IT partnership. However, data governance is fraught with challenges and false notions, and several factors play a role in the successful implementation of data governance. These factors include leadership and management support, commitment and alignment, change management and cultural change, executive sponsorship, stakeholder engagement and management, strategy and business case, skill sets, knowledge, and abilities,

4

1 Data Governance Journey—Introduction

education and training, communication and collaboration, data governance tools and technology, data governance framework and operating models, data governance metrics, and incremental approach to data governance. In this book, we discuss the failure statistics, myths, perceptions, and challenges in the implementation of data governance, and the crucial factors necessary for the success of a data governance program.

Reference Tucci L (2010) Why you need a formal data governance program, and how to get started. TechTarget. http://searchcio.techtarget.com/news/1517117/Why-you-need-a-formal-data-gov ernance-program-and-how-to-get-started. Accessed on 31 Mar 2018

Chapter 2

Data Governance Challenges and Dynamics

Before anything else, preparation is the key to success. —Alexander Graham Bell I see only my objective – the obstacles must give way. —Napoleon Bonaparte

Abstract Implementing data governance is not rocket science. However, it does involve a significant amount of effort, time, investment, and cultural change. Data governance is an ongoing endeavor and has several angles to it. Hence, implementing and sustaining the initiative can be challenging and time consuming. Data governance implementation in organizations is fraught with challenges and perceptions. It is important to understand the data governance perceptions, the barriers and challenges faced in the implementation of data governance programs, and the factors critical to ensure its success. This chapter discusses the data governance failure statistics and reasons. Challenges, perceptions, key factors and some do’s and don’ts of data governance, tips and lessons learnt to help organizations to avoid some common failure traps and be successful in the implementation of data governance are also discussed in this chapter. Some of the key factors will be discussed in greater detail in the subsequent chapters.

2.1 Introduction Many organizations, especially highly regulated ones like healthcare, life sciences, and financial institutions recognize that implementing effective data governance is critical to meeting the increasing demand for high quality data, which is needed to improve operational efficiency, strategic decision making, and meeting various regulatory and compliance mandates and requirements. However, attaining success in implementing an effective data governance program is easier said than done. Here are some of the questions that come in mind when it comes to data governance (also shown in Fig. 2.1):

© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4_2

5

Fig. 2.1 Data governance—questions to ponder

What are the data governance critical success factors?

What are barriers to achieving data governance?

?

?

?

?

? ? ?

?

?

?

?

?

?

?

?

What are the various misconceptions and myths around data governance?

?

Why is data governance challenging?

?

?

?

?

?

?

What are the DOs and DON'Ts of data governance

What are the indicators that your data governance program is dying?

Why do data governance programs fail?

6 2 Data Governance Challenges and Dynamics

2.1 Introduction

7

• What is it that makes data governance so challenging? • What are the various data governance perceptions and myths that mislead practitioners? • Why do data governance programs fail? • What are the traps to avoid? • What are the indicators that your data governance program is dying? • What are the elements that play a crucial role in achieving success in data governance efforts? • What are the do’s and don’ts of data governance? These are some of the questions that we address in this chapter, so that you can make the right choices when implementing data governance in your organization. Data governance is not a destination or a one-time effort, but a journey, which requires a structure and formal process tailored to an organization, to oversee the management of data. This is because once you have embarked on your data governance journey, you need processes, people, and controls to sustain it. Implementing data governance in organizations is fraught with challenges. It is important to understand the various data governance perceptions, barriers, and challenges that are likely to arise during the implementation of data governance programs, and also the factors critical to ensure its success. In order to ensure successful data governance implementation in organizations, it is important to understand the underlying factors that influence data governance. In order for the data strategy to be successfully implemented in an organization, knowledge of the key factors that help building and sustaining an effective data governance program is desirable. In the context of a data governance initiative, the key factors represent the essential elements without which a data governance initiative flounders. This chapter explores the reasons behind data governance failures, the perceptions and challenges in the implementation of data governance, and the factors necessary for the success of a data governance program.

2.2 Data Governance Failures It’s fine to celebrate success but it is more important to heed the lessons of failure. —Bill Gates

Why do data governance programs fail? There are various reasons and situations that lead to or increase the probability of the failure of a data governance program, or may cause the initiative to struggle. First, let’s consider some statistics: • As per Gartner’s prediction in 2006, 90% of organizations would fail in their initial efforts toward data governance (Correia 2015). • Symantec’s 2014 information governance survey revealed that while 74% of the respondents had a formal, enterprise-wide governance strategy, just 20% of them said that their strategy was very effective (Correia 2015).

8

2 Data Governance Challenges and Dynamics

• As per a survey conducted by Amitech, more than 60% of the insurance plans have either formal data governance programs in place or in the works. However, 50% of new data governance programs fail to deliver (Amitech). Data governance is an enterprise wide initiative that requires sustained executive sponsorship and senior management commitment. Without a senior level sponsor to act as a champion for data governance and provide continuous funding, an initiative as broad reaching as data governance, is bound to fail. There is no standard well defined and universally agreed definition of data governance (SAS). This often results in misinterpretation as to what data governance actually is. Data governance is often incorrectly viewed as a one-off project or as an academic exercise (SAS). As outlined by Christopher Butler, Chief Data Officer, HSBC, UK, the focus is on data governance as a standalone objective without considering the broader business objectives and how strongly data governance can support these (Mahanti 2021a). Data governance objectives not being aligned to the organization’s strategic objectives will cause a data governance initiative to fail. Data governance is a crossfunctional program that requires buy-in and consensus on policies from different business stakeholders at different levels. The lack of buy-in from key stakeholders can result in data governance programs to be thwarted right in the very beginning. Difficulty in getting consensus on governance policies from various business units/departments in the organization can considerably slow down the program. The data governance program is not well understood, and the resourcing, effort, and time required for implementing and sustaining data governance is often underestimated leading to its failure. An absence of skilled resources or a lack of sufficient resources can be detrimental to the implementation of data governance. As per Nancy Couture, wrong timing of data governance activities is another reason for DG failure. Some examples are (Couture 2018): • Getting the DG stakeholders involved too soon without anything for them to actually do. • Providing stakeholders with a role without any training. • Installing data governance tools without processes and workflows designed. • Moving ahead with data governance without a charter, scope, objectives, strategy, roadmap or a supporting data governance office to ensure progress. • Not publishing training and communications in relation to DG. Data governance requires a good understanding of the data including, what the data means, what is it used for, where is the data located, and what will be the implications if the data is not correct. All these questions can be answered by the subject matter experts who are also extremely busy people and have other priorities. Failing to secure their time for the data governance initiative can significantly slow down the initiative. Organizations have a lot of data, but not all data are equally important, and hence not all data are of use when implementing data governance. Failure to focus on the “data that really matters” (Turner 2016) or critical data will result in the data

2.2 Data Governance Failures

9

governance program to fail sooner or later, as the organizations will not realize business benefits. There is no single, right way to do data governance, and that’s one of the reasons it can be difficult to be successful and to make data governance stick (Couture 2018). Every organization has its unique culture, structures, and hierarchies, and failing to take these factors into account when designing a data governance program will result in the failure of the program. Not having the right data governance framework and model can also result in the collapse of the program. Data is an enterprise asset, which is stored in data repositories, which are technically managed by the IT teams in an organization. This results in misplacing the accountability of the data solely with IT. Business users tend to look upon data as an IT related issue. Often, the business users and IT teams find it difficult to collaborate on data issues (SAS). IT is not in position to outline the business rules related to the data—the business users are the subject matter experts and the right people to define the rules, while the IT teams are the right people to technically implement the rules. Governance must encompass each and everybody who uses data across (and beyond) in an organization and any mismatch will result in its failure (Turner 2016).

2.3 Data Governance—Perceptions and Challenges Organizations struggle to implement data governance and face numerous challenges, that either prevent the program from starting in the first place or results in derailing the program at a later stage. With organizations having several data producers/publishers, large number of heterogeneous data sources, multiple data consumers for the same data, countless data touchpoints, data residing in silos in multiple systems, and huge volumes of data travelling through multiple systems and being massaged and transformed in so many ways from source to target systems, an organization’s data landscape is quite complex, and data tends to feel more like a corporate liability rather than a strategic enterprise asset, and governing the same seems an uphill battle. See Fig. 2.2. Dr. Stan Rifkin, Director of R&D, Master Systems Inc. in his interview tells us that (Mahanti 2021a): ...one of the greatest challenges to successful data governance is inherent in its questions: who owns each datum, how is each one validated, and who is responsible for each transformation and use? These are difficult questions and few organizations have the patience to thoughtfully answer them. So, data governance is stuck – and ignored…

In this section, we discuss some obstacles and challenges (summarized in Fig. 2.3) that organizations face when trying to implement data governance.

10

2 Data Governance Challenges and Dynamics

Supply Chain Management System

CRM

Data warehouse

Nomenclature - Touchpoints

- User - DataMart

- Source System

- IT Application/ Systems

- Legacy System

- Data flowing between systems

- Manual Report

- System Generated Report

Fig. 2.2 Journey of data

2.3.1 Vastness and Complexity of the Data Landscape With the large number of data sources, data repositories, data elements, and large volumes of data (See Fig. 2.4), an organization’s data landscape is massive and complex, and therefore overwhelming in terms of where to start, and how to approach data governance. It is important to have a high level understanding of your organization’s data landscape—the data your organization holds and how the data is managed, the data flows across the systems, the important applications and systems including sources

Fig. 2.3 Data governance challenges and barriers

Cost and budget

Lack of executive & organizational support

Executive buy-in

Resistance to change and change obstacles

Organizational politics

Organizational conflicts

Restrictive nature of DG

DG perceptions & misunderstandings

DG challenges

Vastness & complexity of the data landscape

DG has a bad reputation

Data governance semantics

Incomplete understanding of the term – data governance

Individuals needed on DG are extremely busy

Bringing IT & business teams together

Linguistic barriers

Data & data governance not priorities

2.3 Data Governance—Perceptions and Challenges 11

Fig. 2.4 Countless data stores

Web server logs

Asset database

MarkeƟng database

Finance database

Performance data spreadsheet

Billing database

Data warehouse

Customer relaƟonship management (CRM)

Enterprise relaƟonship planning (ERP)

XML file

ApplicaƟon logs

Customer database

Sales database

Order database

Employee database

Product database

Legacy systems

Messaging queues

Supplier database

Order transacƟon

Financial report spreadsheet

MarkeƟng datamart

HR datamart

Employee datamart

Customer datamart

12 2 Data Governance Challenges and Dynamics

2.3 Data Governance—Perceptions and Challenges

13

and target systems, and the relationship between the data and systems, before you start data governance. The conceptual data models should be a good place to start gaining a high-level understanding and then proceeding to the next levels (logical data models and physical data models), ironing out the details as needed. The details can be found in logical and physical data models, file definitions, documentation, and source to target data mapping documents. If you are a business user, you would need the help of the technology experts (data modelers or data analysts) to understand how data is stored. Technical business analyst is a new role that has emerged to bridge the gap between the business users and developers. Understanding your organization’s data landscape will enable you to understand the root cause of the organizational data issues, chalk out the impacts, and design data governance effectively. Proceeding with data governance without understanding the data landscape will result in addressing the data problem symptoms rather than the root cause, and could result in negative impacts, as data usage is not fully understood. This will in turn result in your data governance initiative getting a bad name. Not all datasets and data elements in an organization have the same business value, with some being more critical than others. However, this is often overlooked when collecting and storing data. In addition, some data sets contain only current data, while others contain a full history of data. So there are lots of data at varying levels of importance, which organizations find challenging to govern. This challenge can be overcome by identifying the critical data elements and prioritizing the business value of the data sets to able to determine the rigour with which, data needs to be governed, and the right governance requirements around the data. A common governance mistake is to assume that all important data reside in enterprise’s transactional “systems of record” and business intelligence systems such as data warehouse and master data repository, hence, focus only on these systems. Often, critical data are located in “data shadow systems” dispersed throughout an organization and hence, needs to be taken into consideration from a data governance perspective (Sherman 2011).

2.3.2 Data and Data Governance not Priorities The importance of data and the business value, that data can provide to the organization, are not understood by stakeholders including business executives. Hence, data governance is often not viewed as a priority. Organizations tend to have a prevailing culture where intuition is valued rather than data. Such a culture is detrimental for any data initiative including data governance. It is imperative that stakeholders understand the value of data, and view data as a strategic enterprise asset that can provide competitive edge, and understand and support the rationale for implementing data governance.

14

2 Data Governance Challenges and Dynamics

2.3.3 Individuals Needed on Data Governance are in High Demand To be successful, a data governance program requires time and input from business users and subject matter experts (SMEs), who have in-depth understanding of the data and key managers who can make operational changes happen. They are suitable to play the role of data stewards and are highly-sought after resources who often already have numerous high priority tasks assigned to them, so dedicating time for them to work on data governance would require demonstration that data governance is considered high priority. Therefore, it is important to first align the data governance initiative to the organizational priority and have a strong business case for data governance. This will provide justification for getting the required resources to spend time on the program. As the data governance program and the data steward role matures in the organization, the time allotted for data stewards would need to be protected so that they can spend it on ongoing data governance work such as revising data policies, proactive data quality management, maintaining and adapting data standards, and updating role-based access policies as things inevitably change.

2.3.4 Collaboration Challenges Data is an enterprise asset and data governance is an enterprise wide program that needs collaboration across the different business units and departments in an organization. However, a large number of groups work in siloed fashion in a complex diversified data environment across the organization, which results in challenges in collaboration in form of linguistic barriers and bringing IT and business teams together which are discussed in detail in the sections below:

2.3.4.1

Data Silos and Departmental Barriers

Most organizations have a complex data landscape with a lot of departmental databases and data silos, and hence, multiple versions of truth as well as multiple interpretations of truth exist. The individuals who manage and use data in these departments, have processes around the data to meet their own specific needs, and have their own interpretation of the data in terms of definitions and standards based on the context of use. In other words, each of these departments have developed a new language of their own, when it comes to data and the data silos, resulting in language barriers. For example, in a utilities company, the asset management, finance, supply chain, and marketing departments have data silos, and each of them speaks a different

2.3 Data Governance—Perceptions and Challenges

15

language in relation to the data they manage. However, data governance involves breaking these data silos so that data can be managed as a strategic enterprise asset. Breaking silos requires facilitating conversations between the different departments, which can be a challenge, as it requires breaking these language barriers. One way to deal with this challenge is to use an employee who has worked in multiple departments in his career, to be a facilitator to bridge the gaps, and enable effective collaboration required for data governance.

2.3.4.2

Getting Business and IT Teams Together

Successful and sustained data governance implementation in an organization requires a strong partnership and collaboration between business and information technology (IT), with the business being the driver and IT playing a supporting role. However, in most organizations, there is no clear understanding around data governance between the IT and business leads. In addition, there is a lot of confusion around “who is in charge of data governance?” The business feels that IT should be responsible for data governance, whereas IT feels that data governance should sit with the business. It is not productive to put the IT department solely in charge of data governance. While IT is responsible for the infrastructure surrounding data including security, storage, and back-up, and is responsible for transforming the data as per business rules, they have no way of ensuring on their own, that the content of the data is accurate or meets business requirements. This cannot be achieved without validation and active participation of the business. It is the business users who use the data, know the context and business requirements around the data—be it security requirements, formatting requirements, or quality requirements. Hence, they are best placed to provide the business requirements and specifications, which the IT then work with to translate into technical requirements, and use technology to deliver the data. However, most data governance programs revolve around the IT front, because that’s where all the data sits, but they fail to address critical business challenges. Dr. John Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners Inc. discusses the criticality of business involvement in DG success and shares his thoughts as follows (Mahanti 2021a): In my opinion, DG success or failure really depends on the involvement of the business side of the house. Organizations viewing DG as an IT program are doomed to failure in both DG and analytics efforts. The real opportunity with DG adoption is not only derived from more effective data management but what is just as important, is getting the business and IT engaged with each other. Even though data resides in IT systems, it is the business that uses data to create value. In a good DG program, the business defines “what” they want to happen with data and engage IT to help define “how” it will happen. I have seen an IT group breathe a sigh of relief when the business actually assumed this role. Many IT groups are overburdened with accountability for data they are not really using. Business should

16

2 Data Governance Challenges and Dynamics be accountable for data, IT for networks and systems, and DG is where they should find common ground.

In order to be successful, the IT and business departments of an organization need to work closely together and build a holistic plan for data governance that works best for the organization. As highlighted by Dan Power in his white paper, All the Ingredients for Success: Data Governance, Data Quality and Master Data Management, a partnership model in which the business leads data governance and IT works in a supporting role is a healthier model. However, a harmonious working relationship between business and IT, and some remedial “business / IT alignment” work to rebuild the partnership between the business and IT may be required to make this model work effectively (Power).

2.3.5 Data Governance Connotations There are a lot of connotations around the term data governance, ranging from disagreements over its meaning, arguments over its semantics, and bad reputation associated with it as follows:

2.3.5.1

Incomplete Understanding of the Term

One of the important challenges with data governance is that, no one can quite agree on, what exactly the term data governance means. There are no formal, industryaccepted definitions for the term. As a part of a survey conducted by erwin and UBM, respondents were presented with a set of different definitions for data governance. As per the survey results report, 67% describe data governance as understanding data flows across the organization, and 62% see data governance as building policies that govern the organization around data. According to 59% of the respondents, data governance is understanding of deployed data; 57% said it is a framework of people and processes with responsibility for data, and 42% said data governance is about building a glossary of data standards. 22% percent said data governance enables business intelligence self-service. The responses reflect the wide range of opinions on what data governance is all about, and hint at the problems that many organizations have in implementing it (Erwin 2017).

2.3.5.2

Data Governance Semantics

Some people vehemently argue over semantics as to whether the function should be called data governance or information governance. These semantic arguments can result in wasting valuable time arguing, and thus preventing from making progress,

2.3 Data Governance—Perceptions and Challenges

17

cause ‘storming’ when you need the data governance team to be ‘norming’ and ‘performing’ (Edwards 2016). It is important for discussions to revolve around the problem statement, the scope, and the core functions that your data governance program needs to provide, instead of focusing on the semantics. Also, see Sect. 2.3.5.3 about naming the program something, that doesn’t include ‘data governance’ in the name.

2.3.5.3

Data Governance Has a Bad Reputation

Data governance has a lot of negative connotations. It raises fears of red tape and long boring meetings (Edwards 2016). Despite the real value that data governance provides, some organizations are reluctant to implement data governance because of past failures or bad experiences. Some organizations have tried their hand at data governance before, and have spent a lot of time in meetings, and maintaining spreadsheets with no visible results. These organizations suffer from the “Once bitten, twice shy” syndrome. As pointed out by Ashish Haruray, in his LinkedIn article, Why Failed Data Governance Experience Is Valuable! “Everyone likes success stories but unfortunately failures don’t get the press they usually deserve. There’s as much to learn from the failures, if not more. (Haruray 2017)” It is important to have retrospective session with all stakeholders to understand what went well, what went wrong, and what and how things could have been improved to chalk out the do’s and don’ts, and use the lessons learnt to design a strategy to implement data governance. It is important to plan how you approach data governance by looking at the challenges that only data governance can solve, and a feasible strategy for solving them instead of pushing the data governance agenda. If using the term data governance creates roadblocks or unnecessary resistance, it is advisable to create a program name around the outcomes that is desired from implementing data governance, or just talk about the desired outcomes. For example, if the challenge is to locate data in a data warehouse, know its lineage and who owns the data, a data governance program should be implemented with the help of a data catalog which will have details of what data is in the data warehouse, what it means and who owns it, and its lineage, thus making it easy to find, understand, and trust the data. Since data governance has a bad vibe, it is better to talk about implementing the data catalog rather than talking about data governance upfront. For example, if the goal of data governance is to achieve improved data quality, you might name the initiative as a “Data Quality Program” to get better buy-in and support.

18

2 Data Governance Challenges and Dynamics

2.3.6 Executive Buy-in and Lack of Executive and Organizational Support Any enterprise wide initiative needs clearance from the executive level and data governance is no different. Getting executive buy-in can be challenging, as the senior management is often occupied with bigger problems, and can fail to see the value of data governance. Having a clearly focused business case which talks about the specific benefits (and not generic benefits) of the data governance implementation will help get executive buy-in. This is because generic benefits are difficult to sell to senior management, who want to know how data governance will help them attain their strategic objectives. Also, it is important to have an executive sponsor who is well respected amongst the senior management, who has clout and politic influence to get buy in for the data governance program. The executive sponsor should be able to explain the business case for data governance with the right intensity, focus, and level of detail, so that data governance becomes an organizational priority. The role of the executive sponsor in the success of data governance program will be discussed under the “Key factors for ensuring data governance success” section in this chapter. Despite the enterprise-wide awareness of the importance of data governance, a troublingly large number of organizations continue to stumble because of a lack of executive support. In a survey conducted by erwin, 42% cited a lack of executive support, and 39% pointed to a broader lack of organizational support as obstacles to data governance (Erwin 2017).

2.3.7 Costs and Budgets Costs and budgets can be one of the major obstacles in the path of implementing data governance in the organization. In a survey conducted by erwin, when asked to identify the biggest obstacles to their data governance initiatives, 58% of respondents cited project costs as their top issue. A lot of that concern clearly is tied to budgets for data governance. For all the apparent enthusiasm around data governance, only 37% of the respondents had a separate budget for it. A startling 63% of respondents stated that either they didn’t have a budget or didn’t know if they had one (Erwin 2017). While business and other stakeholders might view data governance as an enterprise initiative, they appear somewhat reluctant to pay their share of the tab for it. While the business gets data governance at a high level, it is less clear on costs and the efforts required to implement it (Erwin 2017). The role of the executive sponsor in having budget allocated will be discussed under the “Key factors for ensuring data governance success” section in this chapter.

2.3 Data Governance—Perceptions and Challenges

19

2.3.8 Organizational Culture, Politics, and Conflicts Any enterprise-wide initiative which involves significant organizational changes will be fraught with resistance to change, organizational politics, and conflicts. Data governance being an enterprise wide initiative is no exception to the rule.

2.3.8.1

Resistance to Change and Change Obstacles

When asked about the biggest challenge that he had ever faced in a data governance implementation, this is what Shannon Fuller, Director of Governance Advisory Services, Gray Matter Analytics had to say (Mahanti 2021a) Cultural change is the biggest challenge. In many organizations, there is no culture of data ownership or active data management.

Data governance implementation necessitates changes on many different levels in an organization. As always, change is hard, and it is human nature to resist change. Change drives people out of their comfort zone, and can result in different reactions in people, from wariness to fear of loss of identity or power. This can reflect in a tendency to bargain for exemptions, not attending meetings, delaying endorsements, and reverting back to old behavior when it comes to doing things. When asked about the biggest challenge that he had ever faced in a data governance implementation program, some of these points are reinforced by Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co. (Mahanti 2021a): There are two “bumps” on the road that typically cause data governance derailments. One is the resistance by IT groups to open up and share the necessary information about their systems, practices, and data so that we can understand how the data is acquired, stored, and used by critical applications. The other is, once DG is accepted, organizations continue working with a “business as usual” mindset and the responsible individuals continue behaving as they did before, failing to understand that they are no longer working for their stovepipe team but for the enterprise across the information value chain.

While the first challenge pointed out by Andres Perez on “resistance by IT groups to open up and share the necessary information about their systems, practices, and data” is more due to wariness to fear of loss of identity or power, the second challenge is more to do with reverting back to old behavior. When asked about the biggest challenges that she has faced when implementing data governance, Laura Sebastian-Coleman, Data Quality Lead, Finance Data Governance Center of Excellence, CVS Health says the following (Mahanti 2021a): One of the biggest challenges I have faced (in three organizations) is describing to people, in the language of the organization, the behaviors they should adopt. This is followed by actually getting them to change those behaviors. Unfortunately, there are obstacles to culture change that individuals cannot always overcome. For example, IT funding models can be

20

2 Data Governance Challenges and Dynamics direct obstacles to data quality, if those models focus solely on meeting project timeframes and do not account for the quality of the data produced by projects.

The organizational culture needs to be oriented to be more data-driven and transparent. Overlapping functions would result in the same data being used by multiple business units which would result in a conflict of interest. There is a change in the way how data is captured, shared, stored, and accessed to improve data quality and data security. People are comfortable with the way they have done things for years, but now have to learn and adapt to the new ways of operation.

2.3.8.2

Organization Politics

Organization politics can derail your data governance program. This is where you need an influential senior executive sponsor, who can steer his way through organizational politics, and offer leadership and management support.

2.3.8.3

Organizational Conflict

Organizational conflict over data is a big challenge. This is because data is a shared resource and there is always a conflict along the following lines: Conflict 1: Who pays for the data in case of issues? Conflict 2: Once Conflict 1 is resolved, who has the final say when there is no consensus amongst groups trying to come to decision with respect to resolving the issue? Conflict 3: Which team or group fixes or addresses the issue: source system team, target system team, or the intermediate system teams? Once data is viewed as a strategic asset, and all stakeholders understand the value that data brings, the business function which is the most impacted by the bad data would be willing to pay for rectifying the data issues. The following two conflicts can be resolved by having all the relevant IT and business stakeholders to look at the pros and cons of each option and come to a decision. Laura Sebastian-Coleman, Data Quality Lead, Finance Data Governance Center of Excellence, CVS Health, stresses on Conflict 1 when she states from her experience that organizational conflict is not about who owns the data or who uses the data. The conflict is about who has to pay if the data is not right (Mahanti 2021a). She further explains that (Mahanti 2021a): Conflict itself can be reduced through good facilitation; especially when this is focused on ensuring that all the parties have as objective a view of a problem’s costs and benefits. But what actually gets done depends largely on funding.

Shannon Fuller in his interview explained that potential organizational conflicts from overlapping functions when dealing with enterprise data can be resolved with

2.3 Data Governance—Perceptions and Challenges

21

the domain owner facilitating resolution, by gathering all requirements for the respective data from constituents across the organization (Mahanti 2021a).

2.3.9 Restrictive Nature of Data Governance Varun Pant, Director IT, Swati Consultancy Pty Ltd and DAMA Australia Secretary, posted an interesting statement about data governance on Linkedin on August 03, 2020. He stated (Pant 2020) Data governance is like a brake in a car - it is not there to slow you down, but enables you to go faster, more safely.

Brakes can be viewed as restrictive, but are necessary for a safe journey, and their appropriate application can avert accidents. However, if applied when not necessary, can slow progress. Data governance is about establishing policies, processes, rules, standards, and controls around data to improve the quality of data, and ensure data security and privacy. However, this can result in restricting accessibility and constraining people from what they can do with the data, reduce opportunities for the user, and reduce productivity levels (Chen 2017). For example, data that was earlier accessible, will now require following a process, which requires several levels of approvals before the users can get access to the same data. These processes and restrictions can be heavy, inflexible, time consuming, and may adversely impact operational efficiency as well as productivity. Control is important to ensure data protection and quality. Also, privacy and security cannot be attained without controlling accessibility. Good governance must balance security, accessibility, productivity, and enablement (Chen 2017), and ensure that processes are streamlined to minimize accessibility cycle times.

2.3.10 Data Governance Perceptions and Misunderstandings Reality doesn’t bite, rather our perception of reality bites. —Anthony J. D’Angelo, The College Blue Book

With data growing at an alarming rate, the data management discipline and its functions have also evolved and matured. Great strides have been made in the field of data management, and it is still rapidly growing and attracting a lot of interest worldwide across all industry sectors. However, the data management discipline has not been immune to perceptions and misunderstandings, with their narrative being a combination of both fact and fiction causing confusion and concern. Data governance is a critical function of data management, and has its share of perceptions. Also, there is a certain degree of confusion related to it, with data governance

22

2 Data Governance Challenges and Dynamics

being considered synonymous with terms like data management, data quality, metadata management, data compliance, data privacy, data policies, data definitions, and master data management. One of the biggest challenges in implementing data governance are the misunderstandings and perceptions, that individuals have about data governance, that can either lead to individuals resisting the data governance endeavor, or approaching it in a wrong manner, or not doing it at all. These along with other misconceptions that are related to terms, tend to mislead people when it comes to making data governance related decisions, or slow down, hinder, or put a stop to rolling out their data governance initiatives. Let’s cover these perceptions (See Fig. 2.5).

2.3.10.1

IT Organization is Responsible for Data Governance

A common perception is that IT headed by the chief data officer is accountable and responsible for data governance. This perception stems from the fact that data resides in the IT architecture like database systems and file systems, and since IT teams are owners of IT applications and systems in an organization, the perception is that, the data held in these systems also should be owned and governed by them, and that, IT should be made responsible for data governance. However, while IT teams are the caretakers of the technical aspects of the data, it is the business who are the data consumers and the subject matter experts, and who define the business rules around data and who own the data. However, the responsibility for deploying data governance is joint one- data governance should be primarily driven by the business with IT in a supporting role (Loshin 2017; Mahanti 2019).

2.3.10.2

Data Governance is a Project/Data Governance is an IT Project

Some people think that data governance is a project, while there are some who think that data governance is an IT project. While a data governance initiative can trigger a number of projects, data governance by itself is not a project. The fact is that data governance is an enterprise wide continuous initiative that encompasses all business units. Also, while IT and technology do have a role to play in data governance from an execution standpoint, data governance is not an IT project or even a project for that matter. Looking at it from the lens of a project would assign it a fixed start and end date. However, data governance (once implemented) is meant to continue as part of the inner culture or business as usual activities or daily functioning routine of an organization. Data governance is a continuous initiative, and while it should be able to evolve, and dynamically adapt to the changes in business, technology and data (Chikkatur), it does not have an end date.

Fig. 2.5 DG perceptions

DG is the same as change management

DG does not work in small organizations

DG only works for large organizations

DG is simple and straightforward to implement

IT is responsible for DG

DG is same as data stewardship

DGOs are the data stewards

Data management related misconceptions

DG perceptions

DG can be done big bang

DG should be isolated to a business unit

DG is about making and maintaining policies

Technology alone can drive DG outcomes

DG is about data privacy

DG is about compliance & meeting regulatory requirements

DG is a published repository containing common data definitions

DG is a project/ IT project

2.3 Data Governance—Perceptions and Challenges 23

24

2.3.10.3

2 Data Governance Challenges and Dynamics

Technology Alone can Drive Data Governance Outcomes

Some organizations have a misconception that technology can help in achieving data governance. This misconception is more prevalent in organizations that have purchased master data management, data integration or data quality software—or a mix of the three—to support their data governance programs. The combination of vendor hype and high price tags often creates false expectations, that the software will do all the hard work, without having to deal with the people, process, and political issues. While technology and tools implement, manage, and support data governance, the use of technology and tools alone cannot achieve the targeted and desired data governance outcomes. Tools and technology play the role of an enabler and facilitator in data governance, and assist individuals in carrying out their data governance responsibilities, and have been discussed in detail in Book 1—Data Governance and Compliance, and Book 2- Data Governance and Data Management (Mahanti 2021a, b).

2.3.10.4

Data Governance is About Compliance and Meeting Regulatory Requirements

Since compliance is the biggest business driver for data governance, there is a misunderstanding that data governance is only about compliance. However, this is not true. As seen in Chap. 2 in the second book of this series -Data Governance and Data Management, there are other business drivers and use cases, such as big data, data analytics, and improving data quality (Mahanti 2021b). Data governance benefits organizations in a number of ways such as increased operational efficiency, improved data understanding, improved data lineage, better decision making, greater data quality, increased confidence in the data, improved risk mitigation, and cost savings (Mahanti 2019). Implementing data governance effectively results in an organization being capable to comply with what is asked for by the regulators by ensuring greater data understanding, improved data quality, data transparency, and data traceability, with compliance becoming the offshoot of the continuing data governance process. Compliance and how data governance helps achieve compliance has been discussed in greater detail in first book of the series -Data Governance and Compliance (Mahanti 2021a).

2.3.10.5

Data Governance is Only About Data Privacy

There is a misconception that data governance is only about data privacy. This is not true. While, data governance is about implementing the processes, rules, and policies around concepts of data privacy/security, inter-departmental data exchange

2.3 Data Governance—Perceptions and Challenges

25

agreements, and improving quality of data to meet with compliance and regulatory requirements, as well as protecting sensitive data and preventing data breaches, it is much more than just data privacy as highlighted in the “Data governance is about compliance and meeting regulatory requirements” section. Data privacy and data security have been discussed in detail in Book 1—Data Governance and Compliance and Book 2—Data Governance and Data Management (Mahanti 2021a, b).

2.3.10.6

Data Governance is all About Making and Maintaining Policies

Data governance is often perceived as a set of policies, that result in more work to do on top of the work, the employees are already responsible for. This misconception can foster attitudes that make it difficult for organizations to get people to adopt data governance best practices (Baker and Sjoberg 2018). This perception also leads to organizations thinking that adding another data policy to a list of policies is all that is needed to implement data governance, while in reality, issuing a data policy will be of little value if it is not enforced, and does not drive the right behaviors and actions, and processes, rules, standards, and controls are not developed in line with the policies.

2.3.10.7

Data Governance Should be Isolated to a Business Unit

Organizations sometimes make the mistake of governing data in silos, either because they are under the misconception, that data governance should be siloed by business units or departments, or because of a tendency to address individual data issues arising in a particular department or business unit. However, while confining data governance to one department or business unit may satisfy its internal governance needs, more problems can arise as data is shared across departments. As data is an enterprise asset and certain data entities will be used by multiple business units and reside in their associated systems, an enterprise wide approach to implementing data governance should be taken in a staggered incremental fashion, by taking effective data governance processes and applicable controls incorporated in one business unit, and extending them to others (Mahanti 2019).

2.3.10.8

Data Governance is the Same as Change Management

While data governance and change management share similar characteristics, they are not the same.

26

2 Data Governance Challenges and Dynamics

Change management assists in solving business issues by aligning both people and processes to initiatives that will help an organization achieve its strategic business objectives. Successful implementation of data governance needs significant changes in behaviors and hence, requires effective change management. In fact, change management can be considered as a key factor in the successful implementation and sustenance of data governance.

2.3.10.9

Data Governance Does not Work in Small Organizations/Data Governance Only Works for Large Organizations

Small organizations are under the false impressions that the theory of data governance with its enterprise wide focus and governance bodies cannot be applied to them because of the size and the costs associated with it. The truth is that data governance can be tailored to be implemented satisfactorily in any organization, irrespective of the size and the industry sector. Smaller sized organizations would have fewer layers in the data governing body. Data governance can sometimes be more effective and easier to establish in small organizations because of lesser conflicts, easier accessibility of the decision makers, and their familiarity with the systems and data.

2.3.10.10

Data Governance is Simple and Straightforward to Implement

There is a general perception that data governance is simple and straightforward to implement. However, in reality, a data governance implementation involves many business areas and departments in the organization including people, processes, and technology (Navigate Team 2014). There are multiple variables at play that need to be managed and controlled, which in turn requires a signification change in ways of working, behaviors, and attitudes.

2.3.10.11

Data Governance can be Done Big Bang

As per scientists, the universe was created with a big bang, which was a single event that led to a chain reaction, which in turn created the universe. Many people tend to have a similar misconception around data governance, that is, data governance can be done big bang. This misunderstanding stems partly from the perception, that “data governance is simple and straightforward to implement” and partly because of the fact that data governance is not well understood, and is equated to developing

2.3 Data Governance—Perceptions and Challenges

27

a few processes and policies, which should not take too much time and effort, and hence can be implemented big bang. However, successful data governance is more than just devising processes and policies, but it is about building relationships with people to make them more acceptable to the change, and getting employees in the organization to learn and follow the processes and comply with the policies, which takes a considerable amount of time. An incremental approach to governance is an optimal approach to implementing governance.

2.3.10.12

Data Governance is the Same as Data Stewardship

While both data stewardship and data governance support the recognition of data as an enterprise asset, they are not the same (Talburt and Zhou 2015). Data governance is a program which deals with the creation of policies, standards, roles, and responsibilities, and ensures that the right people are assigned the right data responsibilities, whereas data stewardship refers to the activities necessary to make sure that the data is accurate, in control, and easy to discover and process by the appropriate parties, and it involves people who put data governance into operational practice. Data stewardship is the operational facet of a data governance program that involves the actual routine work of governing the enterprise’s data (Plotkin 2013).

2.3.10.13

Data Governance Offices are the Data Stewards

There is a mistaken belief that data governance teams are data stewards, and are responsible for taking care of the data and resolving data issues. Data governance office (DGO) headed by the Chief Data Officer (CDO) is a support team that facilitates and co-ordinates activities of the various data stakeholders such as business data stewards, technical data stewards, data owners, and working groups/committees in a data governance program. The DGO team brings together different data stakeholders from different business units to facilitate discussions on different data and data governance topics such as agreement and alignment on policies, processes, standards, and resolution of data issues. While the DGO team liaise with the data stewards from different business units and applications on data issues, they themselves are not data stewards.

2.3.10.14

Data Management Related Misconceptions

In addition to the perceptions that we discussed, data governance is often confused with data management and different data management functions. It is also confused

28

2 Data Governance Challenges and Dynamics

with initiatives like master data management, metadata management, data quality, data storage, and records management. These perceptions can be misleading as organizations already implementing any of these initiatives would come to a false conclusion that they are already implementing data governance, when in reality they are not. Some of the perceptions that can be misleading are: Data governance is the same as data management (Mahanti 2019). Data governance is the same as data quality (Mahanti 2019). Data governance is the same as metadata management. Data governance is the same as master data management. Data governance is the same as records management (Mahanti 2019). Data governance is about data storage in a central repository (Iron Mountain; Mahanti 2019). Data management is a overarching umbrella, which encompasses a number of disciplines or functions such as, but not limited to data governance, data quality, metadata management, master data management, data storage and operations. Data governance is identified as one of the core components of data management tying together the other data management functions. In Data Governance and Data Management (the second book of the series), we have discussed in detail the relationship and distinction between data governance, data management, and data quality and dispelled the confusions in relation to master data management, records management, metadata management, and data storage in central repositories.

2.4 Key Factors for Ensuring Data Governance Success Implementing data governance is not rocket science. However, it does involve a significant amount of effort, time, investment, and cultural change. Data governance is an ongoing endeavor. It has several dimensions to it, and implementing and sustaining the initiative is challenging and time consuming. The key factors for achieving and sustaining data governance in an organization can be grouped under three affinity classes: • Leadership and management; • Strategy and execution; and • Organizational change management (OCM). Leadership drives strategy as well as change. The model in Fig. 2.6 illustrates the key factors under the different affinity classes for achieving and sustaining data governance in an organization and the relationships between the different affinity classes. There are 13 factors that have a crucial role to play in the successful implementation of data governance in an organization. While “stakeholder engagement and management” falls under the OCM group, it intersects all the other groups, with

29

Fig. 2.6 Data governance key factors model

2.4 Key Factors for Ensuring Data Governance Success

30

2 Data Governance Challenges and Dynamics

leadership, management, and executive sponsors being stakeholders involved in data governance strategy formulation and execution. It is important to take all these factors into account when embarking on implementing a data governance program in your organization to ensure that you achieve success.

2.4.1 Leadership and Management Leadership and management have a crucial role to play in the success of any enterprise wide initiative or management program and the same applies for a data governance program. The various dimensions that influence and play a role in the success of a data governance initiative can be grouped into three heads: • Support and commitment; • Alignment; and • Executive sponsorship. 2.4.1.1

Support and Commitment

Leadership and management support, and commitment is a crucial element in the successful deployment of a data governance program. An enterprise wide initiative like data governance needs to be driven from the top. In the words of Dan Power, “If the “top of the house” isn’t there yet, you won’t get too far with your data governance implementation,” (Power 2015). Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co. mentions leadership as the most important factor for the successful implementation of data governance in organizations. He says (Mahanti 2021a): There must be a business (not IT) leader that helps other business leaders understand that information has values when applied and has cost when defined (planned), acquired, stored, and disposed of. This individual must understand the critical pain points across business areas and must be able to relate it to others.

A firm commitment and consistent support from leaders and management is required for a successful data governance program and to realize the goals it is set to achieve. It is essential for the leadership to emphasize the importance of adherence to policies, processes, and standards of a data governance program. The top management should also ensure that the data governance implementation achieves its projected results, and that continual improvement is taking place in the organization. It is important for the leadership to be motivated, committed, and visionary (Bhansali 2013).

2.4 Key Factors for Ensuring Data Governance Success

31

Data governance involves significant changes in how organizations operate. It also involves changes in the attitudes and behaviors of an organization’s employees. The overall leaders are the individuals who influence attitudes and behaviors through their position and personality (Mahanti 2018). A change in culture is essential to make the shift from organizational silos and from viewing data as a department asset, to viewing data as a strategic enterprise asset that crosses departmental boundaries, and is shared across organizational boundaries. This kind of cultural change needs to be driven by the leaders in the organization. With the massive changes wrought by data governance, there will certainly be resistance to change, which requires dispelling doubts, and providing constant support, encouragement, and monitoring from the leaders and senior management to counter and overcome that resistance and surge forward. The senior management needs to understand, emphasize, and communicate the importance of data and data governance, fully support and approve of the initiative, and generate confidence and faith in the initiative. They need to go beyond departmental barriers, and drive cultural changes to steer the organization towards a data driven culture and drive enterprise wise commitment to the data governance program. They need to encourage and support other management roles to demonstrate commitment to data governance so that it has a cascading effect in the organization. The senior management should communicate to the employees that data governance is an important objective. The message should be clear that leadership views it as an important parameter in its business. The senior management should ensure that there are suitable staff in data governance roles to drive the initiative effectively, set expectations, and inspire individuals. There should be involvement from the leadership when there are holdups in the progress of the data governance program. The management should also conduct periodical assessment on the progress of the data governance program.

2.4.1.2

Alignment

Leadership and management alignment at all levels are critical to the successful implementation of data governance in an organization. Misalignment and disagreement amongst the leaders result in stagnation of a data governance program. The leaders and management need to align and agree on what data governance is set to achieve for the organization (Mahanti 2018). This includes agreement on: • • • •

Business case for data governance. Mission, vision, and objectives of the data governance program. Leadership accountability for data governance. Challenges and roadblocks to overcome in rolling out data governance in the organization, and ways to overcome the same. • Definition of data governance success. • Accountabilities, roles, and responsibilities for delivering data governance results.

32

2 Data Governance Challenges and Dynamics

If the leaders are not aligned, they will end up sending mixed messages to their subordinates, which can lead to resistance, and sooner or later disrupt the data governance progress (O’Neale 2015). Hence, it is important to identify the disconnects and conflicts from the start to the end of the program, and address and resolve them as quickly as possible to ensure continued unified support for the data governance program.

2.4.1.3

Executive Sponsorship

As highlighted by Gartner Research VP, Svetlana Sicular, an executive sponsor ensures that blockers obstructing the progress of a data governance initiative are removed and that an organization’s data governance program gets visibility across the organization (Davis 2016). An active executive sponsor is critical to the success of an enterprise wide cross functional program like the data governance program, which requires investments in people, processes as well as technology. Without an executive sponsor, an organization cannot make much progress with data governance and will flounder sooner than later (Davis 2016; Mahanti 2018). It is extremely critical to choose the executive sponsor carefully, as he needs to be committed to supporting the data governance program, be involved in the data governance journey for the long haul, and not bail out when challenges arise. Without commitment, an involved executive sponsor would only pay lip service to the data governance program without backing up the initiative with the resources, budget, or political influence that is needed for it to be successful. Without involvement, a committed executive sponsor becomes an absentee cheerleader. It is important to understand the seniority of the executive sponsor in the organization, the respect he or she commands in the senior management ranks, the business functions the executive sponsor represents, the benefits these functions will derive from the implementation of the data governance initiative, and the relative power of those business functions in the organization. Understanding these elements will help to determine the interest, abilities, and degree of influence, the executive sponsor will have in routing the data governance initiatives through competing initiatives, and organization politics, and getting buy in and support for data governance from the other executives in the organization. In addition, data governance programs need the involvement from multiple stakeholders who have their own interests and problems, which can stop the data governance program from moving ahead. The executive sponsor needs to have good interpersonal skills, have sufficient authority, and political clout to be able to clear such roadblocks. It is important to have a senior executive as a sponsor for the data governance program, because a data governance initiative involves enterprise wide change, which is disruptive. The lower or middle level management will not have the power or political standing needed to influence and sustain the organization change wrought by data governance.

2.4 Key Factors for Ensuring Data Governance Success

33

The executive sponsor needs to be able to communicate the value proposition and scope of data governance at different management levels in an organization, set expectations with regards to the support and involvement required from key stakeholders and senior management, and respond to their queries regarding the initiative (Mahanti 2018). A good executive sponsor will provide strategic direction to the initiative, clarify business priorities, and remove internal roadblocks. Also, continued executive sponsorship across both business and IT is essential to implement and sustain effective data governance. In order for an organization to be able to recognize the permanent nature of a program such as data governance, sustained sponsorship is necessary. Generally, data governance is a part of a data quality initiative or is combined with data quality initiatives, in which case the data quality program sponsor would be the data governance sponsor too.

2.4.2 Strategy and Execution Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat. —Sun Tzu

Strategy and execution (that is tactics) play an important role in the success of a data governance program. The various dimensions that influence and play a role in the success of a data governance initiative can be grouped into six heads: • • • • • •

Strategy and business case; Skill sets, knowledge, and abilities; Data governance framework and operating models; Data governance tools and technology; Incremental approach to data governance; and Data governance metrics.

2.4.2.1

Strategy and Business Case

A robust strategy plays a critical role in providing appropriate direction to achieve success in data governance implementation. The corporate objectives in the corporate strategy should be mapped to the data necessary to achieve them. The data strategy should have objectives that align with corporative objective(s), and should also have a prioritized list of data initiatives to achieve these objectives. Data governance should be in the prioritized list of data initiatives in the data strategy. A strong data governance strategy is critical to the successful implementation of data governance in an organization, and provides the foundation for building the data governance program implementation plan (Mahanti 2018).

34

2 Data Governance Challenges and Dynamics

The data governance strategy should align with the organization’s corporate strategy as well as the organization’s data strategy. The data governance initiatives should align and integrate with the other data intensive initiatives being implemented in the organization to avoid conflicts and achieve maximum business value. The data governance strategy should state the future data governance vision and have a strategic roadmap outlined and realistic milestones set to achieve the vision (Alder 2005). There should be a strong business case for data governance outlining the costs, value proposition, risks, and benefits. An organization’s strategic business objectives and future direction, their data and application landscape, regulatory landscape, business impact of data issues, what value they want to derive from their data, size of the organization, organization structure and hierarchies, organization culture, current data maturity and their readiness to achieve higher maturity levels should be taken into consideration when designing the data governance strategy. We will discuss more on strategies in Chap. 3 and maturity models in Chap. 4.

2.4.2.2

Knowledge, Skill Sets, and Abilities

Data governance is an enterprise wide cross functional effort and involves many stakeholders at different levels across different business units across the organization. A mix of roles and responsibilities are also required. The roles and responsibilities drive the knowledge, skill sets, and competencies required. Hence, a variety of knowledge, skills, and expertise distributed across teams are needed for a data governance initiative to be successful—namely, technical skills like data quality, data analysis, data assessment, data architecture, data modeling, data stewardship, data governance knowledge, data life cycle management, and good business knowledge of data. In addition, soft skills—like leadership, communication skills (both verbal and written), excellent writing, presentation skills, influencing, prioritization, negotiation, facilitation skills, inter-personal skills, diplomacy, ability to manage conflicting priorities, persuasion skills, stakeholder management, and organizational skills are also required. For example, achieving cultural change would need these skills. Also, with a rise in multinational organizations with operations across the globe, which requires working across remotely located teams, soft skills become even more important to ensure effective collaboration and achieve desired results. People involved at the top level decide governance policies and translate them into objectives and rules of engagement for the lower level teams to follow as they build, monitor, and manage individual data controls (CIOReview 2016; Mahanti 2018). A good knowledge of the source systems and target systems is also required. It is essential to know where data resides in the organizations. This is why you need to enlist in-house subject matter experts to be involved in the data governance program. This is because, while it is possible to recruit individuals with knowledge and experience in data governance implementation and associated tools and technologies, they

2.4 Key Factors for Ensuring Data Governance Success

35

would not have the knowledge of the intricate details of the organization’s data landscape, systems, business processes creating and using the data, and business rules governing the quality and usage of the data. Dylan Jones, Founder of Data Quality Pro and Data Migration Pro, in his article “Data governance: The perfect marriage of soft and hard skills?” provides a list of soft skills cited in interviews with data governance experts (Jones 2016), which show that data governance, data quality, data stewardship knowledge, data communication, coaching, and change management skills are very important in a data governance program. This is illustrated in the interview responses, which state that considerable amount of time is spent by interviewees in training people on data governance and data quality, briefing senior management on their role and responsibilities as data stewards, and demonstrating a range of formats to report data quality issues (Jones 2016). In response to the interview question on which skill sets, expertise, and knowledge are important in the implementation of data governance, Jill Dyché, Principal, Jill Dyché, LLC. states, (Mahanti 2021a) “At minimum, I’d say the necessary skills fall into three buckets. 1: Business analysis: Every company needs data-conversant analysts who can define data requirements and tie them back to business requirements and strategy. 2: Data stewardship: Tactical data stewards can ensure that data quality, metadata, data modelling, and data deployment are formal processes using best-of-breed toolsets. 3: Platform specialists: Whether you’re relying on a legacy data warehouse or a newfangled big data in the cloud platform, there should be an understanding of the data’s sources and destinations. Designating specific platforms for specific purposes leads to trustworthy data.”

In short to be successful at data governance, an organization would need a mix of individuals with varying skill sets. There should be a group of individuals who understand the business context of the data (why is the data needed, what is it used for, are there any specific scenarios when the data would not be populated, and what is the impact if the data is incorrect, incomplete, or not available in a timely manner). These fall under the class of business analysts, subject matter experts and business stewards. There should be a technical group who have understanding of the code and are able to provide the data sources and the destinations and the technical rules used to transform and store data. Another class that is becoming popular is the technical business analyst, who bridge the gap between the business analysts and the technical group. These individuals have data analysis and data modeling skills. They have an understanding of the metadata and understand the data, but might not have indepth technical knowledge to verify implementation details or indepth business knowledge to have full understanding of all the business requirements in relation to the data. In addition, to these roles, communication, coaching, and change management skills are necessary, and an organization would need a change management team to ensure smooth data governance implementation and sustenance.

36

2 Data Governance Challenges and Dynamics

2.4.2.3

Data Governance Framework and Operating Models

When asked about the role of data governance framework and data governance operating models in the successful implementation of data governance, this is what Jill Dyché, Principal, Jill Dyché, LLC. had to say (Mahanti 2021a) Critical. Data governance frameworks and delivery models help to not only define data governance, but also establish its boundaries and success measures. If delivery models are absent, data professionals can end up ‘going rogue’ and fixing things that aren’t broken. Frameworks keep people on track and ensure that there’s a delivery pipeline.

A data governance framework with roles and associated responsibilities, authorities, decision rights, policies, processes and standards, ownership, and stewardship defined in the context of the organization is crucial to the success of a data governance program. The data governance framework needs to be integrated effectively into the organization, otherwise, individuals and groups will revert back to their old behavior and previous ways of operation. Roles and responsibilities form an integral part of a data governance framework, and unless responsibilities are assigned to integrate and embed the framework, an organization will not be able drive the right behaviors, and nobody will adopt the new way of doing things (Askham). When asked about the keys factors for ensuring data governance success, Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co., stated, organizational structure as the second most important factor in the successful implementation of data governance (Mahanti 2021a). Data governance involves multiple stakeholders and rules of engagement, as in how these people should work together should be defined. Data governance will require different levels of roles. The individuals who will be involved in setting the vision, business objectives, and strategy will be different from the set of individuals, who will be defining roles and responsibilities, who will in turn be different from the individuals, who would be operationalizing data governance. The roles, responsibilities, and decision rights at different levels (executive, strategic, tactical, and operational) in relation to business, organizational, and technical aspects need to be defined clearly, with appropriate segregation of duties (Mahanti 2018) and conflict resolution process in place. The data governance working groups, committees, councils and their membership, authorities, responsibilities, and relationships to other groups, the operating model, and operational rhythm also need to be defined. These have been discussed in detail in Chap. 5. While roles may vary slightly, the core roles have been discussed in Chap. 5. Organizations need to be rigorous about defining roles and assigning specific responsibilities to individuals involved in data governance to enforce accountability (Wu 2007, 04). There should be no ambiguity around definition of roles, responsibilities, and accountabilities to avoid confusion regarding expectations. George Firican, Director of Data Governance & Business Intelligence at UBC DAE and Founder of www.lightsondata.com, when asked about the role that governance organization structures play in the successful implementation of data governance in an organization, stated (Mahanti 2021a)

2.4 Key Factors for Ensuring Data Governance Success

37

Data governance has its share of politics and change management struggles. The program structure needs to be shaped in such a way so as to best address these struggles and mitigate the risks associated with them.

Since data governance touches data owned and used by different business units in an organization, it is essential to establish cross-functional data governance bodies who work together to ensure that data is handled efficiently as well as to ensure data quality. Businesses should assume the ownership of the data and take the lead in driving data governance. Ownership of data does not mean that the data belongs to an individual or department, but it refers to the final accountabilities with regards to data such as quality, and decision in case of conflicts regarding data. This is appropriate, since the data in due course exist to serve the business, and the business is the primary beneficiary of effective data governance (Panian 2010). Data governance policies are one of the components in the data governance framework and are necessary to manage data governance operations. Without well defined, practicable, and enforceable data governance policies around data governance structure, data quality, data access, data usage, data retention, and data archival, it is not possible to succeed in your data governance efforts as chances are high that your data will not be governed and managed effectively. Policies are like rulebooks but unless they can be consumed as requirements, and if there is no way to enforce them, they are useless. Data governance involves a large number of stakeholders at different levels and from different departments in the organization, so data governance policies should be written in a way so as to project a coherent vision to all these stakeholders, and provide a framework of overarching governance. Creating and maintaining effective data governance policies which drive processes, guidelines, rules, and standards, and which can be understood and translated into actionable items, and adhered to by the whole organization, is crucial. Data governance policies are documented set of guidelines for warranting the formal management of an organization’s data in a consistent, collaborative, and coordinated fashion so as to derive maximum business value from data while minimizing the risks. Data governance policies also set limits on who can and should do what with the data, and what should not be done to and with the data. Hence, unless these policies are correct and clear, you will not have the right governance around data assets. Also, the policies should be reviewed at regular intervals, and revised if necessary, to ensure that it reflects the current needs of the organization and stakeholders, and are compliant with the internal and external regulations. Practicable and enforceable data governance policies foster greater accountabilities and define parameters for operational activities related to data (Mahanti 2018). An effective data governance policy drives process, guidelines, standards, and rules that results in availability of high quality organizational data, which in turn leads to

38

2 Data Governance Challenges and Dynamics

better management of business operations and supply chains, and improved efficiencies in marketing and customer relationship management (CIO Review 2016). We will discuss more about data governance policies in Chap. 5.

2.4.2.4

Data Governance Tools and Technology

To help manage organizational data and to ensure that it meets regulations, data governance tools should be used to streamline your data governance processes quickly and easily. Tools and technology provide support, and facilitates the people and processes aspect of data governance through automation, scaling, and augmentation. Data governance tools and technologies cannot be used as plug and play, and by themselves cannot achieve data governance outcomes for you. While data governance tools are not a replacement for an organization’s data governance system, they offer capabilities that support the administrative tasks and processes of data stewardship. These tools support the creation of data policies, manage workflow, provide monitoring, and measurement of policy compliance and data use (Peyret and Goetz 2014). Data governance tools and technologies can form an important part of an overall data governance strategy and implementation as they can automate repetitive activities and processes. Hence, the use of data governance tools can improve the productivity of the data governance program and reduce operational costs. There are several data governance tools available from different vendors in the market, and tool selection should be made based on the business requirements and use cases, and the capabilities of the tool to meet those requirements and use cases (Mahanti 2018). Some vendors providing data governance tools are Collibra, Informatica, Datum, IBM, Oracle, Infogix, Global IDs and SAP. Chapter 4 in the second book of this series-Data Governance and Data Management, discusses the various components and aspects of data governance, that can be facilitated by technology and tools, the readiness checks to be performed before exploring the market to purchase a data governance tool, as well as the different players in the market, that provide tools for supporting data governance (Mahanti 2021b).

2.4.2.5

Incremental Approach to Implementing Data Governance

The issues addressed by data governance are wide-ranging, ranging from arbitration of cross-functional data usage (Dyché and Nevala 2017) to compliance requirements around data quality, data privacy, data security, data access, data retention, and data usage. As a result, governance initiatives endeavoring to address a range of enterprise needs in one big bang are quickly crushed by role confusion, prioritization arguments, “emergency” development projects, resourcing constraints, bandwidth issues, productivity questions, and a resistance to change (Dyché and Nevala 2017).

2.4 Key Factors for Ensuring Data Governance Success

39

The big bang approach quickly turns data governance into a major project that requires a lot of time and resources (Askham). Business users need to play an active role in data governance, but they have their own daily chores and responsibilities. Implementing data governance big bang will be disruptive, and may result in creating a whole set of new responsibilities on top of already existing responsibilities, require additional time, and getting resources allocated will be an uphill battle from the very start. To avoid risks of failure, to be less disruptive, and less resource intensive, an incremental approach to data governance is recommended. The data governance work should be broken into manageable chunks of firmly scoped initiatives having clearly articulated business value and sponsorship (Dyché and Nevala 2017). There should be a short-term and long-term roadmap in place, which shows key milestones and the different initiatives that are to be implemented. The order in which these initiatives will be executed would be based on the business priority. This will showcase the business value of data governance which is necessary for the success of data governance effort. It would also help in getting support and acceptance for the initiative, and establish the momentum needed to sustain the data governance program, as well as enable people to use the learnings and experience from these initiatives to better implement the next initiative by making corrections and adjustments as needed, and will allow your organization to realize the short-term and long-term benefits of a data governance program. While an incremental approach takes more time, it brings about business support by establishing the value of governance in a context relevant to each stakeholder or sponsor. Also, a phased approach establishes data governance as a repeatable, core business practice, and process rather than a standalone “once and done” project (Dyché and Nevala 2017).

2.4.2.6

Data Governance Metrics

Management thinker, Peter Drucker was often seen to be quoting the following axioms: You can’t manage what you can’t measure. If you can’t measure it, you can’t improve it.

Effective measurement is a fundamental element of any successful continuous improvement program, and data governance being a continuous improvement program is not an exception. Data governance is a long-term initiative, and in order to sustain it and maintain momentum, it is important to define metrics to track the progress and effectiveness of data governance, in terms of costs saved or revenue generated, and socialize the results calculated. It may look difficult, but as stated by Gartner Research VP, Svetlana Sicular, “it is essential for organizations to quantify their data governance results, though doing the same would appear to be a difficult exercise” (Davis 2016). Stakeholders

40

2 Data Governance Challenges and Dynamics

and executive management want to see quantifiable results early on and at regular intervals, and in the absence of quantifiable results, funding is like to stop. Relevant metrics helps assess out the effectiveness of the data governance implementation as well as its progress. It also enables improving and controlling the same. It enables you to demonstrate to your executive sponsors and stakeholders, that you are attaining the objectives set forth in the data governance use case. Metrics that bring you closer to the objective should be assessed, monitored, and the process for capturing and reporting metrics should be defined and established. It is important to understand the benefits of attaining the objectives. These might be cost savings, a reduction in data issues, shorter lead times, and improvements in user satisfaction. All these indicators should be actively monitored, and the results regularly shared with the wider organization. If the purpose of your data governance business use case is improved data quality, then your metrics should be based on data quality improvements along the relevant data quality dimensions like accuracy, consistency, timeliness, and currency. It should be understood that measurement and metrics are not the end, but a means to achieving the end goal. The goals and targets should be measurable. The results of measurement are just the starting point of the improvement plan. A sound measurement framework with periodic assessments of milestones achieved, benefits, and value provides visibility to the stakeholders on the progress and contribution of data governance in creating business value. It also helps in maintaining interest in the data governance program and retaining support of the stakeholders, to ensure continuity of the program. Depending on the area of focus and goals of the data governance program and the outcomes the organization wants to get out of the program, specific metrics would need to be defined and analyzed to measure the success of the program. While defining metrics, one should remember that over analysis leads to paralysis and hence, it is best to avoid defining too many metrics. Only metrics that will be meaningful to the business, that add value, and are able to drive improvement decisions should be used. The proposed metrics and the process for capturing and reporting metrics should be reviewed, agreed, and approved by the stakeholders. This will help validate the “what” and “how” of measurement, and result in prevention of mistakes of measuring the wrong things, or measuring the right things in the wrong way. Chapter 6 covers the characteristics of good data governance metrics, data governance metric categories, data governance metric documentation, and some examples of data governance metrics that will give you guidance when choosing metrics to track your data governance program. Chapter 6 also covers dashboards and scorecards in brief to visualize and present metrics.

2.4 Key Factors for Ensuring Data Governance Success

41

2.4.3 Organizational Change Management (OCM) Organizational change management (OCM) has a crucial role to play in the successful implementation of data governance in an organization. The various OCM factors that influence and play a role in the success of a data governance initiative are as below: • • • •

Stakeholder engagement and management; Cultural change and change management; Training and education; and Communication and collaboration.

2.4.3.1

Stakeholder Engagement and Management

Appropriate stakeholder coverage, buy-in, and support of stakeholders is required to achieve success in data governance (Mahanti 2018). If stakeholders are not engaged and involved, they are less likely to accept the changes brought about by data governance, and would see such changes as an imposition. Stakeholders should be engaged early on, the data governance value proposition should be sold to them, expectations should be set, and relationships should be built with the stakeholders to get data governance buy-in and acceptance, reduce resistance to change, and build a trusted partnership. The stakeholders are influential people who can benefit from data governance, promote your project to others within the organization, and provide support and feedback (Davis 2016). All the stakeholders should be identified and engaged to ensure that the program is effective. Data governance involves all business units/departments in an organization that touch data; those who create/capture/acquire it, administer it, process it, consume it, store it, and analyze it. For a data governance program to succeed, stakeholders from the different business units/departments should be involved and convinced of the value that data governance can provide (Speare 2017). Creating a data governance program behind closed doors with just a select few participants is most likely to fail. Organizations generally have overlapping functions to lesser or greater extent to support operations in the most efficient way. The extent of overlapping functions is driven by the complexities of the business environment. It is important to identify overlapping functions and the impacted stakeholders early on, in a data governance initiative, and engage them to set the scene and understand possible conflicts and segregate duties appropriately. Doing so will eliminate unpleasant surprises and minimize/mitigate (if not eliminate) roadblocks and resistance later in the life of the data governance initiative. You would need subject matter experts within different business units to take up data stewardship responsibilities. These responsibilities are likely to be viewed as an overhead, hence, it is important to illustrate the specific pain points that data governance is trying alleviate or eliminate, and the specific benefits of implementing DG,

42

2 Data Governance Challenges and Dynamics

rather than generic benefits and pain points, in such a way that stakeholders understand “what is it in it for them”. This is because stakeholders are able to empathize with “what is it in it for them” rather than a generic benefit or pain point. Selling data governance to stakeholders is the key to initial stakeholder acceptance. The stakeholders should also be involved to participate in the design of the data governance framework design so that they are able to contribute and voice their concerns. This increases transparency. Also having them alongside throughout your data governance journey would pave a path to a smoother implementation when the time is right. Stakeholders should understand and agree with the scope of the data governance program, the rationale behind it, and the goals that data governance is set to achieve. They should also understand the roles and responsibilities of key participants in the data governance program as well as understand what is expected from them in terms of time, effort, duties, and inputs. Stakeholders should understand and agree to the timeframes, processes, and milestones used to measure and assess progress and effectiveness of the data governance initiative. The data governance council and stakeholders need to work together to conjointly outline the data governance success criteria and commit to providing proof of the benefits. The data governance council needs to inform stakeholders about ongoing initiatives to keep stakeholders confident, supportive, and engaged. Keeping stakeholders up-to-date with the progress also reinforces the data governance council’s commitment to the initiatives and keeps the stakeholders enthusiastic about the data governance initiative (Fox 2014). There should be an ongoing, open, and honest feedback mechanism for the data governance council to elicit feedback from the stakeholders. Feedback taken into consideration buys goodwill of the stakeholders and helps build their confidence in the data governance council. For a data governance program to succeed, trust and confidence is essential (Fox 2014).

2.4.3.2

Cultural Change and Change Management

Culture of an organization is the combination of shared values, beliefs, norms, and repeated behaviors. It is very important to understand the culture of the organization when structuring data governance. This is reinforced by Jill Dyché, Principal, Jill Dyché, LLC. in her interview statement, when questioned on what factors should be taken into consideration while choosing a data governance model for an organization (Mahanti 2021a) Culture, culture, culture! Understand how successful projects are delivered at your company. Is it largely top-down, meaning that executive sponsorship is required and there should be formalized budgets for each initiative? Or is success typically more bottom-up, where a group of data management experts deploy valuable new data using agile techniques, then rinse and repeat? Understanding how the culture defines success will inform not only how you structure data governance, but who you hire.

2.4 Key Factors for Ensuring Data Governance Success

43

Also, data governance requires changes in how people operate. As explained by Laura Sebastian-Coleman, Data Quality Lead, Finance Data Governance Center of Excellence, CVS Health in her interview, as many organizations have not governed their data in the past, at least at an enterprise level, data governance is perceived as a “new” thing that is making new demands on people’s time and requires people to change their behavior (Mahanti 2021a). Data governance requires considerable cultural changes and introduces new ways of working. Managing those changes effectively are often critical to the successful implementation of data governance in an organization. Change management is a discipline, which makes use of processes, tools, and techniques for ensuring that changes are comprehensively and smoothly implemented, such that the business outcomes and the lasting benefits of change are achieved. The focus is on the broader impacts of change, particularly on people and how they, as individuals and teams, transition from the current situation to the new one, and easily adapt to the new ways of working. It is very important to understand the existing culture to define your data governance strategy, your operating model, as well as to assess the impact that the new data governance policies, processes, practices, rules, and responsibilities will have on the culture, and how the culture needs to change in order to accommodate the changes wrought by data governance. Laura Sebastian-Coleman further explains (Mahanti 2021a) Culture change will look different in different organizations because the starting point will be different. The behaviors that need to change will differ but the behaviors that people will be encouraged to adopt will be similar (e.g., simply paying attention to data and asking questions if it does not look right is a behavior to be cultivated in any organization that wants to govern its data better).

Change management is both an enabler and enforcer of data governance. Change management should be focused on helping organizations deal with the cultural changes that come as a result of transitioning to new data governance policies, processes, practices, rules, and responsibilities. According to C. Lwanga Yonke, an information quality professional and an adviser to the International Association for Information and Data Quality, employees in the organization need to be educated on the problems that data governance is trying to solve six months before the data governance policy is approved (Talend). Data governance brings changes along the following lines: • • • • •

How data is accessed, used and shared, distributed, and disclosed; Who can do what with the data; Who owns and manages the data; How priorities are established as needs around the data changes; and What principles, rules, and controls govern the data.

These changes can be a culture shock for individuals who have not dealt with them before. Peter Drucker, who was one of the most widely-known and influential thinkers on management, said, “If you want to start doing something new, you have to stop

44

2 Data Governance Challenges and Dynamics

doing something old.” Although this sounds quite easy, it’s easier said than done as cultures are deeply entrenched in the organization fabric, and replacing them with something new is not easy. According to Peter Drucker, “For new technology to be embraced, people have to believe that it has ten times the advantages of what people were previously doing.” Communicating why the present way of working will no longer work; that is, explaining the risks and adverse impacts of not doing data governance and the benefits of data governance from the end user perspective, can get people motivated and have a more positive outlook when it comes to data governance. Also, the appropriate infrastructure in the form of training, policy, and processes to be followed, and the tools and technologies needed should be there in place for embracing the change. Understanding and communicating the “why, what, when, who, and how” of the changes that data governance will bring about, can dispel some resistance to the change. It is important to assist the impacted groups to let go of their old way of working and get them to feel comfortable doing things the new way. Every organization has a different culture and different ways of operation and hence, the impacts will differ for each organization. In order to effectively manage the change brought about by data governance roll-out, a change plan and strategy should be built to facilitate the change. It is important to understand the prevailing organizational culture, and put yourself in the shoes of the impacted groups and try to understand how they will be impacted by the change wrought by data governance. It is also important to anticipate how they will react to the data governance changes and the concerns they might have. It is important to understand the way of operation prior to the change and post implementation of data governance, to understand what has changed for the impacted group, and what would be needed to make them feel more acceptable of the change. It is also important to recognize that impacts would not be uniform throughout the enterprise. There would be several user groups impacted by the changes brought about by data governance implementation and impacts for different user groups would vary. It is important to understand specific impacts for these different groups to be able to understand the best course of action—as is in determining what is needed in terms of change management—for example, class room training versus hands-on training, communication, awareness sessions or a combination of some or all of these. Awareness sessions, communication and training strategies need to be tailored to suit the different user groups. For example, for groups that have very low impact, email communications may suffice, while a high impact group would need face to face communication, awareness sessions, class room training as well as hands-on training. It is also important to anticipate the level of resistance that will be offered by the different stakeholder groups during the implementation of a data governance program. Listening carefully to the concerns of each stakeholder group will help understand the reasons behind their concerns and devise adequate strategies to address them. Some stakeholder groups will be for the change, while some will

2.4 Key Factors for Ensuring Data Governance Success

45

be against the change brought about by data governance. Knowing who is going to work for and with you, and who is going to work against you, can help you plan accordingly. There are different change management models such as adoption curve, commitment curve, and Beckhard’s models, and depending upon what suits best for the organization, one of these can be adopted.

2.4.3.3

Training and Education

Appropriate training and education are essential to the successful roll out of any new program that requires new ways of working, and the same applies to effective implementation and sustenance of data governance in an organization (Mahanti 2018). Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co. stresses on training being one of the three factors critical to successful data governance implementation and states that (Mahanti 2021a) Data governance is difficult. It goes against the grain of the typical organization. Organizations are managed top-down using a command and control (hierarchical) method while information flows across all of these stovepipes. Data governance must be practiced by all members of the organization and the DG leadership must provide proper training to them so that they can work across organizational borders effectively.

Implementation of data governance introduces new ways of operation, requires a data-oriented mindset, and brings about significant organizational changes (Mahanti 2018). Enterprise change without adequate training is bound to fail. This is because education and training fill the gaps in knowledge and skills. It upskills employees, so that they are comfortable with the new ways of working. There are many misconceptions around data governance, and it is important to have regular data governance awareness sessions across the organization to dispel these misconceptions and increase data governance awareness. The most successful data governance programs are those where participants and data users are trained in the principles, tools, methods, and politics of data governance and stewardship (Lopez 2012). It is important to educate the employees on the data governance program—explain the pains, risks and impacts in the absence of data governance, the benefits of data governance, and how will data governance impact them; knowledge is power, and people respond best to a change in work practice when the changes are clearly articulated (Marcan 2017). Because of the depth and breadth of data governance, it is important to carry out some planning when it comes to data governance training and education requirements of the organizations. Figure 2.7 summarizes the activities involved in planning for data governance training and education. A “one-size fits all” training and education approach will not be suitable as data governance needs to be tailored for an organization, and data governance training and

Fig. 2.7 Data governance training and education-planning

How should the training be delivered?

Where to start educating and training?

Where?

When?

When will the training be delivered? What is the frequency of the training sessions?

How?

DG Training & Education

Who?

What is the scope of DG training & education? What are the training requirements by stakeholder groups?

What?

Why do you need to deliver DG training and education?

Why?

Who are the stakeholders targeted for DG training & education ?

46 2 Data Governance Challenges and Dynamics

2.4 Key Factors for Ensuring Data Governance Success

47

education would also need to be tailored accordingly for the organization (Mahanti 2018). First, one has to understand the scope of the data governance training and education, that is, what is in scope, and what is out of scope. This would be dominated by the objectives of the data governance program. Nonetheless, some of the critical topics on which training needs to be delivered are the following: • Laws and regulations related to data and information. • Personally Identifiable information (PII) (for example, email address, credit card debit card information, and social security number), sensitive, and protected/restrictive data. Sensitive and protected data vary from industry to industry. For e.g., Protected Health Information is specific to the healthcare industry. • Managing confidential data and information. • Safeguarding and protecting data and information (Thomas 2015). • Managing proprietary records, for e.g. customer information. • Handling intellectual property, i.e., patents, trademarks, and copyrights (Thomas 2015). • Data stewardship. • Metrics and performance reporting. • Data management. • Data quality. • Data governance tools. The next thing is to identify the audience or stakeholder groups who need to be trained and educated regarding data governance. What are the impacted teams? How would they be affected by data governance changes? What would they be doing differently as a result of implementation of data governance?

Answering these questions would help you determine the training required and design training material adequately. Training is necessary to ensure that employees fully understand what the changes are, what is required of them, what are the gaps, and how things need to be done, with data governance in place. This is principally imperative for individuals who have no previous knowledge, awareness, or exposure to data governance (Marcan 2017). There are various factors that influence the training and education requirements which are summarized in Fig. 2.8. Training would need to be tailored depending on the job descriptions, roles, responsibilities, and the amount of upskilling required. The maturity level would also help ascertain the gaps that need to be filled. If the data governance initiative is a part of a wider data quality initiative and is coupled with data quality or master data management initiatives, training would need to be tailored accordingly. The enterprise architecture and IT application landscape also need to be taken into consideration when assessing the training requirements. If software tools are to be used for data governance, software tool training would need to be conducted so that the responsible individuals know how to use the tools.

Fig. 2.8 Factors influencing DG education and training requirements

Tools & technologies

Funding

Other data initiatives

Policies & procedures

Industry sector

IT applications

DG educationinfluencers

Roles & responsibilities

Enterprise architecture

Regulatory/ Compliance requirements

Maturity level

Resistance to change

Job description

48 2 Data Governance Challenges and Dynamics

2.4 Key Factors for Ensuring Data Governance Success

49

Training content for different compliance and regulatory requirements would differ. For example, GDPR and Basel would need different training. Different industry sectors would also have different data governance requirements. For example, the highly regulated industries, such as finance, banking, insurance, life sciences, manufacturing and healthcare are subject to more stringent compliance and regulations and need more rigorous processes and practices around data governance, and the data governance education requirements would also need to be adequate, thus enabling the employees to do their tasks properly so that compliance and regulatory requirements are fulfilled. Training must be focused on how data governance and compliance form a part of successful business processes (Lopez 2012). Both business users and IT professionals need to be trained. IT professionals need training and education to help them understand that data governance is much more that a technical problem, and while technical solution is an aspect, there are other aspects like policies and procedures too. Business users need training to help them understand what are the new roles and responsibilities they must staff and adopt (Lopez 2012). It is important to measure the benefits from educating and training in data governance, and the impacts in the absence of training, for the various stakeholder groups to demonstrate why data governance training and education is needed, and how will it benefit different stakeholder groups. The timing and frequency of the training sessions need to be established for the different stakeholders. Also, how the training will be delivered needs to be determined. This would vary depending upon the roles, responsibilities, job descriptions, and the knowledge gap of the different stakeholder groups and user constituencies. Data governance education and training would range from organizing awareness sessions (for example, awareness related to legislations, regulations) to training sessions which demonstrate how they need to do the work. The degree of resistance to change because of lack of knowledge and deficiency of required skills, the gaps which need to be filled for the audience to perform their jobs adequately would dominate the type and mode of training required. For example, data governance might result in a major change in processes. In this case, a combination of classroom and hands-on training along with adequate training documentation in the form of user manuals and quick reference guides would be a desired approach. In case of minor changes, awareness sessions would suffice. Funding might lead to organize training so that you do not cross the budget. A combination of different education and training approaches would need to adopted. Some common education and training approaches are: • • • • • • •

Classroom training; Hands-on or on-the-job (OJB) training; Presentations; User manuals; Videos; Quick reference guides; and E-learning.

50

2 Data Governance Challenges and Dynamics

It might be a good idea to hire external consultants who have a long-standing data governance experience to facilitate training on the core data governance topics. You need to decide as to where to start the data governance education and training in your organization. You need to start by educating your executive sponsor if he does not have the requisite knowledge, and conduct awareness sessions for senior management and mid-tier management groups, and then train and educate the operational teams on the new ways of working, which might be a combination of technical education and/or training on process changes.

2.4.3.4

Communication and Collaboration

Data governance is an enterprise wide, interdisciplinary, and cross functional effort. It should be widely known and well understood across the organization. Hence, communication and collaboration have a prominent role to play in the success of data governance. Phil Watt, Director, Elait Australia, when asked to share interesting thoughts/advice stresses on collaboration when he says (Mahanti 2021a)—“We will always need data governance but we will see much more of this done collaboratively…” Stakeholders from different business units including risk, legal, and IT need to work together to work out processes, resolve issues, determine controls, define metrics related to data, and work towards consistent data definitions. They should have a formal understanding and agreement as to who is going to do what in relation to governing the data. There are different perspectives related to data that need to be looked into, and one single business unit will not have the entire perspective. For example, the legal team might have a specific view on data retention and the business unit using the data might have a different perspective. Conflicting requirements need to be resolved. Depending on the focus of your data governance you might need more representation from certain business units. Effective communication is a means of overcoming resistance, dispelling doubts, and maintaining enthusiasm for implementation of data governance, and is vital in aligning the workforce towards corporate expectations (Mahanti 2019). As per the Founder and President of The Data Governance Institute, Gwen Thomas, communication constitutes a large section- probably 80% of data governance efforts (Talend). The need for data governance, the approach the organization will take with regards to implementing the initiative, the progress, and the impacts should be communicated to the stakeholders to ensure transparency. Without the right communication strategy and plan, the anticipated benefits will remain ambiguous, and data governance will only be viewed as a cost to the company and an administrative burden. A communication plan is necessary to communicate the why and how of data governance, and the benefits to all those involved. The data governance communication plan should include the following information elements:

2.4 Key Factors for Ensuring Data Governance Success

51

• Short description of the communication—A few words to indicate what the communication is about. • Message Objective—The purpose or intent of the message. • Author—Who is sending out the communication? • Audience/stakeholder groups—The groups, users, or teams who would be the recipient of the communication. • Communication medium—The communication channel, which would be used to deliver the message to the audience. Different communication channels include email, company web portal/intranet, newsletters, workshops, and meetings. Multiple communication channels may be used for the same communication if need be. • Frequency—Some communications would have a pre-determined frequency, for example, monthly, quarterly, annually, while others would be adhoc or on-demand. Figure 2.9 shows the different elements of a data governance communication plan and Table 2.1 shows a communication plan template with an example.

Short communication description

Message objective

Author

Elements of a DG communication plan

Audience/ stakeholder groups

Communication medium

Frequency

Fig. 2.9 Elements of a data governance communication plan

52

2 Data Governance Challenges and Dynamics

Table 2.1 Data governance communication plan template and example Message objective

Message description

Author

Audience/Stakeholder group

Frequency

Communication medium

Data governance program update

Communicate DG Program successes and progress towards established program objectives

DGO

Executive steering committee Data governance council

Bi-annually

Email Intranet-web portal

The communication plan should be revisited often to include new communications and stakeholder groups. Communication should be customized according to stakeholder group—so that the communication is relevant to the stakeholder groups. Proactive communication, especially before launch and in the early stages of a data governance program, is critical to ensure acceptance and adoption across the organization. Get out the word about data governance with some high-level information of what is known at that point in time, the launch date, the benefits, the key milestones, quickly before the launch if possible, via the most effective communication channels and set expectations for regular updates (Fox 2014). The kick-off messages are just the start of the data governance communication. Ongoing communication is equally important to demonstrate progress and the wins, as well as to identify and address any potential roadblocks, challenges, or concerns. Effective communication fosters positive relationships between stakeholders and the data governance council (Fox 2014). Stakeholders should be communicated about ongoing initiatives to have their trust, support, and enthusiasm. Delivering employee focused communication is critical to achieving success in data governance efforts. A variety of channels—intranet, emails, newsletters, wall posters, workshops, meetings, and internal social platforms should be used to attract employee attention and crack through the information overload. Videos related to the data governance as well as its progress and achievements can be also prepared and posted on the organization’s intranet, and internal social platforms, to spread awareness and build familiarity with the concept. It is important to ensure that the communication to stakeholders is appropriately frequent. Communications should be clear, focused, brief, and free of jargons, and complement each other in terms of look and feel, messaging, and terminologies to avoid confusion, and sustain the attention and interest of the stakeholders. Successful implemention of data governance requires executives and staff from the different business units and the IT department to come together. Teamwork is a crucial element in data governance, as it involves the combined efforts of a number of employees across different business units as well as IT departments (Mahanti 2018). As per Philip Russom, Senior director of TDWI Research for data management, data governance involves a multitude of different roles that need to interact with each other and hence, data governance has to be a kind of a collaboration hub to facilitate

2.4 Key Factors for Ensuring Data Governance Success

53

these interactions (Talend). The value of teamwork formed by cross-functional teams promotes a sense of ownership, better communication, team working value, and overall view of the organization (Aviation Week 1998).

2.5 Data Governance Program—Do’s, Don’ts, Tips, and Lessons Learnt There are certain things that you might want to take into consideration and things you would want to avoid when embarking on a data governance initiative in your organization.

2.5.1 Tailor Data Governance to your Organization—“One Size Does not Fit All” Approach When it comes to implementing data governance in organizations, it is important to understand that a “one size fits all” approach does not apply to all organizations, even though there may be a set of generic governance organizational structures, roles, and associated responsibilities. This is because different organizations will be different along the following lines. See Fig. 2.10: • • • • • • • • • • • • • • •

Organization size, Industry sector, Geography, Organizational goals, Business strategy, Business drivers, Context, Scope, Organizational structures, Organizational hierarchies, Interactions between different organization teams and groups including IT and business, Data management challenges and opportunities, Data landscape with varying complexities and data volumes, Organizational culture and maturity levels, and Circumstances.

These factors should be taken into consideration when designing and implementing data governance for a specific organization. The data governance program should be customized within guidelines to meet the specific needs of the organization, so that it is fit for purpose for the organization, while at the same time sharing

54

2 Data Governance Challenges and Dynamics

Group interactions

Industry sector and geography

Data management challenges & opportunities

Organization structures & hierarchy

Scope

Data landscape

Organization size

One size does not fit all

Context

Circumstances

Organization culture and maturity level

Business drivers Business strategy

Organization goals

Fig. 2.10 Elements to be considered when tailoring data governance

the basic data governance concepts and principles. Hence, data governance designed for different organizations will share some common characteristics. For example, the business driver for data governance in a utility company may be to improve the quality of their asset data stored in their geospatial database, whereas in a healthcare organization to protect patient data, whereas in a retail company to achieve a single version of truth for their customer and product data. Each of these scenarios might require data governance to be implemented in a different way. The business and data challenges will differ based on the size, industry sector, and the data they hold. Legislations differ by industry sector and geography. Also, organizations that have offices in more than one country or have global operations will require a different data governance structure when compared to organizations that have operations and offices in one country only. The organization’s culture and maturity levels also have an influence on how you proceed with data governance. In short, no two organizations are the same, and similar data governance practices cannot be applied to all of them.

2.5 Data Governance Program—Do’s, Don’ts, Tips and Lessons Learnt

55

2.5.2 Adopt a Non-invasive and Non-disruptive Approach Data governance programs are often perceived as being “invasive” and “over-andabove” the existing work culture of an organization, as pointed by Robert S. Seiner, author of the book—“Non-Invasive Data Governance”. It is important to be as non-invasive and non-disruptive as possible when designing and implementation data governance in your organization. There are already individuals working in the organization who are familiar with the data (that is the business and technology subject matter experts). Such individuals are involved in dealing with the data and resolving issues. They are natural candidates for data stewards, and their opinions should be valued. The aim should be to build data governance on what is existing (that is organizations structures, hierarchies, resources, and cultures), instead of building everything from the scratch, and defining too many new roles or hiring new resources. This can be achieved by identifying existing practices, processes, and identifying people in the organization that have a level of accountability for the data they are defining, producing, and using to complete their job or function. Also, existing resources should not be overburdened with large amount of work because of data governance. It is also important to design a data governance operating model of roles and responsibilities that aligns with the way your organization operates today, and allows you to overlay the framework over your existing organizational components, and repurpose roles and practices to focus on data governance. Identifying existing escalation paths and decision-making capabilities from both a positive standpoint as in scenarios in which they do work, and from a negative perspective as in the scenarios in which they do not work, will enable leveraging what is working instead of having to build from scratch. It will also help in addressing the opportunities for improvements that can minimize disruption. Understanding what data is handled by people, and helping them formalize their behavior to the benefit of others, potentially impacted by that behavior along the data lifecycle is another aspect of being non-invasive.

2.5.3 Accept That the Data Governance Journey will be Difficult Implementing data governance is not an easy exercise. It is imperative to recognize this up front and be prepared for the obstacles, resistance, risks, and challenges. Employees who have been a part of a data governance initiative before and have seen it fail, will be naturally resistant to the initiative and wary of giving their time and effort. It is important to size up the challenges, risks, and blockers early on, have a solid plan in place to deal with these issues, and work together as a team. It is important

56

2 Data Governance Challenges and Dynamics

to educate and prepare stakeholders for what data governance is, its benefits, and to communicate expectations, so that they are more amenable to the changes and to make the road ahead easier to traverse. This will help achieve success in the initiative.

2.5.4 Establish a Strong Base The foundation or base of a construction has a crucial role to play in the successful development and sustenance of the building structure. Stronger the base, longer lasting is the structure! When it comes to implementing a data governance program in an organization, it is important to establish a strong foundation to ensure long term sustainability of the program. It is important for the leaders to know the scope of the data governance initiative, the major issues and their impacts, and what they are trying to achieve. The data governance body needs to understand what data needs to be governed and why, who understands the ins and outs of the data, and who the stakeholders are.

2.5.5 Identification of Areas for Proof of Concept (POC) The data governance initiative should be implemented in a limited area with a definable scope and measurable criteria for success. This enables you to test the strategy, uncover flaws and challenges, check the benefits, and ensure that the business requirements are being fulfilled. Initial testing on a smaller scale helps figuring out whether it will work on a larger scale or needs refinement. While the proof of concept cannot cover every single business use case, and there will still be new gaps that will need to be filled when you start implementing data governance on a larger scale, it will enable you to determine whether the data governance processes, polices, and rules designed for the proof of concept will work for your organization. Once benefits of data governance implementation are realized within a small group, they can then be rolled out to multiple functions and finally across the entire organization in a staggered way.

2.5.6 Get Some Quick and Meaningful Wins Data governance initiatives are often run in combination with data quality initiatives, master data management or BI initiatives, which in turn, may or may not be driven by

2.5 Data Governance Program—Do’s, Don’ts, Tips and Lessons Learnt

57

compliance requirement. These initiatives are cost intensive and as a whole require significant changes in operation and culture. When outcomes are not seen for a long time, the interest and commitment tend to diminish. Therefore, demonstrating returns on investments early on and at regular intervals, by resolving an issue or fixing a problem with broad visibility and impact to the organization, and communicating the same to the impacted groups and communities, can help reduce resistance, keep stakeholder hooked, build and maintain momentum, as well as furnish justification for sustained funding.

2.5.7 Share Lessons Learnt and Success Stories It is important to share success stories to keep the fires burning and improve success rates. Organizations have tried implementing data governance and not got it right the first time. As stated by Dr. John Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners Inc. “…As more and more organizations implement DG and share their “lessons learned,” DG practice is improving and success rates are increasing, (Mahanti 2021a).” As pointed by Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co. (Mahanti 2021a), …The value is not distributed evenly across business areas, so it is important for those who gain the most to share the wealth with those who do not by providing feedback on business value and by treating each other as partners.

2.5.8 Keep It as Clear and Consumable as you Can Keep the data governance process as simple, clear, and consumable as possible with a plainly defined process flow and a RACI chart with clear segregation of duties and responsibilities for ease of understanding and operation. It is also important to have a well-defined communication plan. If data governance processes are complicated and process steps are ambiguous, then it will be difficult for the employees to follow the same, and they will circumvent them. It is important to ensure that all tasks in the process flow are adding value to the overall organization. Steps should be added to processes only when they are absolutely needed. For example, if data needs to be exchanged between data producer and a single data consumer group without intermediate systems or additional consumer groups using the data, then an agreement can be reached between the data producer and consumer without the need for additional data governance processes to be defined (Klein, 2017).

58

2 Data Governance Challenges and Dynamics

2.5.9 Have a Clear Focus and Stay Focused Without clear focus, data governance initiatives can lose momentum. It is important to have well defined scope and unambiguous, defined goals when it comes to implementing data governance. It is also important to understand the primary objective of the initiative, identify the individuals and groups who will derive value from its implementation, and the key benefits. This will help stay focused within the scope and achieve results.

2.5.10 Have the Right Candidates for the Data Governing Body Data governance involves defining and assigning roles, responsibilities, and authorities. Each of the data governance roles need to be assigned to the right people. For that purpose, each data governance role should have clearly defined criteria for participation—knowledge and skill sets required, what tasks are to be accomplished, and the right candidates must be carefully vetted for each role based on whether they match the criteria specified for the role. For example, business data stewards are responsible for a subset of the data and define rules relating to the data (for example, business meaning of the data elements, format, and domain values). Hence, they need to have good business knowledge of the dataset. In other words, the business data steward should be a subject matter expert of the dataset for which he is assigned the role. Data owner role requires a comprehensive understanding of the business as well as leadership, communication, and decision-making skills. If individuals with the requisite knowledge, experience, and right skill sets are not assigned to the data governance roles, it will fail to drive the desired outcomes and would lead to failure.

2.5.11 Strike the Right Balance Between Opposing Goals Data governance needs to serve several goals. Some of these goals will have conflicting requirements and require varying levels of controls. For example, compliance goals might need to restrict data access whereas business integration goals might need expansion of data access. Other contrasting goals include business versus technology, data content versus data usage, strict governance (as in case of compliance) versus loose guidance (as in case of data architecture standards), departmental data ownership versus enterprise data ownership, data security/protection versus data accessibility, compliance requirements versus productivity (Russom 2008).

2.5 Data Governance Program—Do’s, Don’ts, Tips and Lessons Learnt

59

Data governance would need to achieve a feasible balance between these conflicting requirements through cross functional collaboration and effective change management (Russom 2008).

2.5.12 Understand the Data Governance Scope First and Then Form the Data Governance Body It is important to understand the scope of the data governance program and the roles and responsibilities needed before forming the steering committees and the working groups, and assigning people to them, and not the other way around. This is because creating the governance bodies first without knowledge or understanding of the scope would most likely not have the correct people on board, which you would only discover once you have understood the scope, which would require you to form committees again causing business to lose interest.

2.5.13 Plan for Longevity The saying “Rome was not built in a day” applies to data governance too. It takes a considerable amount of time for data governance processes to become entrenched in the organization culture and hence, you need to plan for the long haul. The initial stages of the data governance involve establishing and defining the working structure and processes, which need both time and resources. Hence, the data governance bodies should be provided with adequate support so that they can spend time on the program. Once the operating rhythms are established, data governance bodies need to evolve the data governance function to meet new challenges to continue to deliver value.

2.5.14 Incentivize Participation Data governance requires active participation from data stewards—the subject matter experts who are already extremely busy and have a number of pressing duties on their plate. Providing incentives for participation and rewarding their efforts can gain a more sustained commitment, maintain enthusiasm, and help promote desired cultural changes across the organization.

60

2 Data Governance Challenges and Dynamics

2.5.15 Do a Data Governance Program Health Check A data governance program does not fail abruptly. There are indicators, both blatant and subtle, that indicate your data governance program’s downfall. As pointed out by Jill Dyché and Kimberley Nevala, in their article-” 10 Mistakes to Avoid When Launching Your Data Governance Program” Data governance isn’t overtly canceled. It simply fizzles like a damp firecracker.

Robert S. Seiner in his article—“Saving a Failing Data Governance Program” provides some red flags that indicate that your data governance implementation is going off track (Seiner 2017). Below are some of the warning signs to look for so that you can bring your program back on track (Seiner 2017). • • • • • • • • • • • • •

Senior leadership meetings no longer have data governance as a line item. Business units are not approaching data governance office with issues to resolve. There are competing data governance groups. Accountability for data governance does not rest with anyone. All the enterprise data issues have got resolved and there are no new issues reported for quite sometime. The individuals in charge of data governance are being asked to spend a larger percentage of their time on something else. The data governance office/team in the organization has been broken up. Attendance at data governance meetings is decreasing. Conversations at the data governance meetings do not focus on data governance. Metrics are no longer being used to track data governance progress and impacts. Data governance metrics indicates a problem, but no action plan is there in place to rectify the issue. Data policies are not being adhered to/enforced any more. Data policies, processes, definitions, and standards have not been reviewed for a considerable length of time.

2.5.16 Do not Design Data Governance Without Integrating the Key Decision-making Bodies and Other Data Initiatives in your Organization Data governance should not be designed in a vacuum without integrating other data management functions and data initiatives, and without establishing relationships with other decision-making bodies in the organization. Data governance affects data management functions and initiatives including data security management, data quality management, data integration initiatives like data warehousing, master data management, as well as data modeling, data architecture, and big data. Designing and implementing data governance without integrating existing decision-making bodies would result in resistance. Also, not taking into account other

2.5 Data Governance Program—Do’s, Don’ts, Tips and Lessons Learnt

61

data initiatives would prevent an organization from leveraging maximum benefit and getting the best business value from data, and achieving the right balance when objectives of these initiatives conflict with one another. By establishing relationships with these organizations, you gain the ability to learn from previous program’s experience (the stumbling blocks, dependencies, risks, issues, and constraints) in the specific environment. By involving the leaders who have previously worked on more mature programs and discussing data governance decisions with them, you can get help in getting consensus and endorsement for the implementation of data governance across the organization (Buff 2018).

2.5.17 Avoid Establishing Big Committees Avoid establishing big data governance steering committees and working groups, as more the number of individuals on each committee, the more politics comes into play and the more watered-down governance responsibilities become. To be successful, try to limit the size of committees to between six and twelve people, and ensure that committee members have the required knowledge and decision-making authority (Sherman 2011).

2.5.18 Do not Take the Tick Box Approach to Satisfy the Regulators Compliance and regulatory requirements are one of the key drivers of data governance. In case the business case for data governance is driven by regulatory requirements, organizations often take a tunnel view to data governance with an intent to deliver the bare minimum requirements in a short time to meet the regulator needs only. They create a checklist of tasks, and focus on ticking the tasks on checklist without understanding the benefits, and completely ignoring long term goals. Therefore, data governance is not embedded in the cultural fabric of the organization, and the focus is on risk mitigation, and not on the opportunities. A tick box approach to data governance offers little in terms of on-going sustainability, transparency, or business value for the effort invested. Also, all the facets of data are not taken into consideration. Hence, if and when regulations change, you will have to start all over again. It is important to look at data governance holistically, treat it as an ongoing process, have the entire organization involved, and look at the root cause of the problem. This will not only enable you to comply with any checklist or regulatory requirements, without the need for a fresh implementation whenever a new checklist is issued, but will also achieve other business benefits.

62

2 Data Governance Challenges and Dynamics

2.6 Concluding Thoughts Effective data governance is not a one-off exercise and cannot be implemented all at once. As stated by Dr. John Talburt, it is important to share lessons learnt and the success stories of data governance so as to help improve the program and increase success rates (Mahanti 2021a). Data governance is not a project or even a destination, but a long drawn journey and practice that needs to be sustained and measured, to develop and mature over time, so that it becomes a central business process with improvement goals which are continually revised to reflect changing business goals, and to be used as criteria in managing data improvement. In line with Aristotle’s quote—“Quality is not an act, it is a habit”, “Data governance is not an act, it is a habit.” As stated by Dr. Stan Rifkin, effective data governance program needs to take into account organizational and human factors (Mahanti 2021a). Successfull entrenchment of data governance in the cultural fabric of the organization requires a combination of a number of contributing elements—executive sponsorship, leadership and management commitment and alignment, a robust strategy and strong business case, a combination of hard and soft skills, training and education, communication, teamwork and collaboration, metrics to track progress and effectiveness of the data governance initiative, data governance organization structures in place, technology and tools, and effective change management. Of all these elements, executive sponsorship is the most important, because without sponsorship you will not be able to kick start your data governance initiative. There are connections between these elements. For example, a lack of leadership and management commitment would not result in sustained sponsorship and not drive change. Training and education also helps drive awareness and enables change management. Metrics showing the benefits realized by data governance can increase leadership and management faith and commitment and pave the grounds for sustained sponsorship. Identifying the different data governance perceptions, and debunking them is also crucial in avoiding a problem or challenge that does not exist. It also helps in isolating and addressing the real obstacles and challenges. Data governance is often confused with other terms associated with data, like data quality, data management, master data management, metadata management, records management, and even change management. Organizations often consider data governance synonymous with these. People misconstrue the meaning and value of data governance and the shape it would eventually take in their organizations, resulting in its failure (Dyché and Nevala 2017). Hence, it is important that the correct definition, meaning, and value of data governance is relayed and understood by the people in the organization. It is necessary to understand the challenges, organization readiness, and mindset of people, your champions (who will bat hard for you), movers (who will not bat quite so hard) and shakers (pockets of resistance), the current state and the future state, and based on this understanding, devise the best way to rollout data governance in your organization.

2.6 Concluding Thoughts

63

Ultimately, good data governance will be successful within your organization when the correct balance between people and organizational capability, processes and controls, technology and architecture, and accountability between data producers and consumers is achieved (Advision Digital 2016). I will conclude this chapter with the statements made by Dr. John Talburt (Mahanti 2021a) In my experience, I see DG becoming more mature. The first adopters usually had to make 2, or even 3, attempts before seeing any success. However, like any new paradigm, it takes time to iron out the wrinkles. As more and more organizations implement DG and share their “lessons learned,” DG practice is improving and success rates are increasing. We now have good models to follow. It is still a very difficult undertaking but I see things beginning to get better with fewer failures and restarts.

References Advision Digital (2016) Why do you need data governance? WorleyParson Group, Last accessed on November 9, 2018 from http://digital.advisian.com/curious/why-do-you-need-data-governance/ Alder S (2005) Six steps to data governance success, CIO. Last accessed on 31 March 2018 from https://www.cio.com/article/2438861/enterprise-architecture/six-steps-to-data-gov ernance-success.html Amitech, Data governance. Last accessed on June 20, 2020. https://amitechsolutions.com/moderndata-management/data-governance/ Askham N The 9 biggest mistakes companies make when implementing data governance. Last accessed on 16th July, 2018 from http://static1.squarespace.com/static/52ed2570e4b02079a8 2e6ff3/t/56111545e4b0890ee92b5901/1443960146356/Nicola+Askham+-+9+biggest+data+ governance+mistakes.pdf Aviation Week (1998) Success with six sigma after an elusive goal. Aviation Week 149(20):53 Baker S, Sjoberg P (2018) Intelligent data governance for dummies, Hitachi Vantara Special Edition. Wiley Bhansali N (2013) Data governance: creating value from information assets. CRC Press Buff A (2018) Data governance danger: five warning signs of imminent failure, Big Data Quarterly. Last accessed April 20, 2019 http://www.dbta.com/BigDataQuarterly/Articles/Data-Gov ernance-Danger-Five-Warning-Signs-of-Imminent-Failure-124076.aspx Chen A (2017) Breaking data myths- highlights from Tableau CEO’s Keynote at #DATA17 Last accessed on Dec 26, 2017 from https://centricconsulting.com/breaking-data-myths-by-tableauceo-data17-keynote_cincinnati/ Chikkatur L Information management part 1: myths and facts. Last accessed on 25 December, 2017. https://www.melissadata.com/enews/articles/010809/1.htm CIO Review (2016) Why data governance is important and what skills are key for it? Last accessed on 9 April, 2018 at https://security.cioreview.com/news/why-data-governance-is-important-andwhat-skills-are-key-for-it-nid-18105-cid-21.html [CIO-WIKI], Data Governance. https://cio-wiki.org/wiki/Data_Governance Correia J (2015) Data governance: 5 common pitfalls and how to avoid them. Last accessed April 20, 2019. https://www.daymarksi.com/information-technology-navigator-blog/data-governance5-pitfalls-and-how-to-avoid-them Couture N (2018) Implementing data governance – 3 key lessons learned. Last accessed April 20, 2019. https://www.cio.com/article/3328855/implementing-data-governance-3-key-lessonslearned.html

64

2 Data Governance Challenges and Dynamics

Davis J (2016) 9 tips for data governance success. Last accessed on March 10, 2018 from https:// www.informationweek.com/big-data/big-data-analytics/9-tips-for-data-governance-success-/d/ d-id/1327129?image_number=3 Dyché J, Kimberley N (2013) 10 mistakes to avoid when launching your data governance program, SAS Best Practices White Paper, Last downloaded on 20th March, 2018 from https://www.sas. com/content/dam/SAS/en_us/doc/whitepaper1/ten-mistakes-to-avoid-when-launching-data-gov ernance-program-106649.pdf Edwards PJ (2016) Why is data governance in healthcare so difficult? Himformatics Erwin (2017) State of data governance report. Last accessed from Dec 28, 2018 from https://go. erwin.com/2018-state-of-data-governance-report Fox M (2014) Five indispensable best practices for communicating your data governance strategy. Knowledgent blog. Last accessed on 10 July, 2018 at https://blog.knowledgent.com/five-indisp ensable-best-practices-for-communicating-your-data-governance-strategy/ Haruray A (2017) Why failed data governance experience is valuable! LinkedIn. Last accessed April 20, 2019. https://www.linkedin.com/pulse/why-failed-data-governance-experience-valuable-ash ish-haruray/ Iron Mountain, Information Governance: Puncturing The Myths, Last accessed on 25 December, 2017. http://www.ironmountain.com/resources/general-articles/i/information-governance-pun cturing-the-myths Jones D (2016) Data governance: the perfect marriage of soft and hard skills? The Data Roundtable. https://blogs.sas.com/content/datamanagement/2016/09/29/data-governance-soft-hard-skills/ Klein J (2017) Six things you need to know about data governance. SEI Blog https://insights.sei. cmu.edu/sei_blog/2017/06/six-things-you-need-to-know-about-data-governance.html Lopez K (2012) The 5 things you must do before starting any data governance program, Sponsored by Embarcardero, InfoAdvisors Inc. Last accessed on 18th July, 2017 https://www.embarcadero. com/images/dm/technical-papers/karenlopezebookv5.pdf Loshin D (2017) Busting 10 Myths about data quality management, information builders white paper. Knowledge integrity incorporated Mahanti R (2018) Data governance implementation: critical success factors, software quality professional. ASQ 20(4):4–21 Mahanti R (2019) Data quality: dimensions, measurement, strategy, management and governance. ASQ Quality Press, Milwaukee, WI, 526 p. ISBN: 9780873899772 Mahanti R (2021a) Data governance and compliance, Springer Books, Springer, ISBN: 978-98133-6877-4 Mahanti R (2021b) Data governance and data management, Springer Books, Springer, https://doi. org/10.1007/978-981-16-3583-0; ISBN: 978-981-16-3582-3 Marcan C (2017) 10 Steps to creating a successful data governance strategy, manufacturing business technology, Advantage Business Media, Posted on 09/08/2017 - 11:16 am. Last accessed on 10th December, 2017 from https://www.mbtmag.com/article/2017/09/10-steps-creating-suc cessful-data-governance-strategy Navigate Team (2014) Debunking common misconceptions about data governance frameworks. last accessed on 8th July, 2018 from http://www.navigatecorp.com/debunking-common-miscon ceptions-about-data-governance-frameworks/ O’Neale K (July 2015) Identifying the right operating model for your organization: a step toward sustainable data governance. Last accessed on 10 April 2020, from http://www.b-eyenetwork. com/blogs/oneal/archives/2015/07/the_right_operating_model.php Panian Z (2010) Some practical experiences in data governance. World Acad Sci Eng Technol Manage 62:939–946 Pant V (2020) Linkedin Post. Last accessed August 5, 2020 from https://www.linkedin.com/feed/ update/urn:li:activity:6695938653677613056/?commentUrn=urn%3Ali%3Acomment%3A(act ivity%3A6695938653677613056%2C6695978205234520064) Peyret H, Goetz M (2014) The forrester wave™: data governance tools, Q2 2014 Plotkin D (2013) Data stewardship, Elsevier Science Publication

References

65

Power D (2015) Secrets of Successful Data Governance, Eckerson Group, https://www.eckerson. com/articles/secrets-ofsuccessful-data-governance Last accessed on June 1 2020 Power D All the ingredients for success: data governance, data quality and master data management. Last accessed December, 1, 2019 from http://www.oracle.com/us/products/middleware/data-int egration/odi-ingredients-for-success-1380930.pdf Russom P (2008) Data governance strategies: helping your organization comply, transform, and Integrate. TDWI. Last accessed on 12th July, 2018 on https://tdwi.org/Articles/2008/05/27/Data-Gov ernance-Strategies-Helping-Your-Organization-Comply-Transform-and-Integrate.aspx?Page=2 SAS, The SAS® Data Governance Framework: A Blueprint for Success. Last accessed on 14 December, 2017 https://www.sas.com/content/dam/SAS/en_us/doc/whitepaper1/sas-data-gov ernance-framework-107325.pdf Seiner RS (2017) Saving a failing data governance program. The Data Administration News Letter. Last accessed on 20th April, 2018 from http://tdan.com/saving-a-failing-data-governance-pro gram/22440 Sherman R (2011) A must to avoid: worst practices in enterprise data governance. Search Data Management Tech Target. Last accessed on July 15, 2018 from https://searchdatamanagement. techtarget.com/feature/A-must-to-avoid-Worst-practices-in-enterprise-data-governance Speare G (2017) Understanding data governance: tools, documents, processes, and people. Ironside. Last accessed on 31 March 2018, from https://www.ironsidegroup.com/2017/02/15/unders tanding-data-governance-tools-documents-processes-people/ Talburt JR and Zhou, Y (2015) Entity Information Life Cycle for Big Data: Master Data Management and Information Integration (1st. ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA, USA. Talend (2018), New trends and best practices for data governance success, ebook downloaded on 1 April 2018 from http://viewer.media.bitpipe.com/1216309501_94/1288990195_946/Talend_ sDM_SO_32247_EBook_1104.pdf Talend, What is Data Governance (and Why Do You Need It)? Last accessed on 10 July, 2018 from https://www.talend.com/resources/what-is-data-governance/ Thomas W (2015) Educate for data governance. IVT Conference presentation available at, http:// www.cbinet.com/sites/default/files/files/Willis_Thomas_Educate_Data%20Gov.pdf Turner N (2016) Taming the waves: the foundations of effective data management, Marine Data Management and GIS Workshop, Royal Society of Edinburgh, DAMA United Kingdom Wu J (2007, 04) Empowering the information enterprise: role-based performance management. DM Review. Available http://www.dmreview.com/editorial/dmreview/

Chapter 3

Strategy and Data Governance

The significant problems we face cannot be solved at the same level of thinking we were at when we created them. —Albert Einstein

Abstract Strategy plays a critical role in the success of data governance and the role of strategy in data governance is elaborated in this chapter. Before an organization takes a leap of faith and embarks on its data governance journey, it needs to have a data strategy and a data governance strategy. This chapter discusses DG readiness (as in how ready is the organization to undertake data governance), warning signs that indicate that the organization is not yet ready to implement a more mature data governance approach, data governance maturity assessment, and factors to consider when analysing the gaps between the as-is and to-be state. The interactions between corporate strategy, data strategy and data governance are discussed. The importance of a data governance business case, the key components of a DG business case, data governance strategy, data governance strategy map, and the data governance roadmap is also discussed in this chapter. The role of the chief data officer in data governance implementation is discussed in this chapter. It is critical to commence any data governance initiative with a short, high priority, and well defined and understood pilot. The prioritisation and selection of the pilot phase have been discussed succinctly.

3.1 Introduction Data is an enterprise asset and needs to be of a superior quality to provide business value, be it business intelligence, sales, finance, or marketing. Data must also serve the key strategic objectives that define the future vision for an organization. In order for data to generate business value and not be a liability, it needs to be available, accurate, complete, consistent, free of duplicates, free from ambiguity, easily interpretable, and secure.

© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4_3

67

68

3 Strategy and Data Governance

Data governance oversees the management of data so as to ensure its availability, usability, integrity, quality, privacy and security. Data governance is both an organizational process and structure. A data governance function sets up an environment in which the program staff are assigned roles and responsibilities to work together to establish order and organization for overseeing the data (Mauzy et al. 2016). Data governance is a continuous process. However, before your organization takes a leap of faith and embarks on its data governance journey, it needs to have a data strategy that incorporates the data initiatives (data governance being one of the data initiatives) to meet the organization’s strategic goals. The organization should also define a data governance strategy that outlines the outcomes that the data governance program is set to achieve. However, creating a data strategy and data governance strategy is not easy as it requires commitment from the senior management and executive leadership, and an acknowledgement that data is an enterprise asset that must be managed and secured like any other asset. While having a data strategy can open doors to the power that data can bring and can also help in leveraging it to gain a competitive advantage, only one in ten organizations have an enterprise data strategy, given the difficulty in getting a buy-in from the executive level (Eckerson 2011) or because of a lack of realization of the benefits that an effective strategy can bring to the organization. However, it is also important to remember that while a good strategy can put an organization on the competitive map, only solid execution can keep an organization there (Neilson et al. 2020). This chapter discusses data governance readiness, data governance maturity assessment, strategy in general, data strategy and data governance, data governance strategy, data governance business case, the data governance roadmap, and the role of the chief data officer in data governance implementation. In order to be successful, organizations need to approach designing as well as implementing data governance in a strategic manner rather than in a tactical manner. According to a survey carried out by Experian and UBM, nearly all (98%) respondents said that their organizations view data governance as either important or critically important from a business perspective. Despite this, 46% of respondents indicated that their organizations recognize the value of data but lack a formal governance strategy (Pastore 2018). When asked about the role of strategy in paving the way to achieving success in data governance, Jill Dyché stated (Mahanti 2021a). The most sophisticated companies use strategy to determine their data deployment priorities. In other words, there’s a lot of data and a lot of potential data-enablement projects, so where should we start? The short answer is to consider your company’s most important strategic initiatives and figure out the data that will be required to execute them. Start there. … From a corporate strategy perspective, we use a strategy mapping technique to map corporate objectives to the data necessary to achieve them. This approach essentially puts data – and the need for data governance – on the radar of executives who might believe data to be an afterthought. Executives, many of whom are measured on strategy execution, will typically support data governance as soon as they understand its role in strategic enablement.

3.1 Introduction

69

The extent to which companies can link their corporate strategies to data is the extent to which they’ll get support and funding for data governance!

Data strategy is an essential component of any organization’s digital transformation journey and should align with it’s corporate strategy. Data governance is an important component of a data strategy. Data governance involves people, processes, and technology, as well as substantial cultural changes; hence, organizations need to assess how ready they are to move to higher levels of data governance maturity by taking into account the challenges of introducing change, and conduct a data governance maturity assessment to determine the current maturity level and assess the gap to achieve the desired maturity level.

3.2 Are You Ready for Data Governance? Data governance introduces a new way of working that challenges entrenched beliefs. An organization might not be ready for the massive change brought about by data governance, and the change could be detrimental to the enterprise, a particular program or project. That is, while data governance may be the right thing to do, the timing to do it might not right. Nicola Askham, data governance coach, states in her article – “The 9 biggest mistakes companies make when implementing data governance (and how to avoid them all)” – Sometimes, an organization is just not ready to implement a data governance initiative. Even if the organization is ready, it may not be mature enough to implement anything more than baby steps towards their end goal.

Some of the warning signs that an organization is not ready for a more mature data governance approach have been summarized in Fig. 3.1 and are as follows: • Refusal of business groups to get involved (The Data Governance Institute 2017). • Refusal of leadership to sponsor a data governance effort (The Data Governance Institute 2017). • The decision to implement a bottom-up program when the decisions and rules that must be implemented should be made from the top of the organization (The Data Governance Institute 2017). • The decision to empower a group (an outsourcer, partner, or team) to make datarelated decisions for a data-related effort where they would benefit from NOT (The Data Governance Institute 2017). – – – –

Considering an enterprise view, Involving data stakeholders, Correcting data issues, and Acknowledging data issues.

• Key stakeholders do not see a need for data governance, and there is no executive decree to change their outlook.

70

3 Strategy and Data Governance

• Subject matter experts (SMEs) whose attendance will be required at rule-making sessions or governance sessions are extremely busy, have higher priorities, and cannot make a commitment to attend these sessions. • The right resources cannot be assigned to the data governance programs because they are assigned to other projects, programs or business as usual activities. Any organization that captures, manages, and uses data has some form of data governance in place. It is very important to conduct a readiness assessment exercise before you decide to climb the ladder from the current state of data governance maturity to a higher level or decide to move from an informal approach to a more formal approach of data governance, and start building a strategy for implementing data governance.

3.3 Data Governance Maturity Assessment It is important to understand how mature your organization is in terms of data governance, before you take the risk of attempting to introduce something that your organization isn’t ready for or doesn’t need. This is because you need to know why you have the current model of data governance in place to be able to make a decision as to whether it is right at that point in time to move to the next level and overcome the challenges to reach that level. There are various data governance maturity models that can help you assess the current maturity and these have been discussed in Chap. 4. Data governance maturity assessment provides a picture of an organization’s current data governance maturity along various dimensions of the data governance maturity model such as overall data governance, data policies, data standards, data ownership, data stewardship, data compliance, data architecture—data access and isolation, data quality, and metadata. It also provides an organization with an informed, objective, measurable, and documented assessment of the maturity within a data governance maturity model (Gow 2006). Data governance maturity assessment provides an insight into the organization’s existing capabilities, uncovers strengths and weakness of the organization’s current data management capabilities, validates, modifies or invalidates assumptions, identifies constraints, risks and issues, and helps assess the gap between the existing state and desired state, and supports steps that can be taken to develop, prioritize, and deliver solutions to bridge the gap (Gow 2006). The maturity assessment involves interviewing a number of representative people in the organization to assess their perspectives. It also includes a review of existing documentation to understand the data landscape, the existing capabilities, dependencies, constraints, risks, and issues and hence, should be undertaken by experienced people who can form a judgment based on their experience of other similar environments. This exercise also reveals the critical data sets and domains that you should target for data governance.

Fig. 3.1 Data governance readiness—warning signs

3.3 Data Governance Maturity Assessment 71

72

3 Strategy and Data Governance

A maturity assessment exercise—conducted well—provides the opportunity for stakeholders to feel that they have a platform where they’re being heard, and it sows the seeds for encouraging them to buy in to the idea of data governance and management—and also to related changes down the line (Entity). A maturity assessment measures progress in the range of 1 to 5; where ‘1’ is lowest level of maturity, and ‘5’ is the highest level of maturity, with capabilities continuously improving, as you move from lower levels to higher levels of maturity. The different dimensions against which the maturity can be assessed and the data governance maturity assessment have been discussed in detail in this chapter. It is important to evaluate the current state and ascertain an attainable target state based on current data governance maturity levels within your organization, taking into account the challenges of introducing change that will be brought about by the new capabilities and solutions to be implemented to achieve the target state. The assessment should identify critical data assets and the associated issues in the current state, the desired target state, and the gaps along the following lines (illustrated in Fig. 3.2): • • • • • • •

Critical data assets and data domains, Capabilities, Organizational structures—roles, responsibilities, and accountabilities, Business processes and their impact on data, Technology management practices (systems, platforms, tools, and languages), Data management practices, Skill sets along the lines of business processes, technology, and data management, and • The organizational culture. The target state needs to be assessed along the lines of the value that capabilities in the target state would provide, and the associated risks, interdependencies, constraints, and success factors.

3.4 Strategy The term strategy does not have a universally accepted definition. Therefore, in different contexts and to different people, strategy means different things. The Canadian guru Henry Mintzberg (1978) defined strategy as a pattern in a stream of decisions. Strategy is an outline of how a business intends to achieve its goals. The goals are the objective, and the strategy sets out the route to achieving that objective (Henry). Liddell and Scott (1999) define strategy as a high-level plan to achieve one or more goals under conditions of uncertainty. Daniell (2007) defined strategy as the art and science of informed action to achieve a specific vision, an overarching objective, or a higher purpose for a business enterprise.

Business processes and impact on data

Data management practices

Skill sets

Organizational structures

Gap Analysis

Fig. 3.2 Gap analysis between as-is state, to-be state, and factors to consider

AS–IS State

Critical data assets and data domains

Capabilities

Technology management practices

Organizational culture

TO-BE State

3.4 Strategy 73

74

3 Strategy and Data Governance

In the private sector, strategy is about a business gaining competitive edge over other businesses. This is because business do not operate in vacuum but have to compete with several other players in the market. Having a value proposition superior to other businesses that are trying to appeal to the same customers and turning it into a habit is key to sustain competitive advantage. Robust “where-to-play” (that is the target customer segment) and “how-to-win” choices, therefore, are still essential to strategy (Lafley and Martin 2018). Every organization has its own unique strategy, which is an expression of organizational objectives that identifies specific goals within a confined scope of operations to deliver value and achieve specific benefits. While strategy is not the only determining factor in the success or failure of an organization, a robust strategy can yield amazing results for an organization which has mediocre level of competence. On the contrary, the most inspiring leaders when dealing with an inappropriate strategy will have to wield their full competence and drive, merely to keep afloat (Tilles 1963). The importance of strategy in success can be illustrated by the following examples from history (Tilles 1963): • When Hannibal wreaked the humiliating defeat on the Roman army at Cannae in 216 b.c., he led a ragged band against soldiers who were in possession of superior arms, better training, and competent “noncoms.” This was possible because his strategy was so superior that all of those advantages proved to be relatively insignificant. • Jacob Borowsky made Lestoil the hottest-selling detergent in New England by using an effective strategy to battle competition with superior resources. • Walmart’s global strategy for expansion was “being the cheapest” and it beat out all of the competition by offering the same products for the lowest prices (Kimberlee 2018). • Porsche’s carefully designed and brilliantly executed strategy focused on Japanese manufacturing concepts to improve efficiency and launching new products to increase market appeal resulted in highest profit margins across the industry (~15%); comparatively other players found themselves far behind in terms of profitability (2016 numbers) e.g. Mercedes (~7%) or Hyundai (~4%) (The Burnie Group). • When Facebook launched in 2004, it was one of several social media sites with MySpace being dominant. Facebook had a strategy that focused on measured expansion. Facebook is omnipresent today, but it starting small with a focused group of Harvard students, and after gaining traction in Havard, it expanding gradually to other colleges, and when ready, finally opened up to non-students. This allowed Facebook to focus on adjusting the product to the needs of each new customer segment. As a result, it avoided the growth challenges that led to MySpace’s decline (Izquierdo 2020). • When Dollar Shave Club launched its razor business in 2012, Gillette had a commanding share of about 70% of the U.S. market according to Entrepreneur magazine. In 2019, Gillette’s market share had eroded to about 53% according to a

3.4 Strategy

75

CNBC report. Meanwhile, Dollar Shave Club’s growth prompted Unilever to buy it for $1 billion. Dollar Shave Club beat Gillette by adopted a strategy that offered a cheaper alternative directly to end consumers through Internet, as opposed to Gilette that sold its products through retail outlets which costed more. Dollar Shave Club worked with manufacturers in Asia to produce razors, eliminating any markup from a middle man (Izquierdo 2020). In the words of John Zachman, author of “The Framework for Enterprise Architecture” (The “Zachman Framework”), Zachman International, (Mahanti 2021a)There is an old engineering adage, “Form Follows Function.” Today, this might be restated as “Structure Follows Strategy.” Structure (form) takes time and costs money. If you expend the time and money to build it before you define what it is for or what it is to do, you have delivered a classic solution in search of a problem … which in all likelihood is a huge waste of resources.

3.5 Corporate Strategy, Data Strategy, and Data Governance Don’t sell a data strategy on its own. It’s just not going to work. It’s got to be coupled with a broader strategy that the data strategy fits into. - Jim Swanson, CIO, Monsanto, [Source: Data Strategy Playbook]

As shown in Fig. 3.3, the corporate strategy which is driven by the corporate vision and mission, sits at the top of the hierarchy, and defines the overall corporate objectives. Corporate strategy also defines the way in which these objectives will be accomplished to create value while attaining competitive advantage. The corporate strategy is the overall strategy of an organization that consists of several business units, and helps determine how to structure its business and human resources, and support business units to share human resources and technical resources, and work together to create more value and meet the corporate objectives. Mission translation, that is, translating mission and high-level enterprise objectives into operational goals and objectives is important for clarity and alignment and is achieved using methodologies such as (Siviy et al. 2008; Siviy and Kirwan 2008): • Function Analysis Systems Technique (FAST) goal decomposition [Siviy and Ismail]; • Six Sigma’s Y-to-x decomposition (Siviy et al 2007); • Critical success factors (developed Daniel 1961, refined Rockart 1986); • Systems thinking’s current and future reality trees and other system dynamics methods; • Traditional strategic planning methods; and, • Balanced scorecard strategy maps (Kaplan and Norton 1996, 2004).

76

3 Strategy and Data Governance

Drive Corporate Strategy

FEEDS INTO

Should align with Data Governance

Part of

Corporate Vision & Mission

Should align with

Drive Data Data Vision & Strategy Mission

Governs data assets

Fig. 3.3 Corporate strategy, data strategy, and data governance

A corporate strategy should also recognize the organization’s critical assets that would be a differentiator in terms of attaining competitive advantage. Data is an enterprise asset and some data are critical. The corporate objectives should be mapped to the data required to achieve them (Mahanti 2021a). For example, one of the corporate objectives could be to increase revenue. One way to increase revenue is to increase the customer base. The data that this corporate objective maps to are customer and prospect data. Data strategy is the vision and actionable foundation for the organization’s ability to harness data-related or data-dependent capability that helps achieve the strategic objectives of the organization. A data strategy establishes common methods, practices, processes, procedures, usage pattern, and structures to acquire, manage, integrate, manipulate, secure, operationalize, consume, and share data across the organization in a repeatable manner. It is, in effect, a checklist for developing a roadmap toward the digital transformation journey that companies are actively pursuing as part of their modernization efforts (Gurevich and Dey 2018).

3.5 Corporate Strategy, Data Strategy, and Data Governance

77

John Gallant and Kevin Fleet in their book “ The Data Strategy Playbook: A CIO’s practical guide to driving change” define data strategy as follows (Gallant and Fleet 2018): A data strategy defines how an organization achieves specific business goals through the strategic use of its data assets.

Ramesh Dontha defines data strategy as follows with the key points highlighted in bold (Dontha 2018): Data strategy lays out a comprehensive vision across the enterprise and sets a foundation for the company to employ data-related or data-dependent capability.

A data strategy can be defined as a high level plan as to how an an organization strategically uses its data assets and employs data-related or data-dependent capability to achieve its business objectives. An organization’s data strategy might also be called a data management strategy or a data quality strategy. Laura Sebastian-Coleman in her book “Measuring Data Quality for Ongoing Improvement: A Data Quality Assessment Framework” states (Sebastian-Coleman, 2012). The difference between a data strategy and a data quality strategy can also be purely semantic. An organization’s data management strategy must also be a data quality strategy, since the purpose of data management overall should be to ensure the existence and availability of high-quality data for the organization.

Organizations generally have multiple data management initiatives underway (metadata, master data management, reference data management, data governance, data migration, modernization, data integration (data warehouse), data security, and data quality). However, most efforts are focused on point solutions that address specific project or organizational needs without taking into consideration, the interrelationships and interactions between these initiatives (SAS 2018). A data strategy establishes a road map for aligning these activities across each data management discipline in such a way that they complement and build on one another to deliver greater benefits, with data governance, data quality, and data architecture being key items (SAS 2018). The data strategy must align with and complement the corporate strategy. It should be subordinate to the corporate strategy. Corporate strategy provides guidance to and context for the data strategy. A strategy mapping technique should be used to map corporate objectives to the data necessary to achieve them and should be the focus of the data strategy. As highlighted by Jill Dyché, the approach of mapping corporate objectives to data- essentially puts data and the need for data governance on the radar of executives who might believe data strategy to be an afterthought (Mahanti 2021a). A data strategy should be able to answer the question as in how it will result in an economic value, be it, increased revenue, profits, or cost reduction. In the example that we used earlier with the corporate objective—“revenue increase” mapped to customer data and prospect data, data strategy would focus on initiatives like master data management, data quality management, and data governance to improve the customer data and prospect data based on the gaps and issues.

78

3 Strategy and Data Governance

Data governance implements the data strategy. With respect to the customer and prospect data example, some of the activities that data governance could be looking at are, locating the critical customer and prospect data elements, improving customer and prospect data collection processes, establishing enterprise wide standards for these elements, and ensuring processes and metrics are in place to ensure that the data is of high quality. Figure 3.3 shows the high level interaction between an organization’s corporate strategy, data strategy, and data governance. Data strategy is often confused with data governance. They are distinct but at the same time also tightly intertwined (Thalanki 2017). The scope of data strategy is wide-ranging and represents an umbrella for all data initiatives such as data architecture, data warehouse, data analytics, business intelligence (BI), data migration, master data management (MDM), reference data management, metadata management, data governance, and data quality. A data strategy ensures that all data initiatives follow a common method and structure that is repeatable (Gurevich and Dey 2018). Paul Barth listed four principles of a successful data strategy in the form of questions (Barth 2018a, 2018b) as follows: Question #1—How does data generate business value? Question #2—What are our critical data assets? Question #3—What is our data ecosystem? Question #4—How do we govern data? The above questions show that data governance is one of the four factors for an effective data strategy and not the only factor. Richard Inserro, Principal, PwC, mentioned in his presentation at Data Citizens ‘17, “The CDO Mandate and the Path Forward,” data governance must be the starting point of any data strategy, and must have the capability and flexibility to support the productivity aspirations, risk mitigation, and operational efficiency needs of the business, and properly align IT activities. These can be achieved by businesses when their programs build a community of common language, collaboration framework, policies, and responsibilities to start their data strategy journeys, which are the basis of data governance (Marchese and Rao 2018). Without prioritizing governance in your data strategy, the desired impact of data on your business will never be realized in an efficient and dependable manner over time. As Stephen Covey famously said, “Begin with the End in Mind means to begin each day, task, or project with a clear vision of your desired direction and destination, and then continue by flexing your proactive muscles to make things happen,” (Marchese and Rao 2018). Data governance is usually a line item in the data strategy. Benefits of data strategygovernance combinations can be divided into two buckets—tangible and intangible as postulated by Adelman, Moss and Abai in 2005. Tangible benefits include (Adelaman et al. 2005): • Revenue enhancement, • Cash flow acceleration,

3.5 Corporate Strategy, Data Strategy, and Data Governance

• • • • • • • •

79

Analyst productivity, Cost containment, Demand chain management, Fraud reduction, Improved marketing effectiveness, Better supplier and customer relationships, Customer conversion rates, and Customer attrition and retention rates. Intangible benfits include (Adelaman et al. 2005):

• • • • •

Better and faster decision making, Better public relations and reputation management, Better customer service, Employee empowerment, and Competitive effectiveness.

3.6 Data Governance Strategy Data governance means nothing to the executive management and leadership unless it contributes to generating revenue or results in cost savings. Data governance intersects with business initiatives specifically the ones which are data initiatives (for example, customer relationship management (CRM), enterprise resource planning (ERP), and compliance) as well as data management initiatives (for example, master data management, and data integration). The data governance strategy should contain an answer to the following questions as illustrated in Fig. 3.4: • • • • • •

Why are you doing data governance? Who are the stakeholders in the data governance program? What needs to be done to achieve the “why”? Where do you want to start? How do you want to achieve data governance? When do you want to do what?

The “Why” defines the desired outcomes and goals of the data governance program, and should be aligned with the organization’s data strategy and corporate strategy. The “Why” that is, “why are you doing data governance?” should always be defined before you define “Who”, “When”, “How”, “What”, and “Where” questions. The “Who” helps in defining the data governance stakeholders. The “When”, “How”, “What” and “Where” form parts of the roadmap. Data governance strategy should align with the data strategy and corporate strategy as shown in Fig. 3.5. In short, the data governance strategy defines the objectives and desired outcomes of data governance program, the scope of the data governance program, the stakeholders, and the roadmap. It is driven by the business drivers and uses cases for data

80

3 Strategy and Data Governance

Why?

Goals and Desired Outcomes

Timelines and Milestones

What?

When? Data Governance Strategy

How?

Scope of Data Governance

Who?

Initiatives

DG Stakeholders

Fig. 3.4 Data governance strategy—the five Ws and how

Aligns

Corporate Strategy

Component Data of Governance

Aligns

Data Strategy

Aligns

Data Governance Strategy

Fig. 3.5 Data governance strategy, data strategy, and corporate strategy alignment

and benefits expected from the same. The objectives and desired outcomes should be well defined and documented as well. This is because if you do not know what it is you are aiming to accomplish as an organization, your likelihood of success is very slim. The objectives and the desired outcome in the data governance strategy helps determine the scope of the data governance program, the data governance business use cases, initiatives, and roadmap activities (high level time-bound plot of when should the data governance initiatives start, the time sequencing of the data governance initiatives, and the milestones).

3.6 Data Governance Strategy

81

A data governance strategy map defining the summary of the goals and outcomes, critical success factors, the core disciplines, supporting disciplines, and showing the relationships amongst these components on one page can help communicate the data governance strategy to different levels of the organization. Benefits, risks, success factors, implementation, and priority should be defined for each of the business use cases. The scope and roadmap help determine the subsequent on-boarding of the data governance resources. A data governance strategy acts as the vision document of the company, and ensures that the whole organization understands the goal of the program and each person’s role in achieving success. It defines how data governance initiatives will be defined, funded, governed, and rooted into enterprise operations. The governance strategy should also define how the organization will assess, define, plan, operationalize, monitor, and measure the data governance programs (Addagada 2016). The data governance maturity model can be used as a tool in planning a data governance implementation program by using it to establish the current and future state as well as to track the progress of the data governance implementation program. Several data governance maturity models have been discussed in Chap. 4. While the data governance strategy creation typically takes a few weeks and has some sort of timeframe for executing it—however, it is only high level in terms of how it will be achieved. The time span of the strategy and roadmap usually ranges from 18 to 24 months. The data governance steering committee consisting of C-level executives should be defined and engaged to support review, and approve the strategy, if necessary. The data governance strategy should be documented, and walkthrough sessions should be conducted with stakeholders, to elicit feedback and sign offs. The data governance strategy should be reviewed every six months or at least once a year. This is because in order to stay competitive as well as comply with regulations, an organization’s business objectives and priorities change with time, which requires the IT strategy, data strategy, and data governance strategy also to be revisited and revised accordingly. For example, the regulatory landscape is constantly evolving, in reaction to fraud, scandals, and security breaches, with new laws coming into being and existing laws being revised, resulting in new requirements in relation to data whether in the form of increased data security, privacy, protection, restricted access or more granular reporting. Hence, organizational strategies also need to be revised, and data governance also needs to evolve to meet these new requirements.

3.7 Building a Business Case for Data Governance As stated by Dr. John Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners Inc. “…every DG program should start with a good business case projecting the value of the program,” (Mahanti 2021a).

82

3 Strategy and Data Governance

It is important to give careful consideration and invest time in building the business case for data governance, to present a strong and compelling case that convinces the executive team to provide the required funding, as well as gain their support throughout the entire data governance journey. It is important to remember that data governance is a multi-year effort, and funding should be secured accordingly (Power 2014). The data governance business case establishes the focus areas, risks, threats, priorities, and benefits for the data governance program. In short, it provides a justification for doing data governance, and acts as a reference guide before and during data governance implementation. Having a business case for data governance has several benefits. The act of creating a business case forces you to identify the pockets of greatest need. It is important to identify the areas of greatest need as well as return. This is because the business case helps in assessing the risks, threats, values, and costs, which in turn can help you to weight the impacts of not doing it against benefits of doing it. It helps set the right priorities. It also helps to validate any preconceived assumptions about the strategy, and direction that your initiative must take (Jones 2015). Also, data governance ties together other data management initiatives like data security management, data quality management, and master data management and a business case for those initiatives would cover the need for data governance. Taking our earlier example of customer and prospect data to increase revenue, you need high quality customer and prospect data, and data governance would be needed to ensure that the said data is of high quality. Generally, data governance is driven by a small group. However, data governance implementation affects all business units across the enterprise as data crosses the business unit boundaries and is not a departmental asset. A robust data governance business case which outlines the risks and values helps in gaining cross-departmental agreement as each group has a vested interest in its outcome. This ensures that all stakeholders have a common understanding of the value of data governance. Without a business case, business units, and departments not driving data governance will question “ What is in it for me?”, and there is a likelihood of these groups offering resistance to the implementation of data governance as they see data governance being forced upon them (Jones 2015). In the absence of a data governance business case, you have no protection when there is an organizational restructure at the executive and C-suite levels. The backing by previous leadership and management who supported the data governance program is no longer there, and the new leadership and management may not perceive the business benefit of data governance, and may ultimately scrap the initiative (Jones 2015). A compelling data governance business case which has the risks, values, costs, and justification outlined for doing data governance can provide a greater degree of protection from the unexpected management changes. It can also provide justification to the management to continue with the implementation of the data governance program (Jones 2015).

3.7 Building a Business Case for Data Governance

83

Data governance is not a technology project or a project for that matter, but a business program and practice that deals with the data assets of an enterprise. Hence, creating a business case for data governance is different from creating a business case for a traditional technology project. Many of these variances revolve around subject areas, such as business process, change management, business benefit, and holistic impact (Information Builders 2012). The data governance business case should establish the high-level understanding and communication for the business benefits that the governance program will seek to achieve (use cases), who will be involved (resource types), where governance disciplines will be applied (processes in the use cases), and the economic value for applying governance to achieve those outcomes (Fryman 2016a) in a lucid manner as the subject of data governance might be new to the stakeholders involved. An effective data governance business case consists of three key components (Fryman 2016a) as shown in Fig. 3.6. 1. 2. 3.

Risk. Value. Cost.

What are risks of doing/not doing data governance?

Risk

DG Business Case Components Value

Cost

What are the returns/benefits versus the costs?

What are costs of doing data governance?

Fig. 3.6 DG business case-building blocks

84

3 Strategy and Data Governance

Risk The data governance business case should outline the risks of not doing data governance and call out the urgency of the problem with data to support the same. In financial and healthcare organizations, which can be subjected to penalties for noncompliance, and where there are legal, regulatory, and reputational impacts of not governing data, the risks of not doing data governance are apparent. With the rest of the industry sectors, the risk of not doing data governance may not be as obvious. However, with the enormous amounts of data that the organizations store, there is a huge risk associated with data, if it is not governed and managed appropriately. Some of the risks of not doing governance are – • • • •

Fines and penalty because of non-compliance, Data security breaches, Privacy violation, Potential loss of public opinion or negative public opinion that might result in decrease of revenue, and • Risk of revenue, regulatory, or capitalization reporting may be in error or questioned. Risk factors are often difficult to assign a financial value to (Fryman 2016b). For example, it is difficult to quantify the brand damage or negative public opinion. The level of concern associated with the above risk factors, the likelihood and the severity of the impact may be used to determine the degree of risk. It is best to classify your risks as high, medium, or low, and if possible associate a dollar value with the risk factors. Value Value is either anticipated cost reduction or benefit expected to be achieved from the implementation of data governance in the organization. The business case should call out how the organization will be benefited or improved by implementing data governance to convince the executive leadership and senior management to give their blessing to the data governance program. The value you will obtain from data governance is dictated by the business outcomes and capabilities you want to achieve by implementing data governance and use cases of data governance. Some examples of outcomes are as follows: • Reduce cycle-time searching for data necessary to conduct management reporting and analytics (Fryman 2016b). • Improve and align business terminology across the enterprise. • Improve data quality definition across the enterprise. • Improve discovery of authoritative data. • Improve user access to authoritative data sources while ensuring data protection and security. • Improve the processes and time to resolution while reducing the cost of issue management around data (Fryman 2016b).

3.7 Building a Business Case for Data Governance

85

• Improve business processes to enable data quality improvements and measurements • Increase the transparency and accountability for data management functions. • Improve the processes and time to resolution while reducing the cost of issue management around data. • Establish traceability and lineage for critical data to increase trust in the data. • Establish consistent definition and usage of reference and master data across the enterprise. Robert Seiner, author of the book “Non-Invasive Data Governance” uses a value statement which he defines as cause-and-effect relationship between formalizing existing levels of governance and putting a non-threatening program in place to govern data and the business value that will be gained by governing data in that manner (Seiner 2009). The format that he uses isOrganizations that do (X), Demonstrate * business value improvements through (Y) * or some other verb, Where (X) are clearly defined actions and (Y) are the business improvements that come from the actions. One example is as follows. Organizations that makes certain that the appropriate people are involved in specific tasks related to data management tasks, demonstrate the ability to eliminate replication of data, misuse of data, and improve their ability to integrate data based on the corporate critical data element standards (Seiner 2009). Most data intensive projects, such as data warehouses, business intelligence (BI), master data management (MDM), enterprise resource planning (ERP), and customer relationship management (CRM) have a business case and an ROI. Historically, many of these same projects fail to achieve set expectations or meet business requirements—or fail entirely. According to some experts in the industry, the failure rate constantly lingers in the 50% range (Information Builders 2012). The reason for these failures is normally attributed to the absence of a data governance and quality strategy. Data-intensive projects require governance to optimize the ROI. In many cases, it can account for 25% or more of the entire return on investment (Information Builders 2012). Organizations should examine their individual project business cases and determine the value governance will bring to their success and ROI. Every organization has at least one failed project experience, and in many instances, the lack of data governance has been the cause (Information Builders 2012). These projects are typically well known to the organization, even though they are not discussed. As part of the business case, past projects that have underperformed should be used as examples, and point out the role data governance—or lack thereof—had in the project (Information Builders 2012).

86

3 Strategy and Data Governance

Cost Cost is one of the key components of the data governance business case. It is defined as the financial cost involved in implementing data governance along the following cost buckets: 1. 2. 3.

Resources. Infrastructure and technology. Processes.

You also need to identify your current costs and estimate future costs once the data governance processes, resources, infrastructure, and technology are in place. Cost estimation for resources The following needs to be taken into consideration when conducting cost estimation for resources: • • • • •

The types of resource required. Number of resources that are required. Number of incidents per week/month/quarter. Average effort and cost per incident. Impact of improvements and technology on the resource costs.

Cost estimation for processes Estimating cost for processes will need estimation of the time and resources it takes to complete processes such as: • • • •

Data discovery—searching and locating the authoritative data. Understanding the correct source and usage of the data (Fryman 2016a). Standardizing data definitions across the enterprise. Defining and aligning business terminology for consistent usage across the enterprise. • Generating new reports and enhancing existing ones (Fryman 2016a). • Managing data migration and data integration processes. • Data quality issue management (Fryman 2016a). Cost estimation for infrastructure and technology While technology and tools do not drive governance, they enable data governance and therefore, they need to be taken into consideration. The following costs needs to be taken into consideration when conducting cost estimation for infrastructure and technology: • • • • •

Hardware cost, License cost, Annual maintenance cost, Initial start-up costs, and Other recurring costs.

3.7 Building a Business Case for Data Governance

87

Taking our earlier example, of customer and prospect data, a data quality assessment exercise would tell us how good or bad is the quality of data, and whether it would be possible to assign a dollar value. Say, ABC electronics is launching a set of new laptop, camera, and cell phone models. If 20% of the customer and prospect contacts lead to sales worth approximately $1500 per lead and the customer and prospect database has 80,000 records out of which 30,000 records do not have correct addresses, then the lost revenue would be approximately $9 million. If the cost of improving data quality and implementing data governance is $2 million, and by doing so, you can correct 90% of the addresses, then that equals to 72,000 records correct. Hence, you will still get revenue of $7.4 million and $5.4 million of profit. When constructing a business case for data governance, there are two ways of going about it- look at the critical data, assess the business impact and cost of bad data, or look at the business objectives, the data that will be required to fulfill the business objectives, and how the data is falling short of meeting those business objectives. In both cases, you need to be able to assign a dollar value towards the cost of implementing each of the objectives.

3.8 Data Governance Roadmap

Strategy is a commodity, execution is an art. —Peter F. Ducker. In life, as in football, you won’t go far unless you know where the goalposts are. —Arnold H. Glasgow.

Once you know your current state of maturity (that is where you are or the ‘as-is’ state), the future state of maturity (that is where you want to be or the ‘to-be’ state or ‘target’ state), and the gap between the ‘as-is’ state and the ‘to-be’ state, a roadmap can be produced for attaining the ‘to-be’ state. As the king said in Lewis Carroll’s ‘Alice in Wonderland’: Begin at the beginning and go on till you come to the end: then stop.

A roadmap needs to [Entity]: • Communicate when key organizational capabilities will be delivered; • How this translates into costs and tangible business benefit realization over time; and • Processes and technologies required to implement the capabilities. The data strategy defines the key capabilities required, which encompasses people, process, technology, and culture. The data governance roadmap will lay out the plans and timelines for implementing these capabilities. A data governance roadmap is needed to help navigate the pathway to data governance success and set the appropriate priorities for related

88

3 Strategy and Data Governance

projects so that execution can follow. It contains core components and initiatives with the estimated start and end dates, which will be required to achieve the business objectives. The data governance roadmap should define the data governance organization structure and operating model consisting of roles, responsibilities, decision rights, rules, controls, and accountabilities across the different business units. The data governance organizational structure has been discussed in detail in Chap. 5. The data governance roadmap should also define the change management plan and should contain steps to integrate with other data initiatives like data quality, data warehousing, and data security initiatives. Certain data governance capabilities form the base, and their implementation should be prioritized to ensure that the structure is in place to support the implementation of subsequent capabilities. First, organizational roles must be defined with clearly documented accountabilities and responsibilities in the context of the underlying governance structure. The accountability established will support the implementation of the other capabilities [Urso]. It is important that the roadmap has the appropriate level of detail. Roadmaps are fundamental communication tools, and you’re going to need a significant number of people within your organization to ‘buy into’ your roadmap [Entity].

3.9 Data Governance Pilot As discussed in Chap. 2, you should not take the “big bang” approach when implementing data governance in your organization. It is critical to commence any data governance initiative with a short, high priority, well defined, and well understood pilot. The prioritization and selection of the pilot phase should be directed by the area within the business with the greatest need, most pain and/or largest perceived benefit. This pilot can be selected based on priorities set across one or more of the following dimensions: • Critical data domain, critical data sets, and critical data elements. • The data function or data initiative.

3.9.1 Critical Data Domains and Data Sets Identify the different data domains in the organization and select the most critical data domain for a data governance pilot. Depending on the industry sector, there may be different data domains. A data domain is connected to a number of applications and business processes, and has a large number of data sets and data elements. It is important to identify the critical data sets within the critical data domain, and the critical data elements in the critical data sets in this data domains. Critical data elements are subsets of critical data sets which are in turn subsets of critical data

3.9 Data Governance Pilot

89

Critical data domains Critical data sets Critical data elements

Fig. 3.7 Critical data domains, data sets, and data elements

domains as shown in Fig. 3.7. Also, while looking for critical data elements, one has to consider the interrelationships between the data domains. For example, financial data domain is very critical as it drives accounting, financial, and regulatory reporting, and is subject to audits. Since, there are huge risks associated with financial data, financial data domain is the primary domain for financial data. However, financial data is also driven by other data domains like customer, product, events, and assets. These are secondary domains in relation to financial data. Hence, data elements and data sets indirectly associated with financial data in these secondary domains also become critical. From a HIPAA compliance perspective, certain patient data elements need to be of high quality and also need to be adequately protected. However, the address data associated with a patient also needs to be accurate, current, and complete, so that medical reports and communication containing sensitive health information do not fall into wrong hands. The following criteria can be used to identify the critical data sets and critical data elements: • • • •

Number of consumers or users of the data. Criticality of the business processes consuming the data. Number of enterprise obligations that the data set/data elements are used for. Risks associated with the data set and data elements; (for example—financial risk, compliance risk, health risk, and fraud). • Data classification; (for example, sensitive and confidential).

90

3 Strategy and Data Governance

3.9.2 The Data Function or Data Initiative Another approach to commencing a data governance pilot is to set up the required governance structure to support one or more data functions as defined by the Data Management Association (DAMA) (Zaki 2018) or data initiatives. For example, if the pilot focuses on the data quality management function, then data governance would involve setting up the required organizational structures, roles, responsibilities, accountabilities, decision rights, policies, processes, standards, rules, and metrics to support the data quality management function. High priority scope items will naturally be a cross section of the above two dimensions—critical data elements within critical data sets and critical data domains and data function/data initiative as shown in Fig. 3.8.

Critical Data Domains Critical Data Sets

Critical Data Elements

Data Security Management Fig. 3.8 Data management functions/initiatives and critical data

3.9 Data Governance Pilot

91

For example, the pilot may be data governance to support the product data domain and the product data set in the product data domain and the master data management initiative. While party data or specifically customer data is important across all industry sectors, certain data domains are relatively more important in certain industry sectors. For example, for the utilities and telecommunication industry, the asset data and its quality are specifically important, whereas for the retail sector, the product data is important.

3.10 Role of the Chief Data Officer in Data Governance The Chief Data Officer (CDO) is a C-level role to transform the organization into a data driven organization and with overall accountability for data as an enterprise asset. There is no universal agreement on the definition and responsibilities of the CDO. This is because the role of CDO is still evolving. As per Sunil Soares, author of “The Chief Data Officer Handbook for Data Governance” the definition of the Chief Data Officer (CDO) and chief data office are as follows: Chief Data Officer is a C-level executive with overall accountability for data management in an enterprise. The chief data office refers to the enterprise data management (EDM) organization or department, which reports to the CDO.

Dr. John Talburt states in his interview (Mahanti 2021a)— … the real value a CDO can bring to an organization is leadership in developing a data strategy and vision. The CDO needs to be an executive-level leader outlining how the organization will best exploit its data assets and how it should partner with others to combine data for new products and services. Viewing the CDO as a purely operational role for DG and DQ limits the role, and can cause organizations to miss out on a large part of the opportunity to participate in the data revolution.

Data governance is identified as one of the core components of data management (DM) or enterprise data management (EDM) functions and intiatives tying together the other data management functions as summarized in Fig. 3.9. As discussed in Chap. 2 in Data Governance and Data Management (the second book of the series), the data governance function guides all the other data management functions by defining, reviewing, communicating, and enforcing policies, processes, rules, and standards in each of the other data management functions, and identifying, managing, prioritizing, escalating, resolving issues, and overseeing data management projects. The organization must define the overall scope of the chief data office. There are a number of patterns for the scope of the chief data office (Soares 2014): Data governance focus In this pattern, the CDO owns data governance and performs a limited set of functions, such as data quality and metadata. Other data management functionaries report to the

92

3 Strategy and Data Governance

Fig. 3.9 Data governance tying together the data management functions and initiatives

Chief Information Officer (CIO). In essence, the CDO establishes data policies and standards around the data management functions in the organization but outsources the technology aspects to the CIO. Data governance plus some operational and analytical systems In this pattern, the CDO owns data governance, data quality, and metadata as well as other functions such as master data management, reference data management, business intelligence, and data warehousing. However, the CIO still retains control over the other functions. Broad EDM scope In this pattern, the CDO owns most of the data management functions including data governance with the exception of some departments such as database management, which may continue to report to the CIO. The reporting structure for data architecture and data modeling and design is typically highly sensitive because it may involve breaking apart the enterprise architecture department.

3.10 Role of the Chief Data Officer in Data Governance

93

In all the above patterns, data governance is within the scope of the CDO. Although the role of the CDO is still evolving, there are various aspects that are becoming more steady (Soares 2014). One of them is that data governance is perceived as a critical function as part of the chief data office, and the intent of the CDO role is to create a strong executive focus on data governance. Inderpal Bhandari, Chief Data Officer, Cambia Health in his foreword for Sunil Soares’s book – “The Chief Data Officer Handbook for Data Governance”states (Soares 2014): Since 2006, I have created the role of Chief Data Officer thrice in different healthcare organizations. My role expanded in scope over time, in keeping with the trend of increasing importance of data to a business. I went from the leader of a functional unit to the general manager of a business unit and then to a member of the CEO’s senior leadership team. I had to reinvent the CDO role at each transition to reflect the expanded scope. But one aspect remained constant: Every time, I had to implement a data governance program.

There are different viewpoints on the CDO’s relationship to data governance. “We have a lot of interesting discussions as to what CDOs are supposed to do. Just one comment (I have) is (that) data governance is specifically owned by the business,” said Mark Ramsey, CDO of GlaxoSmithKline (GSK) and senior vice president of GSK’s research division, in a panel discussion titled Dynamics between the CDO and the CIO: The Case of a Major Pharmaceutical Company. “That’s not a CDO responsibility that I have.” “The business owns data governance. That’s not some ‘nobody wants it so give it to Mikey’ kind of thing,” Ramsey said. “I participate in that but I don’t own it, and I don’t want to own it because that’s something the business needs to deal with. Business leaders may struggle with the responsibility for data governance”. “The business owns the data, and we [as CDOs] are [merely] custodians as it passes through—and that ownership comes with it ensuring the [data] quality is at a certain level,” he said. “There’s gonna be a lot of pain [put] back on the business owners because they’ve gotten away with doing some things in the past that aren’t going to be acceptable as we move forward. It’s going back to the folks who created the data—so it’s ‘Wait a minute. If I just do it right, I don’t get all these questions; I don’t get the overhead.’” (Stanganelli 2016). “My role as Chief Data Officer has evolved to govern data, curate data, and convince subject matter experts that the data belongs to the business and not [individual] departments,” Stu Gardos, CDO at Memorial Sloan Kettering Cancer Center, said at the CIO Perspectives conference (Brown 2018). “The CDO is the best person to drive data governance,” [Monkey Business Images/Shutterstock]. “Ideally, there should be a CDO to oversee and facilitate the execution of a data governance program to ensure executive sponsorship,” Emily Washington, senior vice president of product management and Infogix says. “Other direct participants should include executive leadership, project management, data stewards (which may reside in IT or within a more federated model across lines of business and functions), and subject matter experts. But given the objectives of data governance, all roles

94

3 Strategy and Data Governance

within the organization have a part to play in its implementation success. The key to data governance is to ensure collaboration across the enterprise (Woodie 2018).” Dr. John Talburt stresses that for a CDO role to be successful, it should be implemented correctly. He states (Mahanti 2021a). …the CDO and DG will not be successful without business participation. The most effective CDOs report to a business leader such as the CEO, CMO, and the CRO.

According to Dr. John Talburt, “when a CDO reports to the CIO, it is a sign the organization does not understand the need for business to be accountable for data, the CDO role is much less effective. As long as organizations see IT as accountable for data and DG, they will at best have limited success.” Dr. John Talburt goes on to state that CDO’s are often seen as being mainly responsible for DG and DQ programs. And while the CDO should definitely oversee DG and DQ, viewing the CDO as a purely operational role for DG and DQ limits the role, and can cause organizations to miss out on a large part of the opportunity to participate in the data revolution (Mahanti 2021a). As per Christopher Butler, Chief Data Officer, HSBC, UK (Mahanti 2021a), The Chief Data Officer is critical to aligning business and data areas together. He must fully understand and be part of the business structure, provide the necessary data governance as well alignment with IT tools and technology to move forward. The CDO is able to ensure the right level of ‘C’ Suite support and be in a position to ensure that consistency and standards apply to the entire organization.

The CDO should effectively communicate the value of data governance and take the right steps to engage both data practitioners and data users, creating a collaborative environment for managing and governing data. To make the data governance process work, a CDO should ensure that an operating model for data stewardship and governance is developed with defined roles, responsibilities, and levels of escalation to enforce compliance with rules for using business data [Loshin]. The following data governance topics are the keys to the CDO agenda (Soares 2014): • • • • • •

How do we organize for data governance? How do we drive business ownership of data? How do we set data policies, standards, and processes? How do we monitor the adherence to these data policies, standards, and processes? How do we enforce compliance with these data policies, standards, and processes? How do we leverage technology, especially in the context of big data?

A Chief Data Officer can be appointed in three different types of organizations in the context of status of data governance implementationScenario 1: Organizations that have already formalized data governance throughout the enterprise and have formal data governance roles and responsibilities [Simon]. Scenario 2: Organizations that informally and invisibly practice data governance. Formal data governance roles are not seen; however, many individuals and

3.10 Role of the Chief Data Officer in Data Governance

95

groups may be fulfilling similar and corresponding functions whether knowingly or unknowingly [Simon]. Scenario 3: Organizations have minimal data governance practices and there is no data governance awareness in the organization. In scenario 1, in organizations that have already formalized data governance, there is usually an executive who is in charge of data governance, and appointing a Chief Data Officer will cause him to step on the other executive’s toes. Organizations for which scenario 2 applies, could benefit the most from the appointment of a sharp CDO. This is because the culture of a new CDO shock here should be minimal as the sentiments expressed and actions taken by the CDO merely formalize what the organization has already been doing [Simon]. In Scenario 3, in case of organizations that have minimal data governance practices and there is no data governance awareness in the organization, it is up to the CDO to drive data governance in the organization and bring about a cultural change to incorporate a data driven culture in the organization.

3.11 Concluding Thoughts An effective data governance strategy needs internal acceptance among stakeholders, on both business and technical sides, an operating model that accounts for the organizational structure, IT infrastructure, and business needs, empowered people who can make decisions and assign responsibilities, and highly targeted projects that yield quick wins and establish standard procedures (Accenture 2018). The Chief Data Officer (CDO) or a similar executive role (for example, Chief Information Officer or Chief Financial Officer) drives data governance in an organization. The ‘one size fits all’ approach does not apply to strategies, be it corporate strategy, data strategy or data governance strategy, as every organization is unique. Shannon Fuller, Director of Governance Advisory Services, Gray Matter Analytics, stressed on organizational culture in his interview, and when asked about interesting thoughts/advice that he’d like to share with the audience with respect to data governance, he said the following (Mahanti 2021a)— Your organization’s culture will drive your governance strategy and your governance strategy will drive culture change.

Every organization will have its own unique strategy to implement data governance depending on the organizations’ strategic business objectives and future direction, their data and application landscape, regulatory landscape, business impact of data issues, the value they want to derive from their data, size of the organization, organization structure and hierarchies, organization culture, their current data maturity, and their readiness to achieve higher maturity levels.

96

3 Strategy and Data Governance

The business case is needed in order to secure sponsorship for a data governance program (Mahanti 2021a) as well as sustain the support in case of changes in management. As highlighted by George Firican, Director of Data Governance & Business Intelligence at UBC DAE and Founder of www.lightsondata.com (Mahanti 2021a), The overall strategy needs to address the business needs, deliverables, objectives, framework, and best practices as well as change management accompanying it all. Both the strategy and business case should help identify the risks, gaps, assumptions, constraints, and benefits, tie them to the goals of the organization and determine why and how data governance can support them.

You need a good data governance strategy to kick start your data governance journey, and strategy should be followed by execution. As stated by Morris ChangWithout strategy, execution is aimless. Without execution, strategy is useless.

In response to the question relating to any other interesting thoughts/advice that Jill Dyché would like to share with the audience of the book with respect to data governance, this what she had to say (Mahanti 2021a)— Data governance is changing. It’s no longer a separate effort but rather it’s ‘baked in’ to every strategic project. The good news is that data has a seat at the strategy table now. It should have been invited sooner!

References Accenture (2018) Data governance strategy. Last accessed on 01 Dec 2018 from https://capitalma rketsblog.accenture.com/data-governance-strategy Addagada T (2016) Is this the right time to create a maturity model for your Data Governance Division? Finextra blog. Last accessed on 20 Dec 2016 from https://www.finextra.com/blogposting/ 12192/is-this-the-right-time-to-create-a-maturity-model-for-your-data-governance-division Adelman S, Moss L, Abai, M (2005) Data Strategy. Addison-Wesley Askham N The 9 biggest mistakes companies make when implementing data governance. Last accessed on 16th July 2018 from http://static1.squarespace.com/static/52ed2570e4b02079a82e6 ff3/t/56111545e4b0890ee92b5901/1443960146356/Nicola+Askham+-+9+biggest+data+gov ernance+mistakes.pdf Barth P (2018a) The 4 principles of a successful data strategy, CIO Update. https://cioupdate.com/ the-4-principles-of-a-successful-data-strategy-2/ Barth P (2018b) The 4 principles of a successful data strategy, CIO update. https://cioupdate.com/ the-4-principles-of-a-successful-data-strategy/ Brown ED (2018) You need a chief data officer. Here’s Why. Eric D. Brown, Last accessed on 24 Dec 2018 from https://ericbrown.com/you-need-a-chief-data-officer-heres-why.htm Daniel DR (1961) Management information crisis. Harvard Bus Rev September–October 1961 Daniell M (2007) The elements of strategy, pp 1–110 Dontha R (2018) December 16, 2016 Data strategy—What, why, when, who, where, digital transformation pro. Last accessed on December 3, 2018 from https://digitaltransformationpro.com/ data-strategy-5ws/ Eckerson, Wayne, June, (2011) Creating an enterprise data strategy: Managing Data as a Corporate Asset. http://docs.media.bitpipe.com/io_10x/io_100166/item_417254/Creating%20an%20Ente rprise%20Data%20Strategy_final.pdf. Last accessed 1 June 2014

References

97

Entity The 12 step data governance road map to business success, entity white paper. Last accessed on 22 Dec 2018 from https://www.entitygroup.com/12-step-data-governance-road-map/ Fryman L (2016a) Data governance business case journey begins with the first step, collibra blog. https://www.collibra.com/blog/data-governance-business-case-a-journey-begins-with-thefirst-step/ Fryman L (2016b) Business glossaries and metadata: building the data governance business case. The Data Administration Newsletter. http://tdan.com/business-glossaries-and-metadata-bui lding-the-data-governance-business-case/19874 Gallant J, Fleet K (2018) The data strategy playbook: A CIO’s practical guide to driving change, Informatica. https://static1.squarespace.com/static/5d529586daa0e30001b91b58/t/5d8 0e340809d981c12b885b8/1568727874802/TheDataStrategyPlaybook.pdf Gow B (2006) Case study: Data governance & compliance for financial services, IBM corporation, CDISP 2007. Last accessed on 22 Dec 2018. http://www.sourcemediaconferences.com/CDISP07/ pdf/Gow_Brett.pdf Gurevich A, Dey S (2018) Defining a data strategy: an essential component of your digital transformation journey, DXC.Technology White Paper Henry, ND (2015) What is strategy? https://blackwells.co.uk/extracts/9780199288304_henry.pdf. Accessed 25 Feb. 2015 Information Builders (2012) Building a business case for data governance: Ten critical steps, A White Paper, iway Software Izquierdo R (2020) Successful growth strategy examples from real-world companies. Last accessed on 1 June 2020 from https://www.fool.com/the-blueprint/growth-strategy/ Jones D (2015) Justifying the need for a data governance business case. The Data RoundTable, SAS Blog, https://blogs.sas.com/content/datamanagement/2015/08/10/justifying-need-data-gov ernance-business-case/ Kaplan R, Norton D (2004) Strategy maps: converting intangible assets into tangible outcomes, Harvard Business School Press Kaplan RS, Norton DP (1996) The balanced scorecard: translating strategy into action. Harvard Business School Press, Boston Kimberlee L (2018) Examples of corporate business strategies, Chron. Last accessed on 1 June 2020 from https://smallbusiness.chron.com/examples-corporate-business-strategies-4755.html Lafley AG, Martin RL (2018) Customer Loyalty Is Overrated, HBR’s 10 Must Reads series 2018. Harvard Business Review Press, Boston, Massachusetts Liddell HG, Scott R (1999) A greek-english lexicon, on Perseus Loshin D, CDO should take lead on data governance process, info strategy, Search Data Management, Techtarget. Last accessed on 24 Dec 2018 from https://searchdatamanagement.techtarget. com/tip/CDO-should-take-lead-on-data-governance-process-info-strategy Mahanti R (2021a) Data governance and compliance, Springer Books, Springer, number 978-98133-6877-4 Marchese, J, Rao N (2018) Data strategy begins governance, Collibra Blog. https://www.collibra. com/blog/data-strategy-begins-governance/ Mauzy D, Bull B, Gould T (2016) Avoid the pitfalls: benefits of formal Part C data system governance. SRI International, Menlo Park, CA Mintzberg H (1978) Patterns in strategy formation. Manage Sci 24(9):1–15 Neilson GL, Martin KL, Powers E (2020) The secrets to successful strategy execution, HBR’s 10 must reads on strategy 2-volume Collection Harvard Business Review Press Pastore M (2018) GDPR, compliance concerns driving data governance strategies, erwin Expert Blog, Last accessed on 10 Sept 2018 from https://erwin.com/blog/driving-data-governance/ Power (2014) Building a data governance organization, information governance BlogEckerson.com, eckerson.com/articles/building-a-data-governance-organization Rockart JF (1989) A primer on critical success factors. In: Bullen CV (ed) The rise of managerial computing: the best of the center for information systems research. Dow Jones-Irwin, Homewood, IL

98

3 Strategy and Data Governance

SAS (2018) 5 essential components of data strategy. https://www.sas.com/content/dam/SAS/en_ us/doc/whitepaper1/5-essential-components-of-data-strategy-108109.pdf Seiner R (2009) Data governance value statements, the data administration newsletter. http://tdan. com/data-governance-value-statements/10360 Sebastian-Coleman L (2012) Measuring data quality for ongoing improvement: a data quality assessment framework. Morgan Kaufmann, 2012. Print. The Morgan Kaufmann Series on Business Intelligence. Simon P, Chief data officer role shakes up traditional data governance, SAS Institute Inc. https://www.sas.com/en_au/insights/articles/data-management/chief-data-officer-roleshakes-up-traditional-data-governance.html Siviy J, Ismail N, What is your strategy? The FAST Goals© Methodology. SDLC Partners Insight Siviy J, Kirwan P (2008) Harmonization in multimodel environments. SEI Webinar 18 July 2008 Siviy J, Kirwan P, Marino L, Morley J (May 2008) Strategic technology selection and classification in multimodel environments. Copyright 2008 Carnegie Mellon University, White Paper Siviy JM, Lynn Penn M, Stoddard RW (2007) CMMI & six sigma: partners in process improvement. Addison-Wesley, Dec 2007 Soares S (2014) The chief data officer handbook for data governance. MC Press, Canada, ISBN: 978-1-58347-417-4 Stanganelli J (2016) Is data governance the CDO’s responsibility? Enterprise apps today. Last accessed on 24 Dec 2018 from http://www.enterpriseappstoday.com/data-management/data-gov ernance-cdos-responsibility.html Thalanki N (2017) Data strategy vs data governance, linkedIn. Last accessed on 1 June 2020. https:// www.linkedin.com/pulse/data-strategy-vs-governance-naveen-thalanki-ms-mba-pmp The Burnie Group Good Corporate Strategy-Everything you need to know. Last accessed on 1 June 2020 from https://burniegroup.com/good-corporate-strategy/ The Data Governance Institute (2017) Data governance: the basic information. Last accessed on 3 Dec 2018 http://www.datagovernance.com/adg_data_governance_basics/ Tilles S (1963) How to evaluate corporate strategy. Harvard Business Review. https://hbr.org/1963/ 07/how-to-evaluate-corporate-strategy Urso V, Leveraging data governance in financial services, Perficient. Last accessed on 22 Dec 2018 from https://www.perficient.com/insights/guides/2018/leveraging-data-governance-in-financialservices Woodie A (1 February, 2018) Five tips for winning at data governance. Datanami. https://www.dat anami.com/2018/02/01/five-tips-winning-data-governance/. Last accessed 14 Oct 2018 Zaki A (2018) Making data governance successful—5 key principles, Altis. https://altis.com.au/ making-data-governance-successful-5-key-principles/

Chapter 4

Data Governance Maturity Models

We mature with the damage, not with the years—Mateus William Maturity is a high price to pay for growing up—Tom Stoppard

Abstract It is very important to understand an organization’s current data governance maturity when planning to implement formal data governance. This chapter discusses the concept of data governance maturity and data governance maturity model. Several data governance maturity models have been proposed by different industry practitioners, which can be used as a guiding framework to baseline an organization’s data governance maturity, and set goals to move up the data governance maturity curve. In this chapter, the data governance models developed by Kalido, DataFlux, Informatica, Oracle, Microsoft, and IBM are discussed and compared. In addition, a new data governance maturity model consisting of ten dimensions is discussed in this chapter.

4.1 Introduction In the context of the organization as a whole, the term maturity relates to the measure of the capability of an organization around different disciplines including people, processes, data, technologies, and measurement practices. The term ‘maturity’ when used in the context of processes relates to the extent of sophistication and optimization of processes, from chaotic and ad-hoc practices at the lowest level, to documented repeatable steps, to standard processes, to quantitatively managed processes with result-oriented metrics, and to active optimization of the processes, with increasing levels of maturity. In the context of an organization’s software processes, maturity relates to the degree of predictability, effectiveness, optimization, and control of the software processes.

© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4_4

99

100

4 Data Governance Maturity Models

In the context of data governance, maturity relates to the sophistication of processes and structures to oversee the management of data, and moves from ungoverned data to governed data, with increasing levels of maturity. The status of implementation of data governance and the sophistication of data governance practices vary greatly from organization to organization. Any organization that captures, processes, stores, and uses data has some capabilities around data governance already in place. Hence, the organizations which implement data governance formally, rarely begin from nothing. While highly regulated industries tend to have more mature data governance processes, structures, and practices, owing to the negative implications of compliance, quite a lot of organizations (specifically those that are not highly regulated) have low levels of data governance maturity characterized by pockets of data governance that run in silos, limited and / or stagnant data policies, haphazard data standards, no formally defined data governance roles, informal data ownership and stewardship, no formal conflict resolution process, and no formally defined data governance metrics with limited measurement and tracking. It is very important to understand an organization’s current data governance maturity when planning to implement formal data governance and prior to the development of a data governance strategy. Assessing and determining your organization’s data governance maturity will ensure that you are able to establish the current state and create a baseline for measurement. It is also important to do a gap analysis between the current state and the future state, and plan for attaining the future state, keeping in mind the existing capabilities.

4.2 Data Governance Maturity Models All rising to great places is by a winding stair—Gautam Buddha

Maturity models represent a distinct class of models, dealing entirely with the organizational and information systems related to change and development processes (Becker et al. 2010; Crosby 1979; Gibson and Nolan 1974; Mettler 2010; Nolan 1973). A maturity model is a tool or a guiding framework that provides a means for organizations to determine the current effectiveness and capabilities in a particular discipline. It assists in figuring out what needs to be done, or what capabilities and improvements are needed to acquire the future state that the organization desires to achieve. Maturity models are structured as a sequential level of capabilities, predictability, and effectiveness, along a single dimension or multiple dimensions, with higher maturity levels associated with higher levels of capabilities, predictability, and effectiveness. Each level in the maturity model builds on top of a lower level. It is not possible to jump to a higher level before conquering the lower ones as shown in Fig. 4.1.

101

Fig. 4.1 Maturity model structure

4.2 Data Governance Maturity Models

102

4 Data Governance Maturity Models

Greater the number of dimensions, more complex is the model. It is recommended to keep the model simple to get the maximum value out of it. The data governance maturity models can be used to assess an organization’s maturity from a data governance perspective. There are a number of data governance maturity models that have been developed by industry professionals, which can assist in the planning and implementation of data governance. Some of these have been modeled after the Capability Maturity Model (CMM) developed by the Software Engineering Institute at Carnegie Mellon University, USA in 1984, to assess maturity in application domains, including software development, program development, IT service management processes, and project management domains. The CMM model has been summarized in Fig. 4.2. Data governance has several dimensions associated with it, but the CMM model for all intents and purposes is one-dimensional, because, while the CMM model makes it possible to work with different key areas, the progression from a lower level to the next higher level is only possible, if all key areas satisfy specific criteria. By reducing the data governance maturity model to a one-dimensional concept, it is not possible to capture and assess all the required elements. This is because the organization might find that its maturity level differs across different dimensions. For example, it might be at the lowest level with respect to a certain dimension but at a higher level with respect to another dimension.

4.3 Data Governance Maturity Model Metamodel Each data governance maturity model has a metamodel that comprises of the following elements: • Levels or stages—These are progressive stages in maturity. • Subject areas—These are capabilities (key areas, components, functions, or dimensions). • Subject sub areas—These are areas or components or dimensions under the subject areas. Subject areas might or might not be broken into sub areas. • Subject area/subject sub area dimensions—These are assessment criteria for each of the subject areas and/or subject sub areas which help determine their maturity level. While levels and the names assigned to levels are usually available for all the different data governance maturity models, the subject areas are not available for all of them. Subject sub areas as well as subject area/subject sub area dimensions are rarely publicized.

Fig. 4.2 Capability maturity model

Process driven in an adhoc, uncontrolled & reacƟve fashion

Level 1 - IniƟal

Some processes are repeatable

Level 2 - Repeatable Sets of standard processes defined & documented

Level 3 - Defined Processes are measured & process capability is established

Level 4 - Managed

Focus is on conƟnuously improving process performance

Level 5 - OpƟmized

4.3 Data Governance Maturity Model Metamodel 103

104

4 Data Governance Maturity Models

4.4 Data Governance Maturity Models by Different Industry Practitioners The data governance maturity model is modeled after the CMM defines four, five, or six levels of maturity, ranging from an initial or chaotic level where practices and policies are ad hoc to the highest level in which processes and practices lead to continuous measurement, assessment, improvement, and optimization. Many industry practitioners have modeled the data governance maturity model after CMM, and have altered the five levels. In this section, we will discuss and compare data governance models developed by Kalido, DataFlux, Informatica, Oracle, Microsoft, and IBM. The number of levels and process areas in the maturity models defined by each of these practitioners is summarized in Table 4.1. It is not possible to compare the DG maturity models in Table 4.1 as the levels and/or subject areas are not aligned.

4.4.1 Kalido Based on market research with more than 40 companies at varying stages of maturity, Kalido has defined a data governance maturity model with four levels or stages— application centric, enterprise-repository centric, policy centric, and fully governed, with maturity at each level being gauged along three key areas—organization, process, and technology as follows (Chen 2010). Stage 1—Application Centric From an organization’s perspective, the business sees data as an IT responsibility with no or little collaboration between business and IT. This stage is characterized by an absence of data authority or data stewardship. There is no process for data governance in the organization. From a technology perspective, at this stage, business process models, data models, as well as rules, are completely embedded in applications. Data quality or data modeling tools do not exist, and enterprise-wide, cross-functional views of data are not available. Stage 2—Enterprise-Repository Centric At this stage, from an organization’s perspective, some data stewardship is performed by informal data experts, but there is no formal acknowledgment of the role and definition of responsibilities, with the authority of data lying in the hands of IT. Collaboration between business and IT is consistent. From a process perspective, loosely defined governance processes are siloed by enterprise repositories like data warehouse, a master data hub, and ERP systems, with data issues being tackled reactively without addressing the root cause of the problem. From a technology perspective, data quality tools and metadata tools exist for enterprise repositories.

4.4 Data Governance Maturity Models …

105

Table 4.1 Data governance maturity models—practitioners, maturity levels, and subject areas Practitioner

Maturity levels

Subject area

Kalido

4 maturity levels— • application centric; • enterprise repository centric; • policy centric; • fully governed

3 key areas— • organization; • process; • technology

DataFlux

4 maturity levels— • undisciplined; • reactive; • proactive; • governed

5 components— • people; • policies; • technology; • risk and reward; • advancing to the next stage

Microsoft

4 maturity levels— • basic; • standardized; • rationalized; • dynamic

3 key areas— • people; • process; • technology

Informatica

5 maturity levels— • reactive; • repeatable; • structured; • proactive; • embedded

4 dimensions— • driver; • scope; • how measured; • how managed

Oracle

6 maturity levels— • none; • initial; • managed; • standardized; • advanced; • optimized

Subject areas not available

IBM

5 maturity levels— • initial; • managing; • defined; • quantitatively managed; • optimizing

11 domains— • organizational structures and awareness; • stewardship; • policy; • value creation; • data risk management and compliance; • information security and privacy; • data architecture; • data quality management; • classification and metadata; • information lifecycle management; • audit information, logging and reporting

106

4 Data Governance Maturity Models

Stage 3—Policy Centric At this stage, there is a shift from an IT centric approach to a business centric and policy centric approach to data. Data is recognized as a corporate asset. From an organization’s perspective, business is involved in managing data with a crossfunctional council as the central authority, and data stewards with clearly defined responsibilities. From a process perspective, there is a shift from siloed processes to a streamlined set of processes governing the key enterprise repositories in the organization. The processes for defining policies, communication, and enforcements are established at this stage, and there is a defined process for reporting and tracking data issues. From a technology perspective, data quality is monitored regularly and there is automated workflow to support the data governance process. A centralized repository of data policies is set up to define policies in a top-down approach. Stage 4—Fully Governed Organizations operating at this stage have an organization wide firmly rooted data driven culture, which values data as a strategic asset. From an organization’s perspective, at this stage, the data governance organizational structure is viewed as critical, and is established as a stable business function with the business taking full ownership of data content and defining data policies. From a process perspective, data governance is a core business process, and decisions are made with quantifiable benefit-cost-risk analysis. From a technology perspective, business policies for data model, data quality, security, and lifecycle management are integrated with user interactions with data, with centrally defined policies and rules driving system behavior where feasible. Data at rest as well in motion are monitored with issues being addressed before any adverse impacts to the business.

4.4.2 DataFlux DataFlux has defined a data governance maturity model with four levels—undisciplined, reactive, proactive, and governed with the maturity at each level being gauged along four key areas or components—people, policies, technology, and risk and reward. In addition, DataFlux also has a component “advancing to the next stage”, which outlines the actions required to move to higher levels (DataFlux Corporation). Level 1—Undisciplined As the name suggests, chaos reigns at this level. From a people perspective, at this level, success is dependent on the competence of a few individuals, with no executive awareness of data issues, and no management buy-in for data quality.

4.4 Data Governance Maturity Models …

107

From a policies perspective, at this level, data problems are addressed reactively in a firefighting mode, with no defined data quality processes, and a lot of data silos. From a technology perspective, at this level, data analysis, profiling, and auditing are not done, with data cleansing and standardization only applied to isolated data sources, and data improvement focused on solitary applications. From a risk and reward perspective, at this level, risks are extremely high, like lost customers and opportunities due to data issues, while the rewards are low and driven by the individual degree of success. The first stage is often characterized by events that show the impact of bad data quality like lost customers. This results in organizations to recognize the problems at a departmental level, and start to quantify the effects of poor data quality in the organization, and take steps to progress towards the next level of maturity. In order to move to the next higher maturity level, organizations have to establish their data governance objectives, baseline their data governance maturity, identify their critical data assets, and have technology components in place for data quality and data integration. Level 2—Reactive As the name suggests, organizations that operate at this level of maturity recognize and address data issues only after the occurrence. From a people perspective, at this level, success is dependent on the group of database administrators while a useful data quality process is developed by individuals. There are no standard processes across functions, and there is little management buy-in for data quality. From a policies perspective, while data governance rules start emerging at this maturity level, the focus is still on correcting data issues, and processes are built to address current data issues. Roles and responsibilities are standardized by departments. From a technology perspective, tactical data quality tools are used at this level, with ERP and CRM systems using data quality technology, and data integration attempted by departments in isolation. From a risk and reward perspective, risks are high due to a lack of data integration, and rewards are limited and anecdotal, with return on investments coming from individual processes. At this level, applications in the organizations are still non-integrated across departments and business units. In order to move from the reactive stage to the proactive stage, the organizations need to have a strategy to have a more unified view of enterprise data across the departments for specific domains, which requires a significant cultural change. Data stewards need to be established, and organizations need to start using data monitoring technologies to proactively uncover data issues. Level 3—Proactive The organizations operating at this level are able to avoid risks and reduce uncertainty. From a people perspective, at this level, management views data as a strategic asset, understands the value of data governance, and commits resources for the

108

4 Data Governance Maturity Models

same. Data stewards are responsible for enacting and maintaining data quality standards, business rules, and implementing the data management strategy. From a policies perspective, at this level, the focus is on prevention of data issues rather than correction, and to this effect, preventive data quality processes emerge, with metrics sometimes used to provide insights into areas for improvement. From a technology perspective, service-oriented architecture becomes an industry standard. The data quality functionality is shared across different operation modes, and data quality monitoring is in place to maintain the data quality. From a risk and reward perspective, the risks range from medium to low level because of the availability of better quality data that enables more reliable decision making. The rewards range from medium to high as the data quality improves because of a wider adoption in different functional areas across the organization. At the proactive level, the organizations start unifying the data for a particular domain like customers or products Movement to the next level (that is, the highest maturity level) requires a unification approach for all corporate data, with the business playing a key role in the data management process and IT playing a supporting role. The movement to the highest maturity level also requires technology capability to automate the business processes. Level 4—Governed The organizations operating at this level have an organization wide unified data governance strategy. From a people perspective, at this level, the data governance program has an executive sponsorship with direct support from the Chief Executive Officer. The business users play an active role in data strategy, with data governance groups working actively with data stewards. From a policies perspective, automated policies are in place to ensure that the data continues to be of high quality throughout the organization. The business rules for data quality and identity management are encapsulated in a service orientated architecture (SOA). New data initiatives are only approved after impact analysis of the existing data infrastructure has been carefully deliberated. From a technology perspective, the data quality tools are standardized across the organization. Data models capture the business and technical metadata for all data elements. From a risk and reward perspective, at the highest level of maturity, the risk is low with the availability of high-quality data, and the rewards are high because of a better understanding of the organization’s business and data driven decisions.

4.4.3 Microsoft Microsoft has defined a data governance maturity model for data governance for privacy, confidentiality, and compliance (abbreviated as DGPC). The model has four progressive levels of maturity: basic, standardized, rationalized, and dynamic, with

4.4 Data Governance Maturity Models …

109

maturity at each level being gauged in three core capability areas namely, people, process, and technology. The people area is organized around three layers namely, executive management, DGPC organization and workforce, and trusted business partners. The process area is organized around five aspects of the data governance process— guiding principles, manage DPGC organization, manage requirements, manage strategy and policies, and manage control environment. The technology area is organized around the sub categories—information lifecycle, technology domains, and DGPC risk/gap analysis matrix (Salido and Patrick 2010). Level 1—Basic At this level, from a people perspective, the executive management is not aware of data governance for privacy, confidentiality, and compliance (DGPC) needs and capabilities. The DGPC organization comprises of localized disparate groups, which do not include representation from cross-functional business units to address DGPC needs in siloed fashion in their specific areas of responsibilities. No formal DGPC roles and responsibilities are defined. Workforce and trusted partners are not required to complete data governance awareness training, and are not aware of their roles and responsibilities. They report issues on an adhoc basis as the DGPC controls are limited and not well known. From a process perspective, the DGPC processes are executed in an adhoc fashion. An autonomous DGPC process is used by disparate localized groups, with localized adhoc translation of requirements into business data and compliance requirements, with neither a defined DGPC strategy nor defined data policies in place. Adhoc controls are formulated, reviewed, approved, implemented, and monitored by disparate groups in a siloed fashion based on their respective area of responsibilities. From a technology domain perspective, the information life cycle of confidential data is inconsistently examined and documented. Security technology domains are implemented in an adhoc and reactive manner, with adhoc tools used to test the security infrastructure. Adhoc data quality tools and adhoc monitoring technologies are also used. From a privacy, confidentiality, and compliance risk/gap analysis perspective, no gap analysis exercise is undertaken, and there are no data privacy and confidentiality principles. Level 2—Standardized At this level, from a people perspective, the executive management is supportive of DGPC and communicates the importance of DGPC, formally designates the data governance leaders from different groups to address the DGPC needs, defines and communicates the DGPC roles and responsibilities to them, as well as receives the DGPC status reports from the designated business leaders. The DGPC organization consists of individual governing bodies having appropriate representation from cross-functional business units. Roles and responsibilities are formally defined for each governing body, and data stewards are assigned to

110

4 Data Governance Maturity Models

each governing body. Workforce and trusted business partner areas are required to complete data governance awareness training. They have a clear understanding of their roles and responsibilities, and report issues related to data governance controls. From a process perspective, the processes are structured, localized, and repeatable based on institutional guiding principles. Disparate localized groups are responsible for maintaining standard processes. Data governance committees and working groups use standard processes for goal definition, to measure performance and reporting progress against defined goals, for member selection, to define member roles and responsibilities, to develop their data governance policies and strategies based on their respective area of responsibility, to review, implement and monitor compliance to their data governance policies. A standard process is used for the translation of regulations into data compliance requirements. All groups use a standard process to develop, review, and approve data governance controls implementation plans, processes, and technical controls, to implement data governance control standards and data governance controls effectiveness action plans as well as monitor, report, review, and respond to their data governance controls effectiveness status. From a technology domain perspective, the information life cycle of confidential data is examined and documented as a standard practice. IT collaborates with business units to understand the security and privacy needs, identity access management requirements, data protection requirements, auditing, and reporting needs in order to develop a comprehensive strategy and roadmap for the security infrastructure, identity access management requirements (which are deployed selectively), data protection, and monitoring technologies (which are deployed selectively) respectively. The standard tools are used to test and validate security infrastructure components, and standard data quality tools are used for data monitoring and cleansing. From a privacy, confidentiality, and compliance risk/gap analysis perspective, disparate groups subscribe to their own set of data privacy and confidential principles, with focused working groups conducting their own data risk and gap analysis. Level 3—Rationalized At this level, from a people perspective, the executive management communicates the importance of data governance, designates an executive leader to guide different DGPC group leaders, receives and responds to consolidated data governance status reports from the designated executive leader, and defines and communicates DGPC roles and responsibilities to the designated executive leader as well as the DGPC group leaders. The DGPC organization consists of individual governing bodies having appropriate representation from cross-functional business units, with roles and responsibilities formally defined for each governing body, and data stewards assigned to each governing body as in level 2. However, in addition, there is a central governing body which includes leadership representation from cross-functional business units that provides guidance to, coordinates, consolidates efforts of individual data governance committees, and

4.4 Data Governance Maturity Models …

111

formally and clearly defines roles and responsibilities for the committees which in turn define roles and responsibilities for the working groups, ultimately defining and communicating a unified DGPC strategy to the DGPC committees. The committees and working groups have a unified hierarchical reporting structure. Workforce and trusted business partner area are required to complete data governance awareness training. They have a clear understanding of their roles and responsibilities and report issues related to data governance controls as in level 2. In addition to this, acknowledgment by workforce and trusted business partners is documented, and performance, issues, and violations are tracked. At this level, from a process perspective, processes are structured, localized, and repeatable based on institutional guiding principles as in level 2. In addition to this, duplicate processes are removed, and complex processes are simplified to make them more manageable. A standard process is used to manage the hierarchical data governance structure, including member selection and definition of member roles and responsibilities. Standard processes are used to develop, review, and approve data governance policies and strategies. DGPC committees and working groups use standard processes for goal definition, to measure performance, and to report progress against defined goals like in level 2; but in addition, the GRC council uses a process to define goals and objectives for the DGPC committee, measure, and report on the performance of the GRC council’s DGPC strategy. A standard process is used for translation of regulations into data compliance requirements as in level 2. In addition, efforts are made to ensure that the processes are working as intended. All groups use a standard process to develop, review, and approve data governance controls implementation plans, process and technical controls, and implement data governance control standards and data governance controls effectiveness action plans, as well as monitor, report, review, and respond to their data governance controls effectiveness status as in level 2. In addition to this, efforts are made to ensure that data governance controls implementation plans, process and technical controls definition, data governance control standards, and data governance controls effectiveness action plans are working as intended. From a technology perspective, the information life cycle of confidential data is examined and documented as a standard practice as in level 2. In addition to this, lessons learned from the assessment of each information life cycle are also applied. IT collaborates with business units to do the following: • understand security and privacy needs as in level 2, and uses standard technology and capabilities to gain a holistic view of all security infrastructure components; • understand identity access management requirements, data protection requirements, auditing, and reporting needs, which are deployed extensively throughout the organization; • use the above to develop a comprehensive strategy and roadmap for the security infrastructure, identity access management, data protection, and monitoring technologies respectively. Standard tools are used and automated to test and validate security infrastructure components. Standard data quality tools are used for data monitoring and cleansing as

112

4 Data Governance Maturity Models

in level 3. From a privacy, confidentiality, and compliance risk/gap analysis perspective, all groups subscribe to a standard set of data privacy and confidential principles, which are rationalized on a periodic basis. The DGPC gap analysis is embedded in the confidential information risk assessment and management process. Level 4—Dynamic At this level, from a people perspective, the executive management communicates the importance of data governance, designates an executive leader to guide the different DGPC group leaders, receives and responds to consolidated data governance status reports from the designated executive leader, and defines and communicates the DGPC roles and responsibilities to the designated executive leader as well as the DGPC group leaders as in level 3. In addition, the executive management engages with the DGPC leaders from different groups on a routine basis and provides guidance as required. The DGPC roles and responsibilities are reviewed and adjusted by the executive management as need be. The DGPC organization consists of individual governing bodies having appropriate representation from cross-functional business units, with roles and responsibilities formally defined, reviewed, and adjusted for each governing body. Data stewards are assigned to each governing body with a central governing body, which includes leadership representation from cross-functional business units, which provides guidance to, coordinates, and consolidates efforts of individual data governance committees and formally and clearly defines roles and responsibilities for the committees. The committees in turn define roles and responsibilities for the working groups, and defines and communicates a unified DGPC strategy to the DGPC committees. Roles and responsibilities are reviewed and adjusted to meet the changing requirements. The committees and working groups have a unified hierarchical reporting structure as in level 3. Workforce and trusted business partner area are required to complete data governance awareness training. They have a clear understanding of their roles and responsibilities, and report issues related to data governance controls. Acknowledgment by the workforce and trusted business partners is documented. The performance, issues, and violations are tracked as in level 3. In addition to this, results are reviewed, adjustments are made, and action plans are implemented and developed to improve effectiveness and compliance. At this level, from a process perspective, processes are structured, localized, and repeatable based on institutional guiding principles. Duplicate processes are removed and complex processes are simplified to make them more manageable as in level 3. A standard process is used to manage the hierarchical data governance structure, including member selection, and definition of member roles and responsibilities. Standard processes are used to develop, review, and approve data governance policies and strategies as in level 3. In addition to this, processes are continuously improved to optimize efficiency or effectiveness. The DGPC committees and working groups use standard processes for goal definition, to measure performance and for reporting the progress against defined goals. The GRC council uses a process to define goals and objectives for the DGPC committee,

4.4 Data Governance Maturity Models …

113

and measure and report on the performance of the GRC council’s DGPC strategy as in level 3. A standard process is used for translation of regulations into data compliance requirements and efforts are made to ensure that the processes are working as intended. All groups use a standard process to develop, review, and approve data governance controls implementation plans, process and technical controls, implement data governance control standards and data governance controls effectiveness action plans as well as monitor, report, review, and respond to their data governance controls effectiveness status. Efforts are made to ensure that the data governance controls implementation plans, process and technical controls implement data governance control standards, and data governance controls effectiveness action plans are working as intended as in level 3. In addition to this, continuous process improvement techniques are used to optimize the processes. From a technology perspective, the information life cycle of confidential data is examined and documented as a standard practice and lessons learned from the assessment of each information life cycle are applied as in level 3. IT collaborates with business units to do the following: • to understand the security and privacy needs, and use standard technologies and capabilities to gain a holistic view of all security infrastructure components as in level 3. In addition to this, centralized capabilities are used to regularly manage configurable security policies across all infrastructure components. • to understand the IAM requirements, data protection requirements, auditing, and reporting needs, which are deployed extensively throughout the organization as in level 3. In addition to this, enhanced IAM services are used at this level. • to use the above to develop a comprehensive strategy and roadmap for the security infrastructure, IAM, data protection, and monitoring technologies respectively as in level 3. In addition, automated preventive action is enabled in response to specific critical alerts. Standard tools are used and automated to test and validate the security infrastructure components. Standard data quality tools are used for data monitoring and cleansing as in level 3. From a privacy, confidentiality, and compliance risk/gap analysis perspective, all groups subscribe to a standard set of data privacy and confidential principles, which are rationalized on a periodic basis, and the DGPC gap analysis is embedded in the confidential information risk assessment and management process.

4.4.4 Informatica Informatica has defined a data governance maturity model with five stages—reactive, repeatable, structured, proactive, and embedded, with data governance being an IT centric effort at the lowest level, and gradually moving to a business centric effort with increasing stages of data governance maturity. Informatica assesses maturity at each stage along four dimensions—driver, scope, “how measured”, and “how managed” (Informatica Professional Services 2015).

114

4 Data Governance Maturity Models

Stage 1—Reactive At this stage, data governance is at the grassroot level, being driven by a few passionate individuals. Adhoc rules, policies, and/or standards are implemented into IT projects as a part of their functional requirements from a scope perspective, with success being measured by the success of the technology release. Management of data governance can be best described as “Adhoc” at this stage. Stage 2—Repeatable At this stage, data governance still prevails at the grassroot level but is driven by enterprise architecture (EA) or IT management. The scope of data governance is limited to documented IT governance and EA standards. This results in metadata reuse and improved collaboration across IT projects, with success being primarily measured in terms of improved IT efficiencies. The management of data governance can be best described as “Pilot” at this stage. Stage 3—Structured At this stage, data governance has a more top down sponsorship, though data governance is primarily driven by senior IT. The scope extends to establishing competency centers and centers of excellence. Though the data governance efforts are still IT led, but the business is more involved at this stage. Success is primarily measured at this stage on operational metrics and SLAs. The management of data governance can be described as “Project” at this stage. Stage 4—Proactive At this stage, the data governance program is sponsored by the business leaders. From a scope perspective, the data governance program is initiated as a part of the wider strategic enterprise information management program. The success is measured by the success of the program with the data governance program being a multiphase effort spread over a few years. The management of data governance can be best described as a “Program” at this stage. Stage 5—Embedded At this stage, the data governance program is sponsored and supported by the top executives or the executive board. With respect to scope, data governance is contained as a self-sustaining core business function that manages data as an enterprise asset. The measurement of success is not restricted to specific programs but is evaluated on the basis of the overall impact on the business. The management of data governance can be best described as a “Function” at this stage.

4.4 Data Governance Maturity Models …

115

4.4.5 Oracle Oracle has defined a data governance maturity model with six levels or milestones— none, initial, managed, standardized, advanced, and optimized (Sun 2011). Level 0/Milestone 1—None The organizations operating at this level tend to view and treat data as a by-product of application, and formal governance processes do not exist in the organization. Level 1/Milestone 2—Initial At this level, IT is responsible for the data with collaboration between business and IT being inconsistent and strongly dependent on the presence of individual data-savvy champions in the different business functions across the organization. Level 2/Milestone 3—Managed While standardized processes are in a nascent stage of development at this level, it is mainly characterized by loosely defined processes that exist around crucial applications in the business functions. Data issues are tackled reactively without addressing the root cause of the problem. Ownership and stewardship may be defined in silos in the business functions. Level 3/Milestone 4—Standardized As the name of this level suggests, standardized processes are established across business functions. The business is involved in data governance. A cross-functional team is established, and data stewards are appointed, with their roles and responsibilities clearly defined. At this level, a centralized repository of data policies, which is easily accessible is also established, and the data quality is regularly monitored and assessed. Level 4/Milestone 5—Advanced At this level, the data governance organizational structure is entrenched and is viewed as a critical business function, with business taking full ownership for data content and defining data policies. Quantitative process and maintenance quality goals are also set. Level 5/Milestone 6—Optimized At this level, data governance is a core business process. The decisions are driven by quantifiable, benefit-cost-risk analysis results with quantitative process-improvement objectives which are used as benchmarks to manage process improvement, being resolutely established and constantly revised to keep up with the changing business goals.

116

4 Data Governance Maturity Models

4.4.6 IBM IBM created a data governance council which in turn defined a data governance council maturity model which has 5 levels—initial, managing, defined, quantitatively managed, and optimizing. It measures the data governance competencies of organizations based on the 11 crucial domains of data governance maturity namely—organizational structures and awareness; stewardship, policy, value creation, data risk management and compliance information security and privacy data architecture, data quality management, classification and metadata information lifecycle management and audit information, logging and reporting (IBM 2007). Each of these category domains also has five levels of maturity and is assessed as follows (Alder 2006): Initial: At the first level, the elements of practice in a specific category domain may be present but are contained in individual departments, and are mostly implemented in an adhoc fashion. Managing: At the second level, the elements of practice in a specific category domain are mostly defined at an enterprise level. However, the implementation is not comprehensive across the enterprise. Defined: At the third level of maturity, the elements of practice in a specific category domain are defined as well as implemented across the enterprise. However, there are no formal processes established to ensure continuous improvement. Quantitatively Managed: At this level, the elements of practice in a specific category domain are defined and implemented across the enterprise. Repeatable processes and metrics are in place to monitor and track progress to ensure continuous improvement. Optimizing: At the highest level of maturity, the elements of practice in a specific category domain are implemented, monitored, and used in a proactive manner across the enterprise to decrease risk and continuously improve the data governance practices. Each data governance maturity model has its own characteristics and strengths. A data governance maturity model provides the foundation for subsequently planning a data governance delivery process. Reviewing and evaluating data governance maturity models should occur early in the process in order to establish an understanding of the end state. The data governance program differs from organization to organization, and the data governance program needs to be tailored to suit the organizational needs. Similarly, if none of the available data governance maturity models suit your needs, you can tailor any of the existing data governance maturity model so that it meets your organizational needs. The elements in the data governance maturity model will be determined by what the organization is trying to achieve by implementing data governance and how the data assets can facilitate that intent.

4.4 Data Governance Maturity Models …

117

The progression from the bottom level to the top level of maturity is characterized by changes in people, processes, behaviors, attitudes, tools, and technology. For people, there is increasing ownership and stewardship with increasing levels of maturity. There is a marked difference in attitudes and perceptions, with a shift from data governance being viewed less as an overhead at lower maturity levels to more as a return on investment, with progression towards higher levels of maturity. For processes, with increasing levels of data governance maturity, data governance becomes a part of the standard business practices and with data policies and standards developed, maintained, and distributed, data governance processes are monitored, rather than being looked at on an adhoc basis for quick fixes. From a tools and technology perspective, the increasing levels of maturity are characterized by transition from a manual way of doing things to enterprise wide sophisticated tools to manage data. As you move from lower to higher levels of maturity, there is a gradual reduction of risks and greater benefits to be reaped from data governance practices at higher levels of maturity. The level of maturity varies dramatically amongst organizations, with different organizations being at different levels of data governance maturity. The organizations that want to plan their data governance journey in an organized manner can use data governance maturity models to manage change by determining their current data governance maturity level (as-is level) and understand WHY they are at that level, and then establishing WHAT level is appropriate for their business (that is the should be/to-be or future state they wish to attain) and HOW, WHEN, and WHERE in the organization to move from one level to the next level. Moving from a lower level to a higher level requires investment in terms of time and effort from business subject matter experts, IT teams, as well as technology. As the organization proceeds through each level of maturity, the organization reaps greater benefits and reduces risks from more effective data ownership and data stewardship, better controls around the data, more comprehensive data policies and data standards, formal conflict resolution process, increased degrees of formalization around development and maintenance of data policies and data standards, greater enforcement of data policies and data standards, and increased formalization of data governance roles and responsibilities. In short, the data governance maturity model can be used as a benchmarking tool to assess the organization’s current data maturity, and determine where you want to see your organization in terms of data maturity in the next year or two.

4.5 Data Governance Maturity Model Proposal The data governance maturity model that we propose in this section, for the purposes of assessment of data governance maturity has five levels and nine dimensions. Each of these dimensions in turn have further five levels of maturity in alignment with the CMM model. The five levels of data governance maturity are described succinctly below:

118

4 Data Governance Maturity Models

Level 1—Initial or Chaotic As the name suggests, this level is characterized by chaos with no or limited data governance awareness, limited management support, informal roles and responsibilities, and no processes or adhoc processes around data governance. The comprehensiveness of data governance implementation can be described as almost nil. Level 2—Repeatable At this level, the senior management is only aware of data governance, and provides some support; some roles and responsibilities have been established but are not comprehensive; informal processes are siloed by departments. The comprehensiveness of data governance implementation can be described as limited. Level 3—Defined At this level, the senior management understands the data governance impacts, and the middle and lower management are aware of the data governance program. There is an executive sponsor, though he may not be involved or might not hail from the business. At this level, the extent and formalization of role definition is greater than in level 2, though not comprehensive. Formal processes exist though are not always followed, and comprehensiveness of data governance implementation can be described as spread across several business units. Level 4—Managed At this level, there is a high level of data governance awareness with the senior management aware of the long-term strategy of data governance. The middle and lower management are cognizant of the data governance objectives and impacts, and there is an executive sponsor, who is involved in the process. At this level, there is a comprehensive data governance organization throughout the enterprise, but not all of the roles are formally defined. Formal processes exist and are extensively followed. The comprehensiveness of data governance implementation can be described as spread across almost throughout the enterprise. Level 5—Optimized At this level, there is an organization wise awareness of data governance and there is an executive sponsor who is involved in the process. The C-suite executives are also supportive of data governance. At this level, there is a comprehensive data governance organization throughout the enterprise. Formal processes exist and are followed across the organization. The comprehensiveness of data governance implementation can be described as established throughout the enterprise. Dimensions The nine dimensions of the data governance maturity model are as follows: • Overall data governance; • Data policies;

4.5 Data Governance Maturity Model Proposal

• • • • • • •

119

Data standards; Data ownership; Data stewardship; Data compliance; Data architecture—data access and security; Data quality; and Metadata.

The descriptions for data governance dimensions with respect to maturity are summarized in Table 4.2. As we see in Table 4.2, each of the data governance dimensions has several aspects to them, which can be considered as sub-dimensions. For example, the extent of awareness, comprehensiveness of the data governance program, senior management support, roles and responsibilities to govern data, data governance metrics, the rigor of conflict resolution, the involvement of supporting organizations in data governance, and identification of data publishers/producers and data consumers are all subdimensions of the overall data governance dimension. Each of these subdimensions need to be defined and assessed, when data governance maturity is assessed. For example, at the lowest level of maturity, that is, level 1, no data governance roles exist. At the next maturity level, that is, at level 2, some data governance roles exist, though they are not formally defined. At level 3, some pockets of data governance roles are defined but not throughout the enterprise. At level 4, many data governance roles are extensively and formally defined throughout the organization, and at level 5, there is a comprehensive data governance structure established throughout the organization. With respect to data governance metrics subdimensions, at the lowest level, there are no formally defined data governance metrics. At the next maturity level, that is, at level 2, a few data governance metrics may be defined and measured in small pockets on an adhoc basis. At level 3, more data governance metrics are defined and measured at predefined intervals, but results are not published or tracked. At level 4, there is an extensive set of data governance metrics defined and measured with results being published but not tracked. At the highest level of maturity, that is, at level 5, there is a comprehensive formal set of data governance metrics that are measured at pre-defined intervals and the results are published and tracked.

4.6 Data Governance Maturity Assessment The data governance maturity assessment is an exercise that organizations need to carry out in order to be able to benchmark their capabilities in the current state and determine the current maturity of the organization’s data governance program by establishing a maturity level, and also establish what level an organization wants to achieve for each of the dimensions as shown in Table 4.3. You need to baseline your current maturity—that is, “where are you now?”.

Overall data governance

Data policies

Data standards

A

B

C

Dimensions

(continued)

Data standards contain specific low-level mandatory controls for supporting and enforcing data policies Data standards maturity describes the extent of data standards’ comprehensiveness, adherence, enforcement, distribution, development, change, and ease of understanding of data standards As the organization matures, the comprehensive formalization of data standards increases, the process for developing, changing, and approving data standards, the distribution and enforcement of the data standards also evolve and mature, and the quality of data standards in terms of ease of understanding and currency also increases

Data policies are a set of documented guidelines, principles, and rules for ensuring proper management and use of metadata and data during the lifecycle of the data Data policies maturity describes the extent of data policies’ comprehensiveness, adherence, enforcement, distribution, data policies development and change, and ease of understanding of data policies As the organization matures, the comprehensive formalization of data policies increases, the process for developing, changing, and approving data policies, the distribution and enforcement of data standards also evolve and mature, and the quality of data policies in terms of ease of understanding and currency also increases

Overall data governance maturity describes the extent of awareness, comprehensiveness of the data governance program, senior management support, roles and responsibilities to govern data, data governance metrics, rigor of conflict resolution, involvement of supporting organizations in data governance, identification of data publishers/producers, and data consumers As the organization matures, the data governance program awareness grows, data governance programs spread from few business units to across the organizations, management support for data governance increases, roles become more formalized, supporting organization’s involvement in data governance grows, data governance metrics evolve, and conflict resolution process evolves and becomes more formal

Description

Table 4.2 Data governance dimensions and descriptions with respect to maturity

120 4 Data Governance Maturity Models

Data ownership

Data stewardship

Data compliance

E

F

Dimensions

D

Table 4.2 (continued) Description

(continued)

Data compliance is the adherence of data to internal organization regulations as well external laws and regulations Data compliance maturity describes the extent of internal compliance drivers, adherence to external compliance rules and regulations, controls, segregation of duties, and understanding of compliance As the organization matures, data compliance also evolves in lines of extent of definition of internal compliance drivers, extent of compliance to external rules and regulations, extent of understanding of applicable compliance laws, segregation of duties, extent of deployment of effective control mechanisms, and formalization of communication regarding compliance laws

Data stewardship relates to managing data sets in an organization, which do not belong to the stewards themselves. Data stewardship is the operational facet of a data governance program that involves the actual routine work of governing the enterprise’s data (Plotkin 2013) Data stewardship maturity describes the extent of data stewardship comprehensiveness, definition of data stewardship roles and responsibilities, relevant experience, training, familiarity with and use of tools, and data users’ familiarity with data stewards As the organization matures, data stewardship also evolves in lines of formalization of roles and responsibilities, comprehensiveness, their level of expertise, training, and ease of accessibility of the data stewards

Data ownership is the accountability for the data including data capture and enforcement of business rules related to the data Data ownership maturity describes the extent of data ownership comprehensiveness, definition of data ownership roles and responsibilities, business understanding of data, training, familiarity with and use of tools, and data users’ familiarity with data owners As the organization matures, data ownership also evolves in lines of formalization of roles and responsibilities, comprehensiveness, understanding of data, training, their level of expertise and ease of accessibility of the data owners

4.6 Data Governance Maturity Assessment 121

Data architecture—data access and security

Data quality

Metadata

H

I

Dimensions

G

Table 4.2 (continued)

Metadata is data about data or data which is used to understand the data Metadata maturity describes the extent of metadata capture and content, metadata access, metadata maintenance, and integration of metadata repositories with other tools As the organization matures, metadata also evolves in lines of extent of capture and management of metadata in the enterprise, metadata repositories, metadata maintenance, and access

Data quality discipline relates to the effective management of data assets in an organization by assessing the quality of data, cleansing data, improving processes around capture, processing, storage, and maintenance of data Data quality maturity describes the extent of assessing and addressing quality of data prior to application design, use of data quality metrics, standardization of data fields, the extent and maturity of the data quality tools As the organization matures, data quality also evolves along the lines of data quality awareness, knowledge of data quality dimensions and their usage, usage of data quality metrics, standardization of data fields, comprehensiveness and usage of data quality tools, and data quality activities shift from reactive to proactive where possible with increasing levels of maturity

Data architecture—data access and security refers to mechanisms to allow secure access to data for read, write, delete, and modify actions for ensuring security in data access and transfer Data architecture—data access and security maturity describes the extent of security imposed for data access and transfer, system interfaces, and maturity of data access middleware components in the organization As the organization matures, the architecture around data access and transfer matures in terms of restricted direct access and restrictions on system interfaces; comprehensiveness of middleware components; and evolution of policies and guidelines around the same

Description

122 4 Data Governance Maturity Models

4.6 Data Governance Maturity Assessment

123

Table 4.3 Data governance dimensions and maturity levels Dimensions

Maturity level

A

Data governance—overall

1

2

3

4

5

B

Data policies

1

2

3

4

5

C

Data standards

1

2

3

4

5

D

Data ownership

1

2

3

4

5

E

Data stewardship

1

2

3

4

5

F

Data compliance

1

2

3

4

5

G

Data architecture—data access and security

1

2

3

4

5

H

Data quality

1

2

3

4

5

I

Metadata

1

2

3

4

5

Establishing the current maturity levels involves conducting a series of workshops, one-on-one meetings, brainstorming sessions with the respective stakeholders, review of any existing models and documentation, data analysis to understand the current state, and using the mapping model for each data governance dimension— data governance—overall, data policies, data standards, data ownership, data stewardship, data compliance, data architecture—data access and security, data quality, and metadata as described in the previous section to assign the maturity level based on responses and analysis findings. The observations and findings that support the current maturity assignment should be documented and shared with the stakeholders, and documents analyzed should be referenced. All these should be stored in a common repository. Once you have established the current state maturity levels for each of the dimensions, you would then need to establish the target state maturity, analyze the gaps, put an action plan to define initiatives and milestones to achieve the target state, understand the interdependencies amongst the initiatives, establish the expected outcomes, and define the metrics to track progress. This information can be captured using the format as depicted in Table 4.4, and an example is also shown in Table 4.5. Establishing an enterprise wise data standard is one of the dimensions along which the effectiveness of data governance can be measured. However, how do you measure progress? The example in Table 4.5 shows quantifiable metrics to measure progress and quantifiable outcomes, with respect to achieving higher level of maturity for the data standard dimension. Embracing and aligning data with data standards should result in a decrease in data inconsistency which would, in turn, should result in an increase in regulatory compliance. It is importance to note that you cannot skip a level and take a giant leap. Depending on the organization’s culture and maturity, it may not be ready to start the ascent up the steps or even if ready, only be able to take baby steps. You would have to understand what needs to be accomplished to move to the next step, even though it is a small step. For example, having one enterprise data

124

4 Data Governance Maturity Models

Table 4.4 Table format for recording the current and future state for data governance Dimensions

Current maturity Target maturity level level

A

Data governance—overall

B

Data policies

C

Data standards

D

Data ownership

E

Data stewardship

F

Data compliance

G

Data architecture—data access and security

H

Data quality

I

Metadata

Metrics

Expected outcomes

Table 4.5 Sample table for recording the current and future state for data governance

B

Dimensions

Current maturity level

Target maturity level

Metrics

Expected outcomes

Data standards

2

3

50% reduction in data inconsistency

25% increase in regulatory compliance

quality issue log would be the ideal state, but for a large and complex organization whose culture is to solve data quality issues on an adhoc basis, getting all groups in the organization to work together to maintain a single DQ issue log is a huge cultural change, which is likely to fail. Instead, a short term goal would be to get one group to maintain a DQ issue log, establishing governance processes around tracking data quality issues, establishing roles, responsibilities, and accountabilities around capturing, analyzing, tracking, and resolving data quality issues, getting all stakeholders to agree on the process, and then follow the process. The next steps would be to expand it across other groups, so that each group has a DQ issue log, with a group data governance office reporting into the CDO, and then progress to have a single enterprise issue log.

4.7 Summary Several data governance maturity models, which focus on the data governance aspects have been discussed in this chapter. Some maturity models like DCAM and CMMI apply to data management. What is common across all these maturity models is the advanced maturity from strictly reactive to predictive as you move from the bottom

4.7 Summary

125

level to the top level. It is not possible to compare these models, as their metamodels are different. While data governance maturity models provide milestones at each level, which need to be aligned in order to ascend the data governance maturity ladder, it should be kept in mind that these maturity models are not a prescription but a guiding framework, that you can use to baseline your organization’s data governance maturity, and set goals to move up the data governance maturity curve. Also, depending on your organization’s size, structure, culture, resourcing, and budget, your organization might be in a position to take only baby steps. While the journey up the data maturity curve is not an easy one and cannot happen overnight, the benefits can be monumental. As an organization climbs slowly up the maturity ladder, it becomes more data driven, and its data risks decrease while operational efficiency and ROI increases. The results of maturity assessment carried out using one data governance maturity model should not be compared with the results of maturity assessment carried out with another maturity model as their subject areas and the content within the subject areas are not the same. An organization should consistently use the same maturity model that is aligned with its data governance practices to assess its DG maturity. While one of the data governance maturity models discussed in this chapter may suit your needs and be a 100% fit, depending on your organization context, strategy, and business goals, you might need to tailor the data governance maturity model dimensions to suit your needs. Also, each organization has its unique culture and nuances. The elements in the data governance maturity model will depend largely on what the organization is trying to accomplish and how the data assets can enable that intent. You can create your own maturity model from the mix of several data governance maturity models presented in this chapter. Also, it is important to keep in mind that the data governance maturity model is not static, and continues to evolve and mature as the data governance field continues to evolve, and organizations continue to learn how to manage and leverage data and act on the learning. In response to the question regarding the association of the data governance maturity levels with business benefits, John A. Zachman, author of “The Framework for Enterprise Architecture” (The “Zachman Framework”), Zachman International and Shannon Fuller, Director of Governance Advisory Services, Gray Matter Analytics had to say the following (Mahanti 2021): John A. Zachman: “… I would associate the business benefits of the data governance maturity levels precisely the same as the business benefits of the Capability Maturity Model pattern …”. Shannon Fuller: “The key is to demonstrate how the data governance processes enable/support the strategic initiatives of the organization.” He went on to explain with an example of master provider data to improve ondemand care in the healthcare domain as follows—“in healthcare, most providers are moving to provide more on-demand care. That program cannot be successful

126

4 Data Governance Maturity Models

without knowing who your providers are, what they can do, and where they practice i.e. Mastering Provider, …” (Mahanti 2021). As highlighted by George Firican, Director of Data Governance and Business Intelligence at UBC DAE and Founder of www.lightsondata.com, in his interview (Mahanti 2021), There is a direct correlation between the maturity of the data governance program and the business benefits. At early maturity stages, the organizations reap few, if any, benefits from their data. As data governance emerges, ROIs become more apparent, until the highest maturity state of the program when the organizations only rely on data-based decisions and treat this asset as a means to gain a competitive advantage.

References Alder SB (2006) The six questions every organization should ask about data governance, IBM Corporation. http://globalforum.items-int.com/gf/gf-content/uploads/2014/04/GF_2007_S teven_Adler.pdf. Accessed 10 Apr 2018 Becker J, Knackstedt R, Poppelbu¨ss J (2010) Developing maturity models for IT management? A procedure model and its application. Bus Inform Syst Eng 1(3):213–222 Chen W (2010) Kalido data governance maturity model, Kalido white paper Crosby, PB (1979) Quality is free: the art of making quality certain. McGraw-Hill, New York DataFlux Corporation, The data governance maturity model establishing the people, policies and technology that manage enterprise data. A dataflux white paper Gibson CF, Nolan RL (1974) Managing the four stages of EDP growth. Harv Bus Rev 52(1):76–88 IBM Corporation (2007) The IBM data governance council maturity model: building a roadmap for effective data governance. https://www-935.ibm.com/services/uk/cio/pdf/leverage_ wp_data_gov_council_maturity_model.pdf. Accessed 31 July 2018 Informatica Professional Services (2015) Data governance assessment discover the business value behind data governance, service offering. https://www.informatica.com/content/dam/inform atica-com/global/amer/us/collateral/service-offering/en_data-governance-assement_service-off ering_2804.pdf. Accessed on 31 July 2018 Mahanti R (2021) Data governance and compliance, Springer Books, Springer, number 978-98133-6877-4 Mettler T (2010) Maturity assessment models: a design science research approach. Int J Soc Syst Sci 3(1):81–98 Nolan RL (1973) Managing the computer resource: a stage hypothesis. Commun ACM 16(7):399– 405 Salido J, Patrick V (2010) A guide to data governance for privacy, confidentiality, and compliance part 4: a capability maturity model, Microsoft white paper Sun H (2011) Enterprise information management: best practices in data governance. Oracle Corporation, An Oracle white paper on enterprise architecture

Chapter 5

Data Governance Components and Framework

You don’t have to be a genius or a visionary or even a college graduate to be successful. You just need a framework and a dream. —Michael Dell

Abstract Data governance framework (DGF) is one of the key factors in the successful implementation of data governance. The three main components of data governance are people (roles, responsibilities, working groups and committees), processes, and tools and technology. In this chapter we will discuss each of these components and how they interact with each other. The common functional titles used in data governance are defined in this chapter. This chapter discusses the different data governance roles and responsibilities, data stewardship, data ownership, processes, standards, and policies. The different data governance bodies and committees have also been discussed briefly in this chapter. Data stewards often fail and the failure reasons have been discussed in a separate section. Different types of data stewards have been discussed in succinct fashion in this chapter. There are different data stewardship models and these have been discussed in this chapter. The different characteristics of a data policy and the components of a data policy document have been discussed in a lucid fashion in this chapter.

5.1 Data Governance—People, Process, and Tools and Technology Data governance is a function that provides policies, processes, guidelines, standards, rules, roles, responsibilities, accountabilities, controls, and decision rights. It also ensures that appropriate metrices are in place to oversee the effective capture and management of data across the enterprise, and encourages appropriate behaviors in the usage of data. Hence, we can see that the data governance execution has several interacting components, which can be grouped under three broad heads: • People; • Processes; and © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4_5

127

128

5 Data Governance Components and Framework

Fig. 5.1 Interacting components of data governance—high level

• Tools and technology. In this chapter, we will discuss each of these components and how they interact with each other. Figure 5.1 shows the interactions between these broad categories at a high level. All these components need to work together to yield benefits. Even one missing component would make your data governance journey a failure. Impact of a missing component (that is, people, process, or technology) has been outlined by Kim Jackson, Vice President, Strategy, Products and Governance, Providence St. Joseph Health, in HIMSS 2018 (see Fig. 5.2). • Process and technology without people result in systems that do not meet requirements and remain as under-used systems. This is because it is the people who use the systems, and if people are not involved, the systems would not be built right and would not be used. • People and process without technology lead to frustration, inefficiency, and higher operational cost. For example, while profiling large amounts of data using tools and technology correctly might take a few minutes, a manual exercise would require a lot of human resources, and still be time-consuming, inefficient, and error-prone.

5.1 Data Governance—People, Process, and Tools and Technology

Process and Technology without People

Sub-opƟmal and under-used systems

People and Process without Technology

FrustraƟon, ineĸciency, and high operaƟonal cost

People and Technology without Process

AutomaƟon chaos, inconsistency, and poor service delivery

129

Fig. 5.2 People, process, and technology components impacts

• People and technology without process result in automation chaos, inconsistency, and delivery of poor service. This is because it is the process that determines what activities need to be done, when, and by whom to produce timely, predictable, and consistent outcomes. Hence, it introduces a level of control. If there is no established process, people can use the technology to automate requirements, but it would result in a lot of confusion, poor service delivery (for example, long lead times and delays) and increased costs. Figure 5.3 shows the typical trajectory of data in an organization. Looking at the figure, we can see that the data flows through a multitude of systems and applications, after being captured, and each of these systems process and transform the data. The different systems and applications are maintained by different application and system development teams and support teams, and are accessed and used by a large number of users. With data being captured, manipulated, and processed by different systems and business processes, stored in different repositories in different formats and transported through different systems in different forms, and acted upon in different ways by an increasing number of stakeholders, the process of managing data and overseeing the management of data is convoluted. All these stakeholders may have different needs and expectations from the same data. So, in short, there are too many cooks in the kitchen. Questions that arise are: • Which systems and groups handle the data? Who owns the data and makes the ultimate decision regarding the data? Is it: – The system owners who are accountable for capture of the data and storing the data in the system?

130

– – – – – – –

5 Data Governance Components and Framework

The owners of the system who provision data to the downstream systems? Teams who manage the data capture? The teams that manipulate the data? The intermediate system owners? The target data system owners? Consumers of the data? Business or IT?

• Who can do what with the data, and under what circumstances, that is, what are the boundaries regarding the access and usage of data? • Who should define and approve, what can be done with the data?

Supply Chain Management System

CRM

Data warehouse

Nomenclature - Touchpoints

- User - DataMart

- Source System

- IT Application/ Systems

- Legacy System

- Data flowing between systems

- Manual Report

Fig. 5.3 Typical trajectory of data

- System Generated Report

5.1 Data Governance—People, Process, and Tools and Technology

131

There needs to be collaboration, alignment, and consensus regarding the data and the related aspects around data (like data access, data security, data uses, and data related roles), amongst these stakeholders which needs an adequate framework as well as organizational structures for the data governance program with roles and responsibilities at different levels, working groups, committees, policies, processes, operating model, and rhythms that are best suited for the specific organization. In this chapter, we will discuss the data governance framework, the data governance organizational structures, policies and processes, data ownership, data stewardship, the different models of data stewardship, and the different data governance operating models.

5.2 Data Governance Framework As per the Oxford dictionary, “a framework is a basic structure underlying a system, concept, or text”. A framework helps us to outline how we plan and communicate about abstract, convoluted, and ambiguous concepts, and their interrelationships. Frameworks also help lend clarity to the concepts and objectives. In other words, a framework provides structure to the various interacting elements and provides clarity of purpose. The use of a framework can help the management and the staff in making good decisions—that is, decisions that stick. When we talk about governance, the term framework is commonly used. Data governance has various components or elements—policies, processes, metrics, standards, people, and technology, and a data governance framework provides a way to manage all these elements. A data governance framework is a structure that is designed so that the organizations can reactively as well as proactively capture and manage the data and the interactions between different data stakeholders to ensure that the data is fit for purpose and meets the needs of all the data stakeholders. On a broad level, it consists of the people, processes, and technology to ensure that the data is managed effectively as an enterprise asset. The data governance framework is in a way the backbone of an effective data governance program. Table 5.1 lists some of the definitions of data governance framework found in literature. The data governance framework can help data stakeholders from different business units (such as information technology, data operations and data management, risk management, legal and compliance) come together to achieve clarity of thought and purpose, and also reach consensus on decisions related to why, what, who, how, and when of data governance. That way, they can create processes, policies, rules, and standards more efficiently, and can also ensure that these are being enforced and followed, and simultaneously deal with noncompliance, ambiguities, and issues. Factors such as organizational size, organizational structure, hierarchies, organizational culture, data landscape, and business objectives of data governance need to

132

5 Data Governance Components and Framework

Table 5.1 Definitions of data governance framework (DGF) Technopedia defines data governance framework as follows: A data governance framework refers to the process of building a model for managing enterprise data. The framework or system sets the guidelines and rules of engagement for business and management activities, especially those that deal with or result in the creation and manipulation of data. Stanford University defines data governance framework as follows: A data governance framework is a cross-functional set of roles, policies, and enabling technologies that work together to ensure that an organization is getting the maximum net benefit out of its data assets (Stanford 2013, para 1). The Data Governance Institute defines data governance framework as follows: The DGI data governance framework is a logical structure for classifying, organizing, and communicating complex activities involved in making decisions about and taking action on enterprise data [The Data Governance Institute]. Mustimuhw Information Solutions Inc. defines data governance framework as follows: The data governance framework is a collection of strategy, structure, legislation, policy, and related tools. Components of the Mustimuhw Information Solutions Inc’s data governance framework are data governance vision and principles, governance structure, stewardship, accountability mechanisms, data governance policy, privacy and security policy, and legal instruments. Mustimuhw Information Solutions Inc uses a spiral to illustrate the dynamic and evolving nature of the framework in line with changing needs and capacities with the spiral beginning with data governance vision and principles (Mustimuhw Information Solutions Inc, 2015).

be taken into consideration when deciding on a data governance framework. Hence, a data governance framework that is suitable for one organization may not work for another organization; the framework needs to be tailored for an organization. Several frameworks exist for related governance topics like COSO ERM for corporate governance, Zachman Framework and TOGAF for enterprise architecture, ITIL for IT service management, and COBIT for IT governance. While there are no standardized frameworks for data governance and no standardized definitions, a few organizations (The Data Governance Institute, Informatica, Mustimuhw Information Solutions Inc, and SAS) have developed their own data governance frameworks. The DGI data governance framework has 10 components under three major heads as below: Rules and Rules of Engagement • • • • • •

Mission and vision; Goals, governance metrics, success measures, and funding strategies; Data rules and definitions; Decision rights; Accountabilities; and Controls.

5.2 Data Governance Framework

133

People and Organizational Bodies • Data stakeholders; • A data governance office (DGO); and • Data stewards. Processes • Proactive; • Reactive; and • Ongoing data governance processes.

5.3 Data Governance Components—Broad Categories Data governance has several interacting components, which can be grouped under three broad heads: • People; • Process; and • Tools and technology. Figure 5.4 shows the interactions and relationships between these high-level components.

5.4 Data Governance—The People Component The people are at the heart of a data governance program. People collaborate to create formal, standard and consistent policies, processes, rules, and standards across the organization. In order to achieve this, you need to define your data governance operating model, the organization structures and bodies, define and assign clear roles, responsibilities, accountabilities and decision rights, and establish the operating rhythm. There are some functional titles in data governance that are commonly in use (See Fig. 5.5). Data Producer The data producer is an individual, organization, system, interface, device, or service, who/which is responsible for generating, capturing, or providing data according to the data consumers’ requirements. Data Publisher The data publisher is an individual, organization, system, interface, or service who/which provisions data, and makes it available for consumption or for use in the enterprise.

Automate Metrics & controls

Measure/ monitor

Enable and automate

Policies

Measure/ monitor

Processes

Standards

Rules

Guidelines

Principles

Drive

Align and elaborate

Process component

Establish and follow

Fig. 5.4 Data governance—interaction of the people, process, and technology components

Measure

Tools and technology component

Leverage

Organizational structure

People component

Roles and responsibilities

134 5 Data Governance Components and Framework

5.4 Data Governance—The People Component

135

Responsible for generating, capturing or providing data according to the data consumers’ requirements.

Responsible for technical activities related to data.

Data Producer

Provisions data and makes the data available for use in the enterprise.

Data Publisher

Data Custodian

DG Functional Titles Data Consumer

Data Steward

Subject matter experts responsible for taking care of specific data assets including critical data elements identification, data issue resolution, data access and usage management, metadata management, data definition management, establishing data quality metrics.

Data Owner

Defines requirements related to the data, use data and verify that data is fit for purpose.

Has ultimate accountability and approving authority for specific data sets.

Fig. 5.5 DG functional titles

For example, in case of external data, the data producer is outside the organization; the data publisher acquires, stores the data, and makes it available and accessible to systems and people within the organization. The data producer and the data publisher can be a single entity when the data is created as well as provisioned by the same entity. Data Consumer The data consumer is a person (or group) who uses data for a specific purpose. The data consumer is responsible for defining and prioritizing the uses of data, defining the business and quality requirements in relation to the data, and verifying whether the data is fit for use. Data Owner The data owner is an individual who has ultimate accountability and approving authority for specific data sets, and usually holds a position in the senior management to ensure that they have the power to make decisions for their specific data sets. The data ownership is discussed in the section—“Data Ownership” in this chapter. Data Steward The data stewards are individuals responsible for the day to day management of data sets in their specific business units or as per their assigned processes. We will discuss

136

5 Data Governance Components and Framework

data stewards and data stewardship in detail in the section—“Data Stewards and Data Stewardship” in this chapter. Data Custodian The data custodians typically belong to the information technology area, and are responsible for technical activities related to data including data storage, making changes to the physical data models, IT infrastructure, data transfer, technical implementation of business rules and data quality rules, implementing technical controls for ensuring data quality, and data protection. The common job titles for data custodians are data designers, data modelers, database administrators (DBA), and ETL developers. The data stewards and data custodians work closely to ensure that their organization complies with the enterprise data management standards/policies, and that, critical data-related issues are escalated to the appropriate data governance boards, in a timely manner (Zaidi 2012). It is important to understand the responsibilities, that each title is bestowed with respect to data and data governance, as it is easier for people to agree on what they are supposed to do. Also, some titles are known by different names in different organizations. For example, the title ‘Data Stewards’ in an organization is equivalent to the titles- ‘Data Caretaker’ or ‘Data Subject Matter Expert’ in other organizations (Firican 2019). In addition to the common functional titles discussed above, depending on the focus of the data governance program and/or organization structure and complexity, there are other titles and designations that an organization might establish. For example, GDPR compliance requires appointment of a ‘Data Protection Officer’ whose responsibilities include advising the organization about GDPR, monitoring compliance, and training staff. Complex organizations adopting a federated model, generally have a ‘Group Data Officer’ reporting to a ‘Chief Data Officer’. Also, as data and data governance continue to evolve, new titles also come into picture. For example, George Firican in his article “3 surprising data roles you should know about” published on Lightsondata.com discusses three data roles—Data Savvy Manager, Data Influencer, and Data Facilitator. The Data Savvy Manager is responsible for defining and guiding data initiatives across data acquisition, integration, analysis, and delivery to improve business performance, with the right fit being the individuals who have a good understanding of the business impacts of data (Firican 2019). The Data Influencer (or Data Evangelizer) is responsible for spreading the importance of data within an organization as well as influencing the adoption of data management and data governance best practices. The Data Facilitator (or Data Coach) is responsible for guiding stakeholders in data-informed decision-making (Firican 2019).

5.4 Data Governance—The People Component

137

5.4.1 Data Governance Organization Structures, Roles, Responsibilities, and Operating Rhythms While the data governance program structures and bodies are rarely the same across organizations, there are some common component structures at different levels (namely, executive, strategic, tactical, and operational) and support teams to facilitate and coordinate activities across these different levels (see Fig. 5.6). It is a good practice to have an executive steering committee for large organizations. The executive steering committee which is at the top data governance organization chart, is the ultimate decision-making body and consists of the executive sponsor, C-level executives, IT leadership, and business leadership from all key areas in the organization such as marketing, finance, human resources, and the data governance manager. The executive steering committee provides strategic direction, defines roles, prioritizes data initiatives, ensures resourcing, facilitates overall collaboration, and oversees the progress and success of a data governance program. At the strategic level, the data governance council makes high-level decisions in relation to data governance. It is a cross-functional group consisting of the data owners from the key business areas and representatives from IT depending upon the objectives of the organization’s data governance program. In organizations that do not have an executive steering committee, the data governance council will also have executives. The data governance council is responsible for reviewing and approving the data policies, data processes, data roles, and resolve conflicts that cannot be solved at a data stewardship level. At the tactical level is the data stewardship council which makes the data related decisions. As the name suggests, the data stewardship council is made up of business data stewards in the organization, and is headed by the enterprise data steward. The responsibilities of the data stewardship council include driving data quality improvements, acting as an advisory body for enterprise-level data standards, guiding principles and policies with the authority to approve new standards and changes to existing standards, managing and resolving data issues, communicating the data governance vision and objectives across the organization, communicating business rules using data, communicating data related decisions of the data stewardship council and data governance board to the data consumers, defining, designing and fine-tuning data governance processes, reviewing and evaluating data governance performance and effectiveness, providing a forum to collaborate and obtain consensus on definitions, data quality issue resolution, policies, and processes, and enforcing uses of agreed on business terminology (Plotkin 2013). At the operational level, it is the data stewards who are responsible for the day to day management of data in their specific business unit or as per their assigned processes, such as identification of data that will be used by the business unit and creating data definitions for the data, definition of rules around management, usage, retention, access of data in line with the data policies, classifying data, identifying, documenting data issues, and communicating the issues to right people in the organization when necessary.

Executive Steering Committee

Data Stewardship Council

Fig. 5.6 DG program structures and bodies

provide technical support for data governance

SMEs responsible for taking care of specific data assets including CDEs identification, data issue resolution, data access and usage management, metadata management, data definition management, establishing DQ metrics.

Data Stewards

• is composed of business data stewards • makes data related decisions

• facilitate and support data governance and data stewardship activities • coordinate activities of the different data governance structures at the different levels

Operational

Tactical

Strategic

• consists of data owners from the key business areas and representatives from IT • makes high-level decisions in relation to data governance

Data Governance Council

• consists of the executive sponsor, C-level executives, IT leadership and business leadership • ultimate decision making body, provides strategic direction, oversees progress and Executive success of a data governance program

138 5 Data Governance Components and Framework

5.4 Data Governance—The People Component

139

The data governance office (DGO) and information technology partners are two structures that act as support teams when implementing data governance. Gwen Thomas in her article “Establishing a Data Governance Office” likens the data governance office to a project management office, and states that a DGO would be to data, what a PMO (project management office) is to projects. The Data Governance Office (DGO) or data governance team facilitates and supports data governance and data stewardship activities including running the data governance program, keeping track of data stakeholders and stewards, providing liaisons to other data initiatives like data quality, data security, data warehousing, and other programs, such as compliance [TDGI], providing timely communication to all stakeholders, and establishing and tracking data governance metrics. The DGO facilitates and coordinates activities of the different data governance structures at different levels. The DGO is headed by the data governance lead. The composition of the DGO is driven by the focus and goals of the organization’s data governance program and the size of the organization. For small organizations, the data governance office may have only one person, the data governance lead who is a data expert, has a strong political acumen as well as understands the culture of the organization. However, finding all these skills in one person is a rare feat and hence, the data governance office is often headed by an individual, who has an understanding of the information management discipline, with strong influencing and political skills to handle people issues, supported by data architects and data analysts to help with the technical details. Large organizations might need to have an enterprise data governance office [EDGO] and departmental data governance office (DDGO) for each department, which reports into the enterprise data governance office. The departmental data governance offices headed by their respective department data officers handle data governance activities at the departmental level, and work with the data stewards and data owners in their department to resolve issues, institute data policies, processes, and also interact with the other DDGOs. Not all organizations elect to introduce a formal DGO structure. Instead, they employ individuals such as data architects and data analysts who perform the functions that would typically be assigned to a DGO [TDGI]. The information technology partner is the IT peer to the data governance lead (O’Neal 2011) and is responsible for the implementation of the data governance technical roadmap, securing the IT infrastructure on behalf of the business units that own or have responsibility for data, and assuring that sensitive data, regardless of format, is protected at all times by using approved equipment, networks, and other controls, implementing business and data quality rules for maintaining and improving data quality, automating the capture and tracking of data governance metrics, automating the creation, capture, and maintenance of metadata, and ensuring that all “strategic” data is modeled, named, and defined consistently. An activity matrix which defines the activities that should be performed and with what frequency, the deliverables, which groups, committees, teams or individuals are responsible, accountable, consulted and informed, who needs to know about them and how often they should be reviewed, not only helps create a mapping between the

140

5 Data Governance Components and Framework

data related activities and the stakeholders, but also helps the organization understand the amount of work involved in terms of the time and effort of the involved groups and stakeholders. When you design your data governance program, it is important to decide on an operating model and understand the data governance structures and bodies that you will need, how these structures will fit into your operating model, and what their responsibilities are with respect to data governance. Data governance operating models will be discussed in the section - “Data Governance Operating Models” in this chapter. The composition of the data governance bodies and their responsibilities will be driven by what data governance program is set to achieve in the organization. For example, the data governance council composition will be different for an organization aiming at improving data quality, from another organization that is focused on ensuring data privacy. The time commitment that will be needed, and what is expected of the participants will also need to be clearly defined to set appropriate expectations. Most organizations will already have certain structures and will already be implementing data governance to a certain extent. It is best to leverage these structures and see how the additional responsibilities or new ways of working can be implemented while causing minimum disruption. It is also necessary to define an operating rhythm, which refers to the set of meetings with clear defined agendas that need to be scheduled to drive, manage, and sustain the data governance implementation in an organization. Without an operating rhythm, there is a high chance that activities that need to sustain a data governance program will stop. A right mix of weekly, monthly, quarterly, and annual meetings with clearly defined agendas need to scheduled with the right mix of people with the right focus. For example, there should be a process associated with data issues management and a regular operating rhythm should be established for managing data issues. The register that tracks issues should be maintained and weekly meetings with the right stakeholders (data producers, data stewards, data custodians, and data consumers) should be scheduled and take place to track progress and help resolve issues. Quarterly meetings can be held with the data owners to highlight the results.

5.4.2 Data Ownership Ownership is referred to as the “state of owning something”. Anything that people “own or possess” gives them the quality of ownership. Another way of looking at ownership is: “attitude of accepting responsibility for something and taking control of how it develops” [Macmillan Dictionary]. The first definition which alludes to possession and hence, refers to having exclusive right over something, does not apply when we define ownership with respect to data. This is because data is a shared enterprise asset, which means that, data does not

5.4 Data Governance—The People Component

141

belong to any one individual in the organization, but is under the collective ownership of the enterprise. Organizations generally store data that belongs to someone else, for example, employees, customers, suppliers, and vendors. The data are used by different business functions to meet their respective needs. While an organization captures a lot of data, it sometimes also acquires data sets from external vendors; for example, financial services organizations acquire credit risk data from organizations like Experian. In the past, individuals or departments have equated data ownership with exclusive possession, and with this perception of entitlement, power, and control, they have made changes to the data, and business rules involved in the transformation of data or its underlying data architecture to satisfy their business needs, without consulting or even notifying other stakeholders, who have dependencies on the original data, which have resulted in adverse impacts (example, production failures, delay in the production of critical reports, and broken business processes). The same perception of possession and control has led to the departments maintaining duplicate copies of the same data and transforming data to suit their unique needs resulting in data silos and inconsistencies (Talburt and Zhou 2015). From a data perspective, the second definition applies with respect to ownershipdata ownership is the attitude of accepting responsibility for data and taking control of how it develops. In the words of Shannon Fuller, Director of Governance Advisory Services, Gray Matter Analytics, “Data ownership is ultimately about assigning accountability for making decisions about data.” (Mahanti 2021). Taking these factors into consideration, with respect to data, ownership is accepting responsibility for the data, taking control, and making decisions regarding how data is managed, shared, transformed, accessed, and used. The data does not belong to a single individual in an organization, and hence, clear accountabilities in relation to data must be assigned to roles in the organization, and individuals (or teams) may fill these roles, and these individuals or teams are called the data owners. The data owners can be thought of as approving authorities. The data owners approve rules to create and capture data that are made by the data stewards, authorize changes to data and/or its definitions that are proposed by data stewards or data stakeholders, and have a final say on the quality of the data, as well as in the conflict resolution process. Establishing and enforcing data ownership can be challenging as the data moves through different systems in an organization and are transformed to meet business requirements. While business units who are subject matters experts for their respective business functions and corresponding data that are used by their business processes and have the official accountability for the data quality, there are other business units who use the data and might require the data to be transformed in a certain way, and then there are technical teams who actually implement the business rules for data to be stored and reported as per business requirements. The technical teams might implement business rules to transform the data based on requirements of the business unit who is not ultimately accountable for the data

142

5 Data Governance Components and Framework

and without approval from the data owners, it could result in a lot of confusion as the data owners cannot be held accountable for the data quality. The data governance team needs to ensure that the processes are in place for making changes to the data and also to educate teams on the approval authorities.

5.4.3 Data Stewards and Data Stewardship Data stewards is one of the key roles in data governance and data-driven organizations. Data governance is the exercise and enforcement of rules, processes, policies, practices, standards, controls, metrics and decision rights, and people accountabilities to manage data as a strategic enterprise asset; hence, people have a critical role to play in data governance with the data stewards representing the largest proportion of those people, with most cumulative knowledge about the enterprise data, including uses of the data and the problems associated with data. As stated by David Plotkin in his book “Data Stewardship” The data stewards represent the largest population of those people, as well as the most knowledgeable about data. They are, therefore, the keystone of the data governance program. One of the most critical parts of the organization are the data stewards, who must work together to determine ownership, meaning, and quality requirements for their data.

Given data stewards is one of the key data governance roles, one question that frequently gets asked is the number of data stewards needed in an organization. Dan Power states “A rule of thumb I’ve used is ‘one data steward per $1 billion in annual revenue’ but of course that can’t be a hard and fast rule.” The number of data stewards would vary depending on a number of factors such as the complexity of the business processes and data landscape in the organization, the extent to which processes are automated, the data quality tools, and the data governance tools available for use (Power 2014). Data stewardship is “the set of activities that ensure data-related work is performed according to the policies and practices as established through governance” [The Data Governance Institute [b]]. Data stewardship is the operational facet of a data governance program that involves the actual routine work of governing the enterprise’s data (Plotkin 2013). David Plotkin states (Plotkin 2013): Data stewardship consists of the people, organization, and processes to ensure that the appropriately designated stewards are responsible for the governed data.

Data governance is often confused with data stewardship but they are not the same. Data stewardship implements policies and standards that are created by data governance, while data governance oversees the enforcement of the data stewardship activities. Without data governance, data stewardship would have no policies or standards to implement across the organization (Smith 2016), and data stewards would

5.4 Data Governance—The People Component

143

be forced to develop policies and standards in a tactical fashion, and manage their enforcement, resulting in inconsistent standards and policies across the organization. The responsibilities of a data steward include data issue resolution, data access, and usage management in accordance with data access and data usage policies respectively, metadata management, data definition management, assisting in the assessment, creation, and modification of data policies and standards, ensuring compliance with data governance policies, identification of critical data elements, and establishing comparative importance of data elements to prioritize initiatives, understanding the data quality needs for specific business requirements and defining data quality rules, and assisting in definition, management, and implementation of data governance metrics (Plotkin 2013). A data steward would need to act as a mediator between the business and IT, and in this- a data steward satisfies the core definition of the steward that is—a person who is responsible for managing something on behalf of someone else. Hence, a data steward should have good interpersonal skills- collaboration, relationship building, and negotiation skills. 5.4.3.1

Data Owner Versus Data Steward

While the data owner is ultimately accountable for the data, its definition and quality, has final approval rights regarding the data, and has a role in the construction of data policies, a data steward takes care of the data so that they are fit for purpose. There is a perception that these two roles are the same, though that is not the case. The perception perhaps stems from the fact, that in some small organizations, data owners and data stewardship responsibilities are fulfilled by the same individual. While data owners may delegate some of their responsibilities to the data stewards assigned for the specific data set, the ultimate accountability of those responsibilities being fulfilled rests with the data owner. Also, in the absence of a data steward, the data owner is required to carry out the data stewardship duties in addition to his own responsibilities. 5.4.3.2

Why Data Stewards Fail

While data stewardship is one of the key people components of data governance, data stewards often fail. This is because data stewards are often assigned hastily, without proper focus in situations such as a central point of contact is required for distributed systems with heterogeneous large volumes of data [Dyché and Polsky]. They are often not empowered to make decisions, or do not have the authority to resolve, and are reduced to just being figureheads. As pointed out by Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co. (Mahanti 2021), The job of the data steward is complex and requires proper leadership, organizational capability, and training. The complexity comes from the fact that a steward must learn to work across the organization with a keen focus on collaboration and compromise (negotiation).

144

5 Data Governance Components and Framework

Organizations either create a full time role for data stewards or select data stewards from existing staff in related subject areas, and give them responsibilities for data stewardship, in addition to their existing responsibilities. In the latter case, data stewardship responsibilities come secondary to their existing responsibilities. With the vast volumes of data to be dealt with, data stewardship responsibilities can be overwhelming, and the staff is not able to find time to execute their data stewardship responsibilities. Also, the data stewards are often appointed without training them regarding the roles, responsibilities, and accountabilities, and thus setting them up for failure. Data stewards are subject matter experts who understand the organization’s data, the business context, and the usages of data. They consist of individuals who already have good working relationships with other teams. Since each organization’s data landscape is very unique, hiring data stewards would not work, as understanding the data landscape and building relationships takes time, but sometimes the organizations do hire data stewards owing to the resource shortage setting them up for failure. Another reason for the failure of data stewardship is the appointment of too many stewards or too few data stewards. Dr. Anne Marie Smith, in her article—“Foundations of Data Stewardship” states five reasons for data stewardship failure, namely-lack of enterprise data management that is responsible for coordinating the various data management disciplines, lack of enterprise data governance resulting in lack of policies and standards that guide data stewards, corporate culture that does not embrace enterprise wide data stewardship characterized by absence of executive sponsorship and senior management support, lack of defined roles and responsibilities for data stewards, and lack of measurements and metrics for the data stewards’ success (Smith 2011). The data stewardship role involves a great degree of collaboration and negotiation with different business units, which is directly proportional to the degree to which the data is shared. Data is a shareable enterprise asset with data related to certain entities like ‘customer’ shared more than the others. More the data is shared, the higher are the chances of conflicts, and greater collaboration and negotiations are needed on part of the data stewards.

5.4.4 Data Stewardship Models Jill Dyché and Analise Polsky in their SAS Best Practices white paper—“5 Models for Data Stewardship” provide 5 frameworks to choose from when launching data stewardship as shown in Fig. 5.7.

5.4 Data Governance—The People Component

145

Examples: Product, Events, Party, …

Examples: ERP, CRM, …

Data Stewards by Subject Area Data Stewards by Systems

Examples: Data warehousing project, …

Data stewardship model

Data Stewards by Projects

Data Stewards by Functions

Data Stewards by Business Processes

Examples: Sales, AccounƟng, MarkeƟng, …

Examples: Order-To-Bill, Customer Service, Procurement, …

Fig. 5.7 Data stewardship models

5.4.4.1

Data Steward by Subject Area

Organizations typically have a large number of subject areas or data domains like party, product, finance, and events. Each data domain can have subdomains; for example, the party domain can be divided into customers, employees, vendors, and suppliers. In the “data steward by subject area” model, the data stewards are appointed by data domain or subdomain or specific subject area which they manage and have expertise in, and are known as the data domain stewards or the data object stewards [Dyché and Polsky]. Advantages of this model are that there is a clear delineation with each data steward being responsible for their data domains or sub data domains, there is a one go-to person with regards to questions related to the respective subject areas and data stewards gain a greater understanding of their respective subject area with time in relation to business and data quality rules. However, the cons of this model are that, it can be difficult to find an individual with expertise in a data domain, with the likelihood of finding such a person is less, when the domains are complex and very large. Other challenges include difficulty in tying the data stewards to business initiatives and unwillingness to assign a single point of control for a subject area to a single role [Dyché and Polsky].

146

5.4.4.2

5 Data Governance Components and Framework

Data Steward by Function

Organizations have different business units and departments like sales, accounting, marketing, legal, risk, and human resources, with each business unit/department being in charge of the specific business functions. In the data stewardship model by function, the data stewards are appointed from the business units/departments. They have an understanding of the departmental business processes and an established relationship with the business users, and understand how these processes work and how business users use the data. These stewards are known as the business or functional data stewards. Hence, they have a good understanding of the context and uses of data. However, departments or business units typically touch more than one subject area or data domain, and while each data steward has a good understanding of the data requirements in his/her respective department, they do not have an understanding of the data requirements of other departments. They typically work in isolation without collaborating with the other departments and business units, thus resulting in silos of data, inconsistent models, and conflicting definitions and standards. This can become a serious bottleneck when organization try to move towards a single view of data, and would need a strong data governance model to resolve the difference between the departments, and achieve consensus, consistency, and standardization.

5.4.4.3

Data Steward by Business Process

This stewardship model is suitable for organizations that have mature enterprise level business processes, and at the same time have a strong sense of their enterprise level business processes from start to finish, and understanding of how these business process touch and use data. Data stewards are assigned to discrete business processes in this stewardship model and are known as process stewards. The number of data stewards assigned to the business process depends on the complexity of the business process. It is not uncommon to have several data stewards for complex business processes. Typically, a business process touches multiple data domains and hence, the data stewards assigned to a specific business process would also be responsible for multiple data domains, the specific business process touches. Also, since there is a likelihood of more than one data domain being touched by these processes, like in the “data steward by function” model, the data stewards typically work in isolation when it comes to data requirements for the business process that they are assigned to. Hence, without strong data governance, there will be inconsistent data definitions and data models.

5.4 Data Governance—The People Component

5.4.4.4

147

Data Steward by Systems

This data stewardship model is an IT centric approach to data stewardship in which the data stewards are assigned to the systems or applications that generate the data they manage. These stewards are known as the technical data stewards or system data stewards. They are usually IT professionals and are technology subject matter experts, and specialize in one or more information management areas like ETL, data warehousing, metadata management, database administration, data quality, and master data management. This approach results in improving the quality of the data that the system generates, and is useful where the business does not have knowledge of data stewardship and data governance with IT educating the business about rules and policies for business to make better use of data. The risks with this approach are that, the business might confuse data stewardship with data ownership and hence, may pull back from conversations about policies and usage.

5.4.4.5

Data Steward by Project

This model of data stewardship is a practical and quick method to introduce data stewardship by using the project as a base to develop the data skill sets and then ramp up to a broader scale beyond the project boundaries. In case of failure to ramp up, it will end with the project which will have a finite end date [Dyché and Polsky]. In large organizations and complex data landscapes with mature data governance and data stewardship, data stewardship might have a mix of models and consists of all the five types of data stewards—business data stewards, technical data stewards, data domain stewards, process data stewards, and project data stewards. The business data stewards understand the needs of the business stakeholders and work with technical data stewards, data domain stewards, process data stewards, and project data stewards. The project data stewards bring the data related issues or queries originating in the project to the business data stewards whose responsibility is to resolve and answer them. The technical data stewards answer system related queries of the business and data domain stewards. The process data stewards answer process specific queries of business data stewards. In addition to these roles, organizations can have additional stewardship roles like the operational data steward who assists business data stewards with research and analysis, the coordinating data steward who coordinate activities of the different types of data stewards, the enterprise data steward who leads the team of data stewards, the executive data steward who serves on the data governance council, and the chief data steward who chairs the data governance bodies in lieu of the chief data officer.

148

5 Data Governance Components and Framework

Alternatingly, an organization could have only two types of stewards- the business data steward and the technical data steward who work together with data owners to ensure that the data is fit for purpose. In smaller organizations, the data steward and the data owner can be seen to merge into one role. The data stewardship and the data ownership strategy adopted by the organization is determined by the resourcing, skill set, the IT budget, the organization’s data landscape, and the data risks that need to be addressed. Figure 5.8 summarizes the different types of data stewards that an organization can have.

Chairs the DG bodies in lieu of the CDO

Serve on the data governance council

Appointed by the specific data domains that they manage

Answer process specific queries of business data stewards

Chief Data Steward

Data Domain Steward

Leads the data steward team

Enterprise Data Steward

Process Data Steward

Types of Data Stewards

Technical Data Steward Answer technical queries related to data.

Executive Data Steward

Coordinating Data Steward Coordinates activities of different types of data stewards.

Business Data Steward SMEs who are authorities on the data sets they manage

Fig. 5.8 Types of data stewards

Project Data Steward

Operational Data Steward

Assists business Acts as intermediary stewards between the project and business data stewards

5.5 Data Governance—The Process Component

149

5.5 Data Governance—The Process Component Under this broad category, we will discuss the following elements of data governance: • • • • • •

Principles or data principles; Policies or data policies; Guidelines; Processes; Rules; and Standards or data standards.

5.5.1 Data Principles Data principles are high-level statements about what an organization wants to achieve by implementing data governance. They should not be confused with goals or policies. Goals are desired results, whereas principles guide an organization throughout its life. The data principles are more basic than data policies, and should be brief and to the point, while having clarity. Dr. Anne-Marie Smith in her article “Data Governance Guiding Principles” states that it is important to establish a set of points (which she calls guiding principles) in a continuing program like data governance which enables the organization to focus on the fundamental value of data management within the organization, and how it will support its business goals (Smith 2016). Some examples of data principles are as follows: • Data must be treated as a strategic enterprise asset. • The quality of critical data assets should be defined, assessed, managed, and monitored throughout the data life cycle. • Data must be managed so that the data complies with internal and external laws and regulations. • There should be clear accountabilities around data. • Enterprise data should be standardized.

5.5.2 Data Policies Policies form the building blocks of corporate governance and its sub-disciplines. Similarly, data policies are building blocks of data governance. There is a common misunderstanding that data governance is all about creating and enforcing policies around data. However, while policies are an important component of data governance, data governance is not only about documented policies. Data governance is

150

5 Data Governance Components and Framework

much more than just policy making, with systematic audits, reconciliations, metrics, processes, compliance reviews, and quality control activities. The data policies are a collection of statements of an organization’s intent or rules controlling the several data related activities and operations—creation, capture and/or acquisition, retrieval/requests, transformation, management, quality, protection, sharing, and usage of data throughout its lifecycle. Data policies are formal, brief, and describe the do’s and the don’ts at a high level in relation to these data related activities in a clear and concise manner, so that those executing the policies can make an informed decision. However, data policies do not provide implementation details or solutions for issues. In other words, data policies outline “what to do” and “what not to do”, but NOT “how to do”. Failure to adhere to data policies may result in disciplinary action. The data policies are further defined by data standards, rules, and processes. The data policies should not be written in isolation, but should be written by engaging all the relevant data stakeholders, and should align with the data principles as well as elaborate on the data principles. For example, drafting a data security policy requires a collaborative effort of the data owners, chief security officer, security architects, and chief data officer. Becky Metivier in her article—“Seven Characteristics of a Successful Information Security Policy” outlines seven characteristics of a successful information security policy, namely, endorsed, relevant, realistic, attainable, adaptable, enforceable, and inclusive (Greene 2014). These characteristics are applicable to all data policies and have been described in Fig. 5.9. Every organization has a different data and technology landscape, has different business needs of data, and is impacted differently by laws and regulations (both internal and external), and hence, the data policies are not the same across all organizations. This is reinforced by Nicola Askham, in her article “How to Write a Good Data Governance Policy”. For a policy to be really useful (i.e. help you implement data governance successfully) it needs to be written with your organization in mind…

The changes in the business needs of data, organizational changes, new laws, regulations, and changes in existing laws and regulations may need data policies to be revised. Hence, the data policies need to be reviewed from time to time, and the review frequency of each data policy needs to be defined and noted in the respective data policy. The updates to existing policies should be made only after proper assessment and understanding of the impact of the changes, and how revising the existing policies would address the same. The data governance committees should evaluate and approve all modifications. The data policies are generally created and maintained as electronic documents, and maintained in document and content management systems (for example, Documentum and SharePoint) through the inbuilt version control mechanisms in these systems and access controlled through the document classification. In addition, there should be a version history in the policy document that indicates who made what changes to the policy and when.

Fig. 5.9 Characteristics of data policy

Relevant Policy must make

Policy can be revised to accommodate changes

AƩainable

Policy can be successfully implemented

reality

Realistic sense and reflect

Adaptable

Data Policy Characteristics

Controls can be put into place to Enforceable ensure compliance with policy

Inclusive

Policy includes all impacted stakeholders

Endorsed

Policy has support of the management

Policy must align with the principles and goals of the organizaƟon

5.5 Data Governance—The Process Component 151

152

5 Data Governance Components and Framework Overview/ Summary/ Background Information

Reference Documents

Policy Maintenance & Review Frequency

Data Policy Components

Enforcement & Implementation

Policy Purpose

Policy Scope

Definitions Policy Principles

Fig. 5.10 Data policy sections/components

Data policies should typically have the following components (summarized in Fig. 5.10): • Overview/Summary/Background Information—This section contains an explanation of the status of the data related activity that the policy is about. • Policy Purpose—This section explains the need for the policy and what the policy would address. • Policy Scope—This section answers questions like—whether it will impact all data in the organization, who in the organization will the policy apply to, the situations when the policy will come into play, and hence, need to be enforced. • Definitions—This section contains an explanation of acronyms or uncommon terms that are contained in the policy. • Policy Principles—This section describes the framework and the guiding principles with respect to the data related activity that the policy is about. • Enforcement and Implementation—This section describes the roles, responsibilities, accountabilities around implementation, enforcement, and consequences of violation. • Policy Maintenance and Review Frequency—This section discusses frequency and/or situations when the policy should be reviewed. The data policies need to be reviewed from time to time to see if they still meet business and regulatory requirements. The policies might need to be revised as business, regulations, and data evolve. • Reference Documents—This section provides names and/or links to related policies and standards. For example, data classification drives data access and data retention. Hence, the data access, and data retention policies would have links to

5.5 Data Governance—The Process Component

153

the data classification policy and data classification standards in the “Reference Documents” section. The data policies typically address the areas such as data classification, data security, data access, data usage, compliance, and data governance structure as follows:

5.5.2.1

Data Governance Structure Policy

The policy outlining the data governance structures in the organization is known as the data governance structure policy. The data governance function is generally shared amongst executive sponsors, data governance office headed by a C-level executive, data governance committees and working groups, data owners, data stewards, data custodians, and data consumers. The data governance structure policy outlines the structures and the key data related roles and responsibilities with respect to the management of the organization’s data assets. It essentially outlines the roles and responsibilities around data (for example, data access, retrieval and usage, storage, destruction, and backup to ensure adequate management and protection of data) best practices.

5.5.2.2

Data Classification Policy

All data assets are not equal. Organizations store data that have different levels of sensitivity, criticality, confidentiality, and privacy requirements, which drive access, storage, security, usage, and quality requirements. The data classification policy classifies an organization’s data based on their sensitivity and risk profiles and encompasses all data acquired, owned, created, managed, stored, and disseminated (both internally and externally) by the organization. The data classification policy and the data classification schemes have been discussed in detail in Chap. 3 in the second book of the series—Data Governance and Data Management.

5.5.2.3

Data Access Policy

The data access policy ensures that the authorized individuals have appropriate access to organizational data and information in alignment with the organization’s data security and privacy policies, internal and external regulations, and data classification policy. The data access is driven by a number of factors as follows: • Level of confidentiality needed; • Data sensitivity;

154

• • • • •

5 Data Governance Components and Framework

Legal and regulatory requirements; Contractual obligations; Business impacts of misuse, modification, deletion, or theft of data; Data protection requirements; and Other business requirements.

Organizations should take these factors into account when defining data access policies. The data access should be in accordance with data access policies. While the data access policy should recognize that data access should not compromise security, and should take into account the data classification at the same time, it should also recognize that processes to secure data should not intervene unduly with the efficient operation of the organization’s business. This policy applies to all business units in the organization and all organizational data. The data stewards are responsible for processes for requesting, approving, and revoking access.

5.5.2.4

Data Usage Policy

Organizations generally store data related to entities external to the organization, and the data should be used for intended purposes only in accordance with privacy policies. The data should not be used for personal gain or used inappropriately. The data usage falls into the categories of create, update, read-only, and external distribution (Smith 2016). The data usage policy is a, set of guidelines that ensure that the data acquired by an organization are used for intended purposes in an ethical manner and shared appropriately in accordance with privacy and protection laws to facilitate the associate services for which they were collected in the first place, and that the data are not misused or abused. The individuals in the organizations who have access to data will have to abide by the data usage policy. The consequences of the use of data for purposes other than intended purposes should be clearly stated in the data usage policy. Depending on the sensitivity of the data and damages caused due to misuse, a violation might result in termination of access privileges, or even termination of employment, or other disciplinary or legal actions.

5.5.2.5

Data Retention Policy

Organizations by nature are data hoarders. However, storing data longer than needed, not only takes up storage, requires maintenance, and has associated costs, but also might conflict with the compliance requirements. The data should be only retained for the timeframes that are needed for business reasons in compliance with legal, contractual, and regulatory requirements. Not all data have the same retention requirements. The data retention policy is a set of

5.5 Data Governance—The Process Component

155

guidelines that describes what data will be kept for how long, guidelines related to backup, and whether data is archived or destroyed at the end of the retention period, business reasons for retaining data, and other factors relating to the retention of the data. There are various factors like compliance, legal, contractual, regulatory, and operational requirements that can have conflicting needs when it comes to the retention of data.

5.5.2.6

Data Records Management Policy

The data records management policy outlines guidelines around how data records are created/captured, maintained, and deleted.

5.5.2.7

Data Quality Policy

The data quality policy defines the organization’s approach to data quality and outlines the guidelines in terms of roles and responsibilities and processes for maintaining high quality data in order to manage activities, and meet internal and external requirements to demonstrate accountability through accurate reporting and data quality dimensions. The data quality policy should include the in-scope data and should include the data quality threshold for critical data.

5.5.2.8

Data Integration Policy

Data integration, or the ability of data to be assimilated across information systems, is contingent upon the integrity of data, the development of a data model, corresponding data structures, and data domains (Smith 2016). The purpose of the data integration policy is to ensure that the organization’s data have a high degree of integrity, and that the critical data elements can be integrated across functional units and electronic systems, so that the staff, contractors, and management may rely on data to meet their business needs. It is the responsibility of each data steward, in conjunction with the data governance committee and the enterprise data architect, to determine the critical data elements and data sets (Smith 2016).

5.5.3 Guidelines Guidelines consist of recommendations and best practices designed to achieve the policy’s objectives, by providing a background to design standards and implement

156

5 Data Governance Components and Framework

processes. Unlike policies that are mandatory, guidelines are not mandatory, but recommended, and may not apply in all situations. Like policies, guidelines need to be reviewed periodically too, but more frequently, as changes in environments can trigger a change in guidelines.

5.5.4 Processes Processes are methods or set of steps to support the various activities needed to govern data as well as implement the data policies in the organization. While policies define what to do, processes establish how to do. It is highly recommended to have formal, documented, consistent, and repeatable processes for governing data, which includes establishing processes for implementation of data policies, identification and prioritization of critical data elements, naming and data definitions, business rules documentation, changes to the data model, assessing data risks, reporting, data quality issue management (including raising, escalating, tracking, and resolution of data quality issues), establishing data ownership and data stewardship, decision rights and conflict resolution, defining data governance council membership changes, incorporation of controls, and monitoring metrics. Processes should also be defined for capture/acquisition, processing, storage, maintenance, access, distribution, deletion, archival, and purging of data. Both reactive and proactive processes need to be defined when governing data. Controls are used to mitigate risks associated with data or processes that can adversely impact data. Controls can be both manual and/or automated. The description of the control, frequency or event triggering the control, and who is in charge of the control needs to be established and documented. When there are changes to the processes, controls need to be reviewed and modified as necessary. Changes to processes might also necessitate new controls to be incorporated. Risks can be found throughout the data life cycle, starting from creation or acquisition of data to the end of the data lifecycle characterized by deletion or purging of data. For example, the errors might happen during manual data entry, and validation controls can be implemented to prevent these from happening. If certain fields on the form are mandatory, then validation controls can be implemented to prompt the user to enter a value, before he is allowed to submit the form, or the submit button can be disabled with a message on the screen, prompting users to enter values for the empty fields. Additional controls can be implemented to prevent junk values. Another example of control is when data are transferred between systems, count of records and audit logs can help check the completeness of the data records. Manual controls would involve someone manually checking the number of records on the source and destination side and in case of missing records, someone manually sending the missing records as a part of remediation.

5.5 Data Governance—The Process Component

157

Automated controls involve both the data file and control file containing file specifics like name, date, time of transfer, number of records, and an automated process comparing the number of records in the control file and the number of records in the data file sent; rejecting the file and triggering the source system to send the data again, if the number of records mentioned in the control file do not match with the number of records in the data file. Sometimes, the controls cannot be implemented for a risk or the controls may not be effective, in which case remediation activities need to be defined, to correct the issue. Like policies, processes need to be reviewed from time to time, and revised as needed. The changes in organization structure, revision of existing data policies, new laws, and new regulations or modifications of existing laws and regulations are some reasons that might need a change in the processes. Rob Karel categorizes data governance processes in his article “Data Governance: The 4 Process Stages” into four different process stages (Karel 2014) (see Fig. 5.11): • • • •

Discover, Define, Apply, and Measure and monitor.

As the name suggests, discover processes document the current or as-is state of the organization’s data governance maturity, and helps define policies, standards, and processes based on the future state of the organization. The gaps between the current state and future state are also documented. Hence, the discover process stage outcomes drive the define process stage (Karel 2014). The define processes document data definitions, naming conventions, taxonomies, relationships, as well as the policies, rules, standards, processes, measurement strategy and metrics that must be defined to operationalize data governance (Karel 2014). The apply processes operationalize and ensure compliance with all the data governance policies, business rules, stewardship processes, workflows, and crossfunctional roles and responsibilities captured through the discover and define process stages (Karel 2014). The measure and monitor processes capture the effectiveness and progress of data governance implementation. These processes help in identifying whether the data governance implementation is moving towards the intended goal. If the measurements indicate an issue, then an assessment needs to be carried out to discover the problem spaces and leads to the discover process stage. While processes detail the “how to” support activities needed to govern data, they might not be sufficiently detailed, in which care step by step instructions in the form of procedures are needed.

Fig. 5.11 Data governance process stages

Capture progress and effectiveness of data governance implementation

Apply process

Define process

Operationalize data governance elements such as data ownership, roles and responsibilities, captured through discover and define stages

Measure & Monitor process

Discover process

Define current state of data governance maturity and discovery of problems

Document data definitions, roles and responsibilities that are required to operationalize data governance

158 5 Data Governance Components and Framework

5.5 Data Governance—The Process Component

159

5.5.5 Rules and Standards Rules encompass the business rules and the data quality rules. Standards allude to data standards. Rules and standards ensure consistent results from people and processes using them. Data standards define a frame of reference on representation, format, meaning, structuring, transmission, and management of data elements. Examples of data standards include data naming standards, data modeling standards, data transfer standards, and data security standards. Like the data policies and processes, the data standards must be adhered to across the enterprise, and there should be a review process defined to ensure that the data standards are up-to-date. Adherence to data standards and rules can be measured by defining thresholds, and assessing data against these thresholds to gauge conformance and quality. However, enforcing data standards consistently and standardizing data across systems is not as simple as it seems. First, you need all the relevant stakeholders to help define these standards. Then you need to define the processes and rules, and implement controls to make these happen. If your organization has operations in multiple countries then this complicates matters even further. For example, consider the standardization of addresses. At the grassroot levels, you would need all stakeholders to agree on how you want different address components captured. These would then be converted into business rules for data capture and rules to map existing values to the standardized values. For example, the decision may be to capture the state name in full without abbreviations. However, while some countries like the US have states, some like the UK have county and hence, this needs to be taken into consideration when planning for standardization. It is important that individuals across the organization have a common understanding of the enterprise data, what the data represents, and the business terms that represent this data (Mahanti 2019). A Business Glossary also known as data glossary, and is a repository that has a definition of terms across business domains, specific to the industry and organization, which is shared across the organization. A business glossary is not just a list of terms and definitions. Other valuable metadata such as transformation rules, data owners, data stewards, description of any exceptions, and variations are also included (Mahanti 2019).

5.6 Data Governance—The Tools and Technology Component While data governance is mostly about people and processes, tools and technology facilitate and enable data governance through automation, scaling, augmentation, and auditability. Organizations store large volumes of data, and data governance

160

5 Data Governance Components and Framework

and stewardship activities should be automated wherever possible to achieve speed and accuracy. We have discussed more about technologies and tools, and how they can facilitate data governance in Chap. 4 of the second book of this series—Data Governance and Data Management.

5.7 Data Governance Operating Models Before delving into data governance operating models, let us understand, what operating model and governance operating model mean. As per Wikipedia, an operating model is both an abstract or visual representation (model) of how an organization delivers value to its customers or beneficiaries, as well as, how an organization actually runs itself [Wiki- Operating Model]. Scott Baret, partner, Governance, Regulatory and Risk Strategies, Deloitte & Touche LLP, who also serves as a global leader, Financial Services Enterprise Risk Service, Deloitte Touche Tohmatsu Limited defines the governance operating model as follows: A governance operating model is the mechanism used by the board and management to translate the elements of the governance framework and policies into practices, procedures, and job responsibilities within the corporate governance infrastructure.

If the above definition of governance operating model is applied in relation to data, the data governance operating model is the mechanism used by the board and management to translate the elements of the data governance framework and data policies into practices, procedures, and job responsibilities within the data governance infrastructure. In short, the data governance operating model is the model that the organization adopts to operationalize data governance. The data governance operating models are also known as data governance models. Having the right model is crucial to sustaining data governance in an organization. Also, the data governance operating model should be defined prior to establishing the data governance organization structures. The data governance operating model should not be mistaken for an organization chart. There are various factors that need to be considered when choosing a data governance operating model for an organization such as: • • • • • •

Size of the organization; Organization structures and hierarchies; Organizational maturity; Organizational culture; Business drivers; Whether organizational operations are centralized or distributed across different geographic locations; and • Complexity of an organization’s business and technical environment.

5.7 Data Governance Operating Models

161

When asked about factors that should be taken into consideration while choosing a data governance operating model for an organization, Jill Dyché, Principal, Jill Dyché, LLC. stresses on culture while George Firican, Director of Data Governance & Business Intelligence at UBC DAE and Founder ofwww.lightsondata.com, stresses on the size of the organization, the organizational structure and that of its operations, the main drivers, and complexity of its business, and technical environment (Mahanti 2021). The data governance operating models can be of the following types (see Fig. 5.12): • • • • • •

Top Down; Centralized; Decentralized; Hybrid; Federated; and Crowdsourced.

5.7.1 Top Down This operating model is adopted in organizations, which have a traditional hierarchy structure, where the top level has the maximum power and makes decisions that are communicated through the hierarchies below, with each level adding the appropriate level of details as the decision is cascaded to the lower levels of hierarchy to the business units. The decisions are final and the execution is the only option in this type of model. For data governance to be successful, there needs to be a clear relationship between the executive-level data governance council and other elements of the data governance program [Thomas].

5.7.2 Centralized In this model, the decisions are made by a dedicated centralized group at the enterprise level who consider all the options, impacts, value, and risks before making a decision that best suits the organization, and the business units are responsible for the implementation. As stated by George Firican in his interview statement, this model works for small organizations (Mahanti 2021).

Fig. 5.12 DG operating models

A mix of both the centralized and the decentralized models with additional layers of centralization/decentralization.

Federated

Collaborative approach to DG but has no control.

Crowdsourced

Hybrid

DG Operating Models

Top Down

Decisions are made by a dedicated centralized group at the enterprise level

A mix of both centralized and decentralized models

No single point of data governance ownership

Decentralized

Centralized

Adopted in organizations with a traditional hierarchy with top level making decisions and lower levels executing them

162 5 Data Governance Components and Framework

5.7 Data Governance Operating Models

163

5.7.3 Decentralized This model is the direct opposite of the centralized model, with no single point of data governance ownership. Most data governance programs start in this fashion and have a relatively flat structure with informal data governance bodies. This model is relatively quick to establish and implement. However, the informality of the data governance bodies makes it difficult to sustain the program long term. Also, there are issues with the shared data ownership and reaching consensus on shared data issues is also difficult (O’Neal 2015). As stated by George Firican in his interview statement, a decentralized model work well for an organization that has dispersed its operations to several remote locations (Mahanti 2021).

5.7.4 Hybrid A hybrid data governance model is a mix of both centralized and decentralized models with a centralized data governance office and steering committee with decision making at the enterprise level, and the data governance structures consisting of decentralized working groups in the business units or the functional areas facilitating collaboration and gaining consensus.

5.7.5 Federated This model is very closely related to the hybrid model and is a mix of both the centralized and the decentralized models with additional layers of centralization/decentralization. The data governance execution and implementation are decentralized, with a single point of contact and accountability at an enterprise level. While the federated model empowers divisions with differing requirements and provides the ability to focus on specific data entities, divisional challenges, or regional priorities, it has the disadvantages of having too many layers and autonomy at the business level, and can be a challenge to coordinate across the organization. Also, it is difficult to find a balance between the line of business priorities and enterprise priorities (O’Neal 2015). As stated by George Firican in his interview statement, the federated model is suitable for organizations that have complex business and technical environments (Mahanti 2021).

164

5 Data Governance Components and Framework

5.7.6 Crowdsourced The term crowdsourcing was coined by Jeff Howe in his article “The Rise of Crowdsourcing” published in the June, 2006 issue of the Wired magazine. It is a combination of the words – “crowds” and”outsourcing “ (Goodrich 2013). Crowdsourcing can be described as getting work done from the crowd (a community that is willing to participate and agrees to do work voluntarily) by using their concepts, skills, and ideas to create content or facilitate the creation of content. When applied in relation to data, each individual has equal and full rights as a data citizen and is encouraged to participate freely (Christiaens 2016). Phil Watt, Director, Elait Australia, states that (Mahanti 2021), Over the last 2-3 years, a new approach to data governance has emerged and it is gaining traction focused on a crowd-sourced or collaborative approach to governance.

With the self-service model, more and more business users have direct access to the data and have a very good understanding of the data, as well as its context. While the top down and the centralized approach to data governance offer stricter control, these approaches will fail to capture this distributed data community knowledge into the policies, processes, and standards for data governance. Crowdsourcing data governance helps tap into this community which has extensive knowledge and understanding of the data, but has no control. Crowdsourcing is a good method to gather information. However, as individuals have different contexts of data usage and different understanding of the same data, depending on different levels of users involved, some level control is needed to ensure that the data is fit for purpose and compliance requirements are also met. Phil Watt, Director, Elait Australia is a strong advocate of the crowdsourced approach with a layer of oversight to ensure regulatory compliance. In his interview, Phil states the companies that he has seen adopting this approach (including Airbnb and eBay), success had been sustained by allowing the community of analysts to govern themselves, with a layer of oversight for privacy and security to ensure regulatory compliance. In his words (Mahanti 2021): I prefer the crowd-sourced approach driven by automation and collaboration capability… For this to succeed; it must also have a layer of oversight to ensure regulatory compliance.

5.8 Concluding Thoughts There is no single approach, framework, or a right way of doing data governance. The different components of data governance—people, roles and responsibilities, organizational structures, principles, policies, processes, rules, standards, and metrics will always be there, irrespective of organizations when implementing data governance. However, these components will be different for each organization. Hence, the data governance approach consisting of these components, for any two organizations could be very different, or somewhat similar, but can never be exactly the same.

5.8 Concluding Thoughts

165

An organization will have organizational structures, bodies, and working groups that practice data governance. It is best to see how these structures can be leveraged, and how new data governance processes can be introduced or overlaid on top of the existing structures, so as to cause minimum disruption and contention. Also, as organizations get more mature, or in case, changes are carried out in the organization’s structure and hierarchies, and as data continues to evolve, the data governance framework and operating model that was initially established may no longer apply, and a different framework and model might need to be established. For example, a small organization in a single geographic location might start with a centralized operating model, but as the organization establishes new offices in different geographic locations, the centralized model might no longer work, and a federated model might become necessary.

References Christiaens S (18 Aug 2016) Crowdsourcing data governance. Last accessed on 10 April 2020, from https://www.collibra.com/blog/crowdsourcing-data-governance Dyché J, Polsky A 5 Models for data stewardship, SAS best practices white paper Frican G (April 2019) Surprising data roles you should know about. Lights on data blog. Last accessed on 10 April 2020, from https://www.lightsondata.com/3-surprising-data-roles/ Goodrich R (Feb 2013) What is crowdsourcing? Business news daily. Last accessed on 10 April 2020, from https://www.businessnewsdaily.com/4025-what-is-crowdsourcing.html Greene S (29 Mar 2014) Security program and policies: principles and practices, 2nd edn. Pearson IT Certification Howe J (2006) The rise of crowdsourcing. Wired Magazine 14(6):1–4 https://deloitte.wsj.com/riskandcompliance/2013/06/11/governance-operating-model-a-tool-formore-effective-board-oversight/ Jackson K (8 Mar 2018) Breaking down barriers with master data management and data governance, session #249, HIMSS18. Last accessed on 10 April 2020, from https://365.himss.org/sites/him ss365/files/365/handouts/550234736/handout-249.pdf Karel R (2 Jan 2014) Data governance: the 4 process stages, informatica blog, https://blogs.inform atica.com/2014/01/02/the-process-stages-of-data-governance/#fbid=iE2S7g10MP2 Macmillan Dictionary, ownership definition. Last accessed on 10 April 2020, from https://www. macmillandictionary.com/dictionary/british/ownership Mahanti R (2019) Data quality: dimensions, measurement, strategy, management and governance. ASQ quality press, Milwaukee WI. pp. 526. ISBN: 9780873899772 Mahanti R (2021) Data governance and compliance, Springer Books, Springer, number 978-98133-6877-4 Metivier B (8 Feb 2016) Seven characteristics of a successful information security policy”, Sage advice—cybersecurity blog. Last accessed on 10 April 2020, from https://www.sagedatasecurity. com/blog/seven-characteristics-of-a-successful-information-security-policy Mustimuhw Information Solutions Inc., (2015) Data governance framework. Last accessed on 10 April 2018, from https://static1.squarespace.com/static/558c624de4b0574c94d62a61/t/558c75 a5e4b0391692159c81/1435268517023/BCFNDGI-Data-Governance-Framework.pdf O’Neal K (2011) The role of IT in business-led data governance, b-eye-network. Last accessed on 10 April 2020, from http://www.b-eye-network.com/view/15165 O’Neal K (July 2015) Identifying the right operating model for your organization: a step toward sustainable data governance. Last accessed on 10 April 2020, from http://www.b-eye-network. com/blogs/oneal/archives/2015/07/the_right_operating_model.php

166

5 Data Governance Components and Framework

Plotkin D (2013) Data stewardship, Elsevier Science Publication Power D (2014) Building a data governance organization, Eckerson Group, https://www.eckerson. com/articles/building-a-data-governance-organization Last accessed 1 June 2020 Smith AM (Aug 2011) Foundations of data stewardship. Last accessed on 10 April 2020, from https://www.ewsolutions.com/foundations-data-stewardship Smith A-M (5 Oct 2016a) Four foundational data governance policies, EWSolutions. Last accessed on 10 April 2018, from https://www.ewsolutions.com/basic-data-governance-policies/ Smith A-M (5 May 2016b) Data governance guiding principles, EW Solutions. Last accessed on 10 April 2018, from https://www.ewsolutions.com/data-governance-guiding-principles/ Stanford University (2013) What is data governance? DG @ Stanford. Retrieved from http://www. stanford.edu/dept/pres-provost/cgi-bin/dg/wordpress/ [TDGI] The data governance institute, component #8: data governance office. Last accessed on 10 April 2018, from http://www.datagovernance.com/fwk_c08_data_governance_office/ The Data Governance Institute [b], data governance and stewardship. Last accessed on 10 April 2020, from http://www.datagovernance.com/adg_data_governance_governance_and_stewardship/ The Data Governance Institute. Last accessed on 10 April 2018, from http://www.datagovernance. com/the-dgi-framework/ Thomas G, Choosing governance models. Last accessed on 10 April 2018, from http://www.datago vernance.com/choosing-governance-models/ Thomas G, Establishing a data governance office. Last accessed on 10 April 2018, from http://www. datagovernance.com/establishing-a-data-governance-office/ Wiki- Operating Model. Last accessed on 10 April 2018, from https://en.wikipedia.org/wiki/Ope rating_model Talburt JR, Zhou Y (2015) Entity information life cycle for big data. Morgan Kaufmann Zaidi J (2012) Data governance demystified–lessons from the trenches, Dataversity, https://www. dataversity.net/data-governance-demystified-lessons-from-the-trenches/ Last accessed 10 June 2019

Chapter 6

Data Governance—Metrics

However beautiful the strategy, you should occasionally look at the results. —Sir Winston Churchill Count what is countable, measure what is measurable, and what is not measurable, make measurable. —Galileo Galilei If you cannot measure it, you cannot improve it. —William Thomson, Lord Kelvin

Abstract Data governance metrics is one of the key factors in the success of data governance. Data governance is often seen as a lot of overhead and hence, you need meaningful metrics to show progress periodically. A section in this chapter has been dedicated to discussing the characteristics of a good data governance metric. Organizations often do not realize that they are measuring a wrong metric. A few indicators that serve as warning signs and tell you that you need to revisit and revaluate your data governance metrics are discussed in this chapter. This chapter also describes a few data governance metrics categories, provides guidance on choosing and documenting metrics, and provides some examples of data governance metrics for readers to choose from, and track their data governance program. It is important to give a relevant and compelling view of the data to the top management and stakeholders to communicate the metrics and progress of data governance in an effective manner. Dashboards and scorecards have been discussed briefly in this chapter too.

6.1 Data Governance Metrics—Introduction You have a data governance strategy in place, you have set up organizational structures to implement data governance and you are to set to embark on the journey of implementing data governance. Now what you need is to define the right data governance metrics to track the progress and effectiveness of your data governance program! In legendary mananagement thinker, Peter Drucker’s words, “You cannot manage what you can’t measure,” applies to data governance too, and this view is also resonated by Tony Epler, Chief Data Strategist, PricewaterhouseCoopers, and Dr. © The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4_6

167

168

6 Data Governance—Metrics

John Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners Inc. in their interview statements as below (Mahanti 2021). Tony Epler: “Like many organizations, we believe that programs, projects, and initiatives cannot be effectively managed unless they are measured.” Dr. John Talburt: “As with any program, DG can’t be effectively managed without measurement.”

A metric refers to a standard for measuring something. It has roots in the Greek word “metron”, which relates to measurement. The management axiom “what gets measured gets managed” (Willcocks and Lester 1996) applies to data governance too. Gartner analyst Ted Friedman states (TechTarget and RSD) Organizations have to develop data quality metrics and scorecards, and they have to have a repeatable approach for measuring the degree to which data conforms to their policies, and they need to make the results visible to people so they can take action.

Metrics are critical to measuring, monitoring, and managing the effectiveness, progress, impact, and value of a data governance program, and for demonstrating success. It is important to identify and document the performance metrics at the very start of the data governance program to be able to measure the impact of the data governance efforts, and to track consistently to ensure the effectiveness of the processes in the future. However, organizations struggle to define meaningful and relevant data governance metrics that are aligned with the business goals. Many organizations do not even use metrics to track progress or to demonstrate the effectiveness of their data governance program. This is because there are no standard set of metrics in data governance. Kelle O’Neal, Founder, and CEO of First San Francisco Partners at the Enterprise Data Governance Online 2017 stated (Dennis 2017) Metrics are one of the hardest aspects of data governance (to grasp) and also one of the most important.

This is because data governance like data is intangible. With respect to the data governance metrics, it is important to understand what to measure, why you are measuring it, how to measure it, and how these metrics would help the organization to take adequate preventive or corrective actions to stay on course to attain business objectives. There needs to be an agreement on the metrics to be measured from all the data governance stakeholders. The metrics should be driven by the goals that data governance is set to achieve and the context in which they are applied. Metric measurement and review should be a periodic process and not a one-off event. At the heart of metrics is data. Metrics are derived from data either already sitting in repositories or gathered through surveys. In Chap. 2, we established “Data Governance Metrics” as one of the critical success factors for successfully implementing data governance in an organization. A data governance program is a systematic and continuous improvement program, and measurement not only establishes the effectiveness, impact as well as value, and

6.1 Data Governance Metrics—Introduction

169

enables the reporting progress of the program to your senior management and key stakeholders, but also maintains control over the data governance processes. In order to show that the data governance program is benefiting the business, you need appropriate metrics—both to measure the results of the data governance program as well as activities of those involved in data governance- for example, data stewards and data management professionals. A single metric rarely gives you a complete picture in relation to the progress or value of data governance; generally, a set of metrics is required to collectively evaluate the progress and impacts. Data governance is often seen as a lot of overhead and hence, you need meaningful metrics to show progress periodically, and when senior management asks questions like (also see Fig. 6.1) Where are we at with data governance? Is the data governance program working? Is the data governance program making a difference? What have we achieved so far? How close are we to attaining our business goals? How will we know that we have achieved our business goals? Is the data governance progress being measured? How is the data governance progress being measured? Are we heading in the right direction?

Laura Sebastian-Coleman, Data Quality Lead, Finance Data Governance Center of Excellence, CVS Health when discussing data governance metrics stated (Mahanti 2021) …One reason why we are focusing on producing metrics is that, without them, other people do not have a clear picture of what the data governance team is actually accomplishing. With them, we can show that we are making headway on our initiatives. People get more interested when they feel like there is something concrete to learn about.

As with any program, DG can’t be effectively managed without metrics in place to measure impact and progress. In this chapter, we will discuss the characteristics of good data governance metrics, data governance metric categories, data governance metric selection and documentation, and a few examples of data governance metrics, that will give you some guidance when choosing the metrics to track your data governance program. Dashboards and scorecards which can be used to visualize and present metrics have also been discussed briefly in this chapter.

6.2 Desired Characteristics of Data Governance Metrics While a lot of things can be measured, it is important to keep in mind that not all measurements are value-adds, and hence, you should not measure everything. As stated by Kelle O’Neal, Founder and CEO of First San Francisco Partners in a

Is data governance progress being measured?

Fig. 6.1 Data governance questions to which metrics can provide answers

How close are we to attaining our business goals?

Is the data governance program making a difference?

Where are we at with data governance

How will we know that we have achieved our business goals?

How is data governance progress being measured?

Are we headed in the correct direction?

What have we achieved so far?

Is the data governance program working?

170 6 Data Governance—Metrics

6.2 Desired Characteristics of Data Governance Metrics

171

presentation related to metrics at Dataversity® Enterprise Data Governance Online 2017 (O’Neal 2017; Dennis 2017). Less is more; you don’t have to measure everything. You just have to choose what’s important and meaningful to your stakeholder group and your program.

Metrics should be related to the business objectives and at the same time be able to provide meaningful insights that management can relate to and understand. Data governance metrics should have the following characteristics (see Fig. 6.2). Meaningful A data governance metric should be meaningful, and assist stakeholders to understand important aspects of their processes. It is important to ensure that measurements are translated into a value statement that the stakeholders can use as key performance indicators.

Measurable Relevant

Meaningful

Aligned

Owned

DG Metrics Characteristics

Time Trackable, Repeatable, & Comparable

Actionable

Accessible

Transparent Auditable

Fig. 6.2 Desirable characteristics of data governance metrics

172

6 Data Governance—Metrics

A metric that is meaningful to one group of stakeholders might be meaningless to another group of stakeholders. Hence, the target audience should be kept in mind while deciding on a metric. For example, the percentage of customer records with missing address data elements (for example, missing street address, city, and postcode) will be meaningful to the data management team and data stewards to understand the current state of customer data, but this metric is not meaningful to senior executives. Similarly, the percentage of additional costs or the percentage of missed opportunities would make sense to the management, but not to the technical teams. Measurable Data governance metrics should be relatively easy to measure, with measurements being accurate and consistent. If a new system or a complex process needs to be devised and implemented just for the sake of measuring the metric, then it is possibly not worth measuring it in the first place. Also, if the metrics involve complex calculations, then it would be difficult to measure as well as understand and hence, would not be a valueadd. Also, what needs to be considered is, whether the metrics can be measured objectively or subjectively, and whether the metric capture is automated or has to be done manually. Automated metric capture is preferred over manual metric capture as system generated data is more accurate. However, the requirements should be captured, designed, and implemented correctly, otherwise automation will not yield right results. Aligned Data governance metrics have no value if they are not aligned to the business goals and the stakeholders needs. Therefore, it is important to ensure that there is some way of measuring how data governance is helping the stakeholders move closer to their goals, and translate the metrics into a value statement that they are able to relate to. Actionable A data governance metric should be actionable, as in, if the metric results are below the threshold, there should be a set of remedial actions that would be able to change the outcome in such a way, that post-implementation of the actions would result in a positive trend in the metric when measured. There is no use of measuring something, if you cannot influence or change the outcome. Relevant The data governance metrics should be relevant to the business goals and industry, and should be within the business context. You should not measure something just because it has always been measured. Also, as the data governance program evolves, goals might change and you might need to stop measuring metrics that are no longer relevant.

6.2 Desired Characteristics of Data Governance Metrics

173

Metrics would need to be revised or new metrics would need to be defined to be relevant and aligned with the new business goals and business context. Transparent A data governance metric must be transparent, and there should be a clear understanding as to what is being measured, how are the calculations being done, whether there are any assumptions and, if there are any assumptions, what those assumptions are, what the targets are, and how they affect the outcome in a positive direction, and what is the frequency of measurement. Time-trackable, repeatable, and comparable A data governance metric should not be restricted to a one-time snapshot of an activity. A good metric must be repeatable, and should be able to be measured over a period of time, so that the metrics can be tracked and graphed to analyze the weekly trend, monthly, quarterly trend, or for a longer interval, as need be. The frequency of reporting will be different for different metrics. It should be possible to compare metrics at different points in time or across user groups, to be able to assess comparative progress or setback. Owned Every data governance metric needs an owner, who is held accountable for its outcome. Without establishing accountability, metrics would be meaningless, and not serve the purpose. Metrics should be reviewed and approved by the data owner and/or data stewards. The data owners and data stewards should be notified, if the metric value does not meet the threshold value. While the data owners are accountable for the metric in question, data stewards are responsible for remediation and corrective action. Accessible A data governance metric needs to be accessible, that is, it should be easily retrievable by the targeted audience. Accessibility might need be controlled as not all people should have access to a particular metric. For example, if the metrics contain sensitive information, only authorized persons should have access to them. As Ries wrote for the Harvard Business Review (Ries 2010), Key data should be available to any employee, anytime, in a matter of minutes.

Auditable A data governance metric should be auditable. Auditable means that it should be possible to examine and verify the metric. In order for a metric to be auditable, it should be easy to find and examine the source data, the metadata, and the calculations involved in producing the metric results. Metrics that can stand inspection result in greater trust and confidence.

174

6 Data Governance—Metrics

6.3 Data Governance Metrics—Health Check Often, the data governance teams do not realize that they are measuring the wrong metrics. Below are a few indicators that serve as warning signs, and tell you that you need to revisit and reevaluate your data governance metrics. • • • • • • • • • • • • • •

Metrics are difficult to measure and require a lot of effort. Metrics are ambiguous and misinterpreted by the stakeholders. Metrics collection is a time consuming and costly exercise. You have too many metrics, and you cannot figure out what is important, and if and how these metrics are linked. Measurements are either inaccurate or inconsistent, or the underlying data used to derive the metrics are inaccurate or inconsistent. Metrics involves complex calculations and are difficult to understand or use by stakeholders. While metrics do show progress, they are not aligned with the business goals or are not within the business context. Stakeholders cannot relate to the metrics. Absence of common understanding of a particular metric amongst the different stakeholders. There is no clarity as to how metrics are calculated. Metrics do not influence outcomes; that is, you cannot control the outcomes, as there is no action plan for improvement, if the metrics show a downwards trend. If you cannot drive any improvements, then there is no use measuring it. Metrics are not easily accessible. Metrics are not driving the intended action. Metrics are not linked to decision making.

6.4 Data Governance Metrics—Don’ts • Do not measure just for the sake of measuring. • Do not create a lot of metrics. • Do not have a metric without a benchmark or a threshold value defined and agreed with the stakeholders. • Do not underestimate the data extraction involved in the creation of metrics. • Do not use data that is not consistent to devise metrics. • Do not forget to have a record of the methodology to capture metrics.

6.5 Data Governance Metrics Identification and Selection An organization should outline the objectives and requirements for measuring and reporting on the statistics and progress of the data governance program. The data

6.5 Data Governance Metrics Identification and Selection

175

governance metrics should be identified based on the business goals you want to achieve, and the metrics should be agreed with the stakeholders, before implementing the data governance program. There are several methodogies that tie goal with metrics such as Goal Question Metric (GQM) and FAST Goals approach [adapted from the Function Analysis Systems Technique (FAST)], for alignment, prioritization and value (Basili et al. 1994; Siviy et al. 2008; Siviy; McAllister; Siviy and Ismail). The metrics identified should directly or indirectly be able to measure the health and progress of the data governance program. This is because you need to know where you are at, before implementing the data governance program, in order to define where you want to be, and what is the threshold for the metric—as in the minimum and/or maximum value the metric can have without adverse impacts. Hence, data governance metrics should be defined at the beginning of the data governance program. The data stewards who are subject matter experts and analysts with detailed knowledge of the data should generate ideas for quantitative and qualitative metrics. The data stewards can propose metrics to the data governance council. The data governance council should review and approve the metrics. Steps should be taken to ensure that all business units or departments in the organization have a common understanding of the metric. There should be documented standards for the metrics, which should be shared with the stakeholders to avoid confusion and misleading decisions arising from false assumptions. The threshold should be established for each metric in the approved list of metrics keeping in mind that business units or departments have different thresholds and weightings. Metrics should be captured and tracked regularly to review progress against the threshold. You need to analyze the gap, as in the difference between the actual value and the threshold value, perform root cause analysis to understand underlying causes, and accordingly outline an action plan consisting of a mix of tactical, strategic, corrective, preventive, short term, and long-term activities to attain the desired metric results. While the corrective activities are reactive and are used to resolve the problem after the occurrence, preventive actions are focused on preventing the problem from surfacing in the first place. Figure 6.3 shows the high-level steps involved in the data governance metric measurement. Six Sigma is a quality improvement technique that was adopted by Motorola in 1985, to improve its product quality and improve customer satisfaction. If we look at Fig. 6.3 carefully, then we can say that it very closely aligns with the Six Sigma DMAIC methodology that has 5 phases- define, measure, analyze, improve, and control. As the names suggest, the define phase involves defining the problem, the future desired state, and the dimensions for measurement (in this case metrics); the measure phase involves measuring the current state, and the gap between the current state and future state for the metrics defined in the define phase; the analyze phase involves using techniques like root cause analysis and pareto charts to analyze the gaps to understand and prioritize the causes of the problem, and propose recommendations and solutions; the improve phase involves implementing solution options; and the control phase involves implementing controls to sustain the solution, through monitoring and measurement, creating a cyclic process. If the controls are not effective,

Devise action plan

Get stakeholder agreement

Fig. 6.3 Data governance metric measurement—high level steps

Execute action plan

1

Identify metrics

Perform root cause analysis

Establish metric threshold

Analyse gap

NO

Does metric meet threshold requirements ?

Monitor and measure metric at regular intervals

1

YES

176 6 Data Governance—Metrics

6.5 Data Governance Metrics Identification and Selection

177

the root causes need to be investigated and addressed, with control improvement plans defined, agreed, and implemented. Once you have identified all the metrics, you would also need to establish the frequency with which you need to capture and monitor these metrics, and publish and store all the metrics in a secure and centralized repository, to track the progress with the metrics over an extended period of time and for audit purposes. If the metric trends downward and falls below the defined threshold, you would need to investigate and find the underlying causes and have action items to address the same. It is also important to identify which metrics contain confidential or sensitive information, and the audience who should be exposed to the metric, and who should be restricted from having access to the metric. The data governance metrics will continue to evolve as the data governance program gains momentum, evolves, and/or its scope changes. Metrics need to be reviewed from time to time for appropriateness and uniqueness, so that the metrics that are no longer needed, and the ones that are duplicate or similar, can be removed from the repository. A data governance program will have different components, and metrics need to be categorized and prioritized. Figure 6.4 shows the high-level steps in the maintenance of data governance metrics. When selecting a data governance metric, it is important to consider whether the metric covers a single business unit, multiple business units, or the entire organization, or parts of a process, or end to end processes. It is recommended to focus on the complete process rather than the parts of a process. When you choose data governance metrics, it is important to consider, whether the metric is addressing a high-risk area, Store all metrics in a secure repository

Deduplicate similar metrics

Review and analyse metrics

Categorize and prioritize metrics Fig. 6.4 Maintenance of data governance metrics

Remove metrics no longer relevant

178

6 Data Governance—Metrics

or is it related to compliance, or does it help measure the effectiveness of the data governance program. In other words, when you are choosing data governance metrics, it is important to ask and answer the question “so what?” For example, I may be measuring the percentage completeness of customer address records, but how is this helping me move closer or achieve my business goal? What business outcome is this metric driving? How will the change in the metric value impact the outcome, as in what is a negative trend and what is the positive trend? How do I convert the metric to a value statement or a language that my customer can relate to? Is the effort required to measure the metric worth the ROI or the benefits? Who is the metric audience? For example, percentage completeness of customer records may make sense to the data management team and the business executives who are close to the problem statement, but senior management would like to see the value in terms of cost savings or revenue generation or risk reduction and hence, you should have a conversion formula in place. Figure 6.5 summarizes some of these considerations. It is important to keep in mind, that “one size fits all” approach should not be applied to metrics selection; that is a set of metrics used to track data governance in one organization is most likely not going to suit another organization’s needs and situation.

What business outcomes will the metrics drive? What is the coverage of the metric?

Is the effort required to capture and monitor the metric worth ROI?

How do I convert the metric into a value statement?

Is the metric related to compliance?

Does the metric address a high risk area? Does the metric help measure the data governance program performance?

Fig. 6.5 Considerations when choosing data governance metrics

Who are the metric audience/ users?

6.6 Data Governance Metrics—Categories and Examples

179

6.6 Data Governance Metrics—Categories and Examples Data governance metrics can be classified into different group sets with an overlap of metrics between these categories as shown in Fig. 6.6. These group sets are as follows: • • • •

Quantitative and Qualitative. Progress, Verification, and Impact/Value. People, Process, Technology, and Data. Efficiency, Enablement, and Enforcement.

6.6.1 Quantitative and Qualitative Metrics These are two basic broad categories of data governance metrics based on objective versus subjective measurements as summarized in Fig. 6.7.

People Metrics

Process Metrics

Data Metrics

Technology Metrics

Efficiency Metrics

Enablement Metrics

Fig. 6.6 Data governance metric categorization

Enforcement Metrics

180

6 Data Governance—Metrics

Qualitative Metrics Example Metrics: • Customer loyalty • Customer satisfaction

Quantitative Metrics Example Metrics: • Decrease in cost of regulatory fines and penalties • Percentage of critical data elements that cannot be traced back to the source of origin

Fig. 6.7 Data governance quantitative and qualitative metrics with examples

6.6.1.1

Quantitative Metrics

Quantitative metrics are tangible, concrete, and objective measurements independent of individual judgement and standpoints, and can be expressed as numerical measures with a direct mapping between action and outcome. They are based on objective data and numbers, that is data that can be counted. Examples of quantitative metrics are hard savings and data centric metrics like savings in mailing cost as a result of deduplication of customer records, decrease in the cost of regulatory fines and penalties, the number of unauthorized modification or deletions of critical data residing in data repositories, and the percentage of critical data elements that cannot be traced back to the source of origin or where the source of origin is unknown.

6.6.1.2

Qualitative Metrics

Qualitative metrics are intangible, abstract, and subjective measurements based on individual judgment, standpoint, and/or anecdotal evidence that are used to measure the soft benefits. Qualitative metrics are separated from the data to a certain degree, and a direct relationship cannot be established between the action and the outcomes. They are based on intangible or subjective data. While quantitative metrics are transparent, auditable, and more credible as they are backed by data, not everything can be quantified, and qualitative measurements are the only feasible option in these scenarios. For example, customer loyalty, customer

6.6 Data Governance Metrics—Categories and Examples

181

Table 6.1 Quantitative and qualitative metrics—comparison Quantitative metrics

Qualitative metrics

Tangible

Intangible

Concrete

Abstract

Objective

Subjective

Independent of individual judgement and standpoint

Dependent on individual judgement and standpoint

Closely tied with data

Separated from the data by a certain degree

satisfaction, team collaboration, and expert judgment cannot be measured quantitatively, but through feedbacks or surveys. Likert scale is used to assign a score to the parameters. However, transparency, auditability, and credibility of qualitative metrics can be improved by using examples to support the assessment results and scores, clearly stating the assumptions and guidelines used to arrive at the scores and results, and highlighting the constraints and risks. Table 6.1 shows the comparisons between quantitative and qualitative metrics.

6.6.2 Progress, Verification, and Impact/Value Metrics There are three broad categories of metrics to measure the development of the data governance program—the extent to which the data governance program is functioning as per the design, the value being generated by the data governance program, the impact it is making, and the extent to which the data governance program is achieving business goals as summarized in Fig. 6.8. This metrics cate-

Progress Metrics Example Metrics: • Number of processes with RACI defined versus the targeted number of processes • Number of standards developed versus target [Talburt]

Verification Metrics Example Metrics: • Percentage of employees not compliant with policies and standards • Percentage of processes not compliant with policies and standards

Impact/Value Metrics Example Metrics: • Decrease in cost of regulatory fines and penalties • Customer retention rates

Fig. 6.8 Data governance progress, verification, and impact/value metrics with example metrics

182

6 Data Governance—Metrics

gory is in line with Jeannine Siviy’s FAST Goals approach which uses progress, technical/operational/quality, and success metrics (Siviy 2017).

6.6.2.1

Data Governance Progress Metrics

Data governance progress metrics track the development of the data governance program (Mahanti 2021), as in how much is accomplished when compared to a targeted value. Some examples include: • Number of domains that have data owners identified versus the targeted number of domains. • Number of standards developed versus target (as per Dr. John Talburt’s interview statement in Mahanti 2021). • Number of lines of business/functional areas/departments/system areas that have committed stewardship resources versus the targeted number of lines of business/functional areas/departments/system areas. • Number of processes with RACI defined versus the targeted number of processes. • Number of datasets/ data elements catalogued (as per Dr. John Talburt’s interview statement in Mahanti 2021). There may have been milestones that you have set at the beginning of the program, and you might want to see how you are tracking on these milestones at defined intervals.

6.6.2.2

Data Governance Verification Metrics

As stated by Dr. John Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners Inc., data governance verification metrics track the degree to which the data governance program is actually working as designed. “These are usually measured by policy and standards reviews and the degree to which they are enforced and adhered to. The extent to which employees and processes are compliant to policies and standards and deviations from the policies and standards is the key here. Examples of verification metrics would include the number or percentage of employees and processes not compliant with policies and standards (Mahanti 2021).” In Dr. John Talburt’s words, verification metrics are very much DG quality measurements in the sense that they measure the degree to which the data management processes conform to the DG policy and standards, just as data quality is the degree to which the data conform to the data quality requirements (Mahanti 2021).

6.6 Data Governance Metrics—Categories and Examples

6.6.2.3

183

Data Governance Impact/Value Metrics

Data governance impact/value metrics measure the value the data governance program is generating, the impact it is making, and the extent to which the data governance program is helpful in achieving business goals (Mahanti 2021). These are also known as validation or success metrics. The business goal should be tracked and measured (Mahanti 2021). As stated by Dr. John Talburt—“Validation metrics are some of the most important but the ones often left out.” Some examples of these metrics include: • Increase or decrease in customer attrition. • Customer retention rates. • Percentage increase or decrease in regulatory compliance (as per Dr. John Talburt’s interview statement in Mahanti 2021).

6.6.3 People, Process, Technology, and Data Metrics As data governance revolves around people, process, technology, and data, you should have quantitative and/or qualitative metrics to measure the progress and effect of data governance along each of these dimensions. Figure 6.9 summarizes these metrics. There is often a misconception as data governance is related to data, having a data centric metric is sufficient, but that is not the case. This is because data enables business, hence, people, processes, decisions, and interactions that the data is enabling, and the technology and systems that support the same also need to be taken into consideration when considering data governance metrics.

6.6.3.1

Data Governance People Metrics

Data governance people metrics provide a quantifiable measure of people activity or metrics that are people-centric in the implementation and progress of data governance, and the impact that data governance is making. The following quantitative people metrics can give an insight into the progress of data governance: • Number of data owners identified versus the number of data domains (Ladley; Henderson 2015). • Number of people trained on data governance. • Percentage of business departments actively involved in data governance, master data management, metadata management, and data quality management (Smith 2016). • Number of people trained as business data stewards by month, quarter, annually (Smith 2016).

184

6 Data Governance—Metrics Example Metrics • Number of people trained on data governance • Customer satisfaction index score

People

Example metrics Number of data sources consolidated • % of data validated at source •

Data

Technology

Example Metrics • % of critical data elements that cannot be traced to the source of origin • % of missing customer address data

Process Example metrics Number of standards and processes linked to a policy • % of processes with RACI defined

•

Fig. 6.9 Data governance metrics—people, process, technology, and data with example metrics

• Number of people that participate actively as business data stewards (Smith 2016). • Number of lines of business/functional areas/departments/system areas that have committed stewardship resources. While the above metrics may not exhibit business value, they will aid early stage data governance efforts, show progress and adoption to its sponsors, and battle cultural issues as they work to operationalize data governance. The above metrics can be also thought of as implementation metrics with people as metadata. The following qualitative people metrics can give an insight into the impact of data governance: • Increase or decrease in the customer satisfaction index score—via surveys. The following quantitative people metrics can give an insight into the impact of data governance: • Increase or decrease in customer attrition. • Customer retention rates. The following qualitative people metrics can provide an insight into the progress of data governance:

6.6 Data Governance Metrics—Categories and Examples

185

• DG/process adoption rate by business personnel—via a survey (Ladley, Henderson 2015). 6.6.3.2

Data Governance Process Metrics

Data governance results in the establishment and enforcement of policies, processes, standards, and rules. While policies outline the “do’s” and “don’ts” in the context of data related activities at a high level, data policies are implemented in the form of processes, standards, and rules that are embedded in the business as usual activities in the organization. These processes help achieve business objectives, and metrics related to these processes can quantify the impacts that can serve as data governance process metrics. Examples of data governance process metrics are as follows: • Number of approved and implemented standards, policies, and processes (Ladley; Henderson 2015). • Number of standards and processes linked to a policy. • Number of published data definitions (Ladley; Henderson 2015). • Number and percentage of data governance initiatives on track. • Number of projects governed. • Percentage of processes with RACI defined. • Rate at which critical data are defined (as per Laura Sebastian-Coleman’s interview statement in Mahanti 2021). • Number of external reference data for which a review and update process has been defined. • Number of data issues reported to data governance bodies or logged into the data issue register. • Number of data issues resolved. • Average time to resolve data issues. • Ratio of the number of data issues resolved to the number of data issues reported. • Percentage increase or decrease in regulatory compliance. • Percentage increase or decrease in security incidents. • Turnaround time for audit queries. • Number of failed data audits. While some of the above (the first nine) can serve to measure data governance adoption and progress, all the rest can be used to measure the impact or value.

186

6.6.3.3

6 Data Governance—Metrics

Data Governance Technology Metrics

Technology helps automate data governance processes and is an enabler of data governance. Data governance technology metrics measure the effectiveness of technology, and are related to technology components and applications. Examples of data governance technology metrics are as follows: • • • • • • • • • • • •

Number of data sources consolidated (Henderson 2015; Ladley). Number of data targets using mastered data (Henderson 2015; Ladley). Number of local spreadsheets used (Henderson 2015; Ladley). Number of data fields traceable from source to use (Henderson 2015). Number of unique identifiers (Henderson 2015; Ladley). Percentage of data validated at source (Henderson 2015). Number of business terms mapped to data entities and data elements (Henderson 2015; Ladley). Percentage completion of glossary (Henderson 2015; Ladley). Improved reporting efficiency. Percentage of storage space saved. Number of unauthorized data access incidents. Technical data debt: – Time/effort/resources/cost accumulated as a result of not implementing technical data solutions in the right way. – The number of data standard violations (for example, and number of critical data elements that do not have corresponding data definitions recorded in the data dictionary, and number of critical data elements which have incomplete definitions or definitions that do not make sense). – The number of technical debts retired.

6.6.3.4

Data Governance Data Metrics

An effective data governance program leads to improved data quality. Data metrics are operational metrics related to data issues, and usually revolve around the data quality dimensions. When related to data quality dimensions, they are also known as data quality metrics. Table 6.2 shows some of these metrics. The coverage of data quality metrics (as per Laura Sebastian-Coleman’s interview statement in Mahanti 2021) is also an important metric that can help gauge the extent of data whose quality is being assessed/ monitored. While the data quality metrics in Table 6.2 gives an indication of data quality, there is a need to convert these metrics into business outcomes to show the business value. Table 6.3 shows examples of business outcomes related to some of the data quality metrics discussed in Table 6.2.

6.6 Data Governance Metrics—Categories and Examples

187

Table 6.2 Data quality dimensions and metrics examples Data quality dimensions Example metrics Accuracy

• Percentage of incorrect address causing returns and reshipments and lost business and additional costs • Percentage of wrong email addresses resulting in missed opportunities due to bouncing of emails • Percentage of incorrect patient data resulting in wrong diagnosis

Completeness

• Percentage of deliveries impacted because of missing customer address data • Percentage of deliveries impacted because of missing product data • Percentage of missing email address resulting in lost opportunities • Percentage of critical data elements that have complete metadata

Consistency

• Percentage of inconsistent customer names across various data stores in the organization • Percentage of inconsistent addresses across various data stores in the organization • Percentage of data values that conforms to the code sets/domain values (Jena 2011)

Uniqueness/Duplication • • • • • •

Percentage of records having a unique primary key (Ajilitee 2011) Percentage of records having duplicate patient records Percentage of duplicate customer records Percentage of duplicate product inventory records Percentage of duplicate order records Percentage of duplicate liability records

Accessibility

• Percentage of critical data elements (CDE) identified by the DG Council that are available to business users (Ajilitee 2011) • Percentage of access request completed within the SLA defined by DG Council • Average time required to complete access request • Is the time required to complete access request improving? • How easy do the users find the access request process? • Difficulty/or ease of access of data by authorized personnel assessed via survey

Timeliness

• Time between when information is expected and when it is readily available for use (Jena 2011) • Percentage of time, data load completed as per SLAs (Jena 2011) • Percentage of time, a user’s queries returned results as per SLAs

Traceability

• Percentage of critical data elements that cannot be traced to the source of origin • Percentage of critical data elements that can only be partially traced back (that is, to an intermediate system)

While objective data quality dimensions (for example, completeness and duplication) can be measured quantitatively, subjective data quality dimensions (for example, trustworthiness and believability) can be measured qualitatively through surveys.

188

6 Data Governance—Metrics

Table 6.3 Business outcome related to data quality metrics Data quality metrics

Business outcome

Percentage of incorrect address records

Percentage of returned shipments Percentage of lost business Percentage of missed opportunities

Percentage of missing product data

Percentage of impacted sales

Percentage of wrong email addresses

Percentage of missed opportunities

Percentage of missing customer address data

Percentage of missed opportunities

Percentage of duplicate customer records

Number of multiple shipments Percentage of additional mailing cost

Percentage of duplicate product inventory data

Number of customer enquires Number of unfulfilled orders

Percentage of inaccurate product inventory data

Percentage of fulfilment errors Percentage of procurement errors

Percentage of duplicate liabilities records in a bank Percentage of customer risk profile not accurately reflected Percentage of inaccurate risk data

Risk exposure in currency units

6.6.4 Efficiency, Enablement, and Enforcement Metrics Mahesh Krishnan in his article for data governance for financial institutions groups data governance metrics into three broad categories as follows (Krishnan 2013) (see Fig. 6.10). • Efficiency metrics; • Enablement metrics; and • Enforcement metrics. 6.6.4.1

Efficiency Metrics

Metrics that illustrate how data governance programs help improve the effectiveness of your organization. Examples of efficiency metrics include: • • • • •

Percentage of customer attrition. Customer retention rates. Percentage reduction in time spent on manual adjustments and reconciliations. Data quality metrics. Data model quality metrics.

•

•

Percentage of critical data and processes with ownership Percentage of critical data elements with no lineage and traceability captured

Example Metrics:

DQ Metrics

•

•

Accuracy and timeliness of risk calculations and aggregations Percentage of conformance to data management standards

Example Metrics:

Enforcement Metrics

Efficiency Metrics

Enablement Metrics

Percentage of customer attrition Customer retention rates

Fig. 6.10 Data governance metrics—efficiency, enablement, and enforcement metrics with example metrics

• •

Example Metrics:

6.6 Data Governance Metrics—Categories and Examples 189

190

6.6.4.2

6 Data Governance—Metrics

Enablement Metrics

Metrics that illustrate what data governance program allows organizations to do now, that could not be done before. Examples of enablement metrics include: • • • •

Percentage of critical data and processes with ownership. Data quality metrics. Data model quality metrics. Percentage of critical data elements with no lineage and traceability captured.

6.6.4.3

Enforcement Metrics

These are the metrics that illustrate how a data governance program helps to impose corporate mandates and standards. Examples of enforcement metrics include: • • • • • •

Percentage of critical data elements with no lineage and traceability captured. Accuracy and timeliness of risk calculations and aggregations. Percentage of conformance to data management standards. Percentage of critical data and processes with ownership. Data quality metrics. Data model quality metrics.

As we see there is an overlap, with data quality metrics and data model quality metrics serving as efficiency, enablement and enforcement metrics. In addition to the above examples of data governance metrics discussed, data governance maturity is a metric that gives an insight into the maturity of data governance in an organization, and is usually a subjective assessment carried out using a questionnaire approach. The data governance maturity models have been discussed in Chap. 4, and can be used as a guide to track progress. When an organization decides to implement data governance, it assesses its current maturity, and establishes a roadmap to achieve the targeted maturity in a particular time frame. For example, an organization currently at maturity level 2 aspires to achieve maturity level 3 in 1-year time and maturity level 4 in 2 years’ time from the current date. The data governance maturity progress by levels should be tracked for each succeeding year. There is an overlap between the different metric categories. For example, a process metric can also be an impact/value/success metric. Percentage increase or decrease in regulatory compliance is a process metric as well as impact/value metric. Customer retention rates is a quantitative people metric, an impact/value metric, as well as an efficiency metric. With customer centric metrics, organizations need to be clear as to the definition of the customer. For example, customer can be an internal stakeholder, a business user or an external customer. Also, it is important to conduct a root cause analysis

6.6 Data Governance Metrics—Categories and Examples

191

to understand the extent, data contributes to customer centric issues and role data governance plays in resolving those issues and achieving better customer outcomes. For example, a customer survey revealed low customer satisfaction due to delayed deliveries and bad quality products. 75% of the dissatisfied customers cited delayed deliveries whereas 25% cited bad quality products. Root cause analysis revealed the following: • Bad quality product was a result of a manufacturing problem and not related to data. • Majority of delayed deliveries were caused due to data issues (for example, outdated or missing address data) and the rest were caused due to issues external to the organization (for example, shipments lost in transit or delayed by customs). Implementing data governance and data quality initiatives to resolve address data quality issues would typically result in improved address data quality that could be tracked through data quality metrics, which in turn would lead to improved customer satisfaction. This section provides a large number of metrics. Depending on the focus of an organization’s data governance program and business requirements related to the data assets, the relevant metrics need to tracked. Some metrics will not be relevant for a given scenario. For example, if the compliance is the data governance program driver, customer attrition and retention metrics will not be relevant.

6.7 Data Governance Metric Documentation It is important to document the details related to data governance metrics. Table 6.4 shows the parameters that should be documented, reviewed, and approved by the relevant stakeholders. Any changes to the data governance metric parameters should be agreed upon amongst the stakeholders, and updated in the data governance metric documentation, so that it is up-to-date. For example, if a decision is made to change the data governance metric measurement frequency and the metric formula, the data governance metric documentation should be revised to reflect the same, after all stakeholders have agreed upon it.

6.8 Dashboard and Scorecards A picture is worth a thousand words.

It is important to give a relevant and compelling view of the data to the top management and stakeholders to communicate the metrics and progress of data governance in an effective manner.

192

6 Data Governance—Metrics

Table 6.4 Data governance metric documentation elements and description Data governance metrics documentation elements

Description

Data governance metric name

An expressive name for the data governance metric that is self-explanatory and articulates what is being measured

Objective

What is the purpose of the measurement of this metric?

Frequency of measure

How frequently do you want to report on this metric? For example, daily, weekly, fortnightly, monthly, quarterly, and so on

Unit of measurement

For example, count, percentage, or dollar value

Threshold value

The minimum and/or maximum acceptable level in terms of the unit of measurement, whichever is applicable

Responsible

The role/position in the organization responsible for the specific data governance metric

Accountable

The role/position in the organization accountable for the specific data governance metric

Metric calculation process/steps

The steps or business rules involved in the calculation of the data governance metric

Quality controls

Quality controls applied to ensure the quality of the underlying data used to derive the metric

Metric formula

The mathematical formula that is used to calculate the specific data governance metric

Hierarchies

The different dimensions or hierarchies that are used as slicing and dicing measure. For example, sales by region, state, and/or country

Assumptions

Any assumptions related to the specific data governance metric

Reference

Link to other related documentation for example, data lineage across systems, data model, and data mapping documents

Additional comments

Any additional notes that need to be documented and do not fall into any of the above categories

Dashboards and scorecards can be used to measure, monitor and report the progress of an organization’s data governance program to the data governance stakeholders at periodic intervals, for example, quarterly or bi-annually. A dashboard is a visual representation tool that visually tracks, analyses, consolidates, and displays metrics and key data points in a way, that is easy for the end user to understand and use. It can help monitor the progress and effectiveness of data governance in your organization. Dashboards are interactive and have filtering, drilldown functionalities, and show different slices and dices of data that can improve decision making.

6.8 Dashboard and Scorecards

193

Dashboards is a presentation layer that gives the summarized view and drill down facilities allow you to drill down into the greater level of details and more granular data. They are customizable to meet the explicit needs of a department and organization. For example, you might design a dashboard to report on the data quality metrics say for instance completeness of key data entities, such as customer or product, and provide drill down facility to go to the data element level of each entity. While dashboards and scorecards are sometimes used interchangeably, a scorecard is a tabular visualization of the measures and their respective targets with visual indicators, to see how each measure is performing against their targets at a glance (Chiang 2011). Scorecards typically consist of several characteristics in the form of 8 to 15 questions, answers to these questions, and scores assigned to the answers. Generally, the greater the score, the lesser is the risk. Scorecards keep a tally of the score against the target. They provide a snapshot of performance, but they do not explain the reasons that led to the final score. This is the purpose of a dashboard. While a dashboard displays several metrics, it does not intrinsically tell the user whether the results are positive or negative; this is left up to the user’s own interpretation of the data. Dashboards offer attractive charts and graphs on the status of data compliance (Sarsfield 2009). There are a number of dashboard platform options as shown in Fig. 6.11. Depending on the functional and non-functional requirements, budget, and tool capabilities, you can choose an option that best suits your business needs, to automate reporting the progress and impacts of data governance. There are a number of dashboard vendors in the market, for example, Tableau, QlikView, IBM, DataFlux, Informatica, and Trillium Software. Dashboard development is a project in itself, and once the appropriate tool and technology for dashboard have been identified, the data stewards, SMEs, and IT need to work together to develop the dashboards with a project manager overseeing the project, the data

Microsoft Office Suite Vendor tools

Custom built tools

• Excel • PowerPoint • Word • Tableau, Informatica • QlikView, IBM • Business Objects • Customizable • Better detail • Better access control and security

Fig. 6.11 Dashboard platform options. Adapted from Rajan and Hertzler (2017)

194

6 Data Governance—Metrics

stewards and SMEs providing the business requirements, and the IT teams converting them into technical requirements, and building the dashboards. Dashboards generally display a set of metrics and demonstrate patterns and trends for these metrics using technology and data, which in turn provides an insight into the risks and opportunities that aid decision making. However, constructing an effective dashboard does not inherently come from technology only. It is important to locate the right data, understand the key data characteristics, define the most effective means for visualizing the results in the form of summarization and correlation, trends, and implications, defining business rules for computing the dashboard metrics, and lastly designing a captivating layout in which to present the content to the audience. The dashboards results need to be communicated, distributed, and monitored, and if a metric does not satisfy the threshold, then the underlying causes need to be investigated, and an action plan consisting of corrective action needs to be devised and implemented. As highlighted by Christopher Butler, Chief Data Officer, HSBC, UK in his interview statement (Mahanti 2021)—“…The information, dashboards, and processes must all fit within a holistic environment and be adapted to demonstrate value.” When asked about how the effectiveness of a data governance program is measured, Tony Epler, Chief Data Strategist, PricewaterhouseCoopers states the following (Mahanti 2021): Like many organizations, we believe that programs, projects, and initiatives cannot be effectively managed unless they are measured. Consequently, we rigorously develop, assign, and track metrics and KPIs for all of our data governance actions and activities. We communicate these through dashboards built on high-end data visualization techniques and technologies. These dashboards are used internally by the CDO staff to manage the projects and initiatives. They are also accessed by the C-suite and executive staff to monitor and demonstrate ROI, organizational success, and compliance with overall firm strategy and business objectives.

6.9 Concluding Thoughts Governance requires more than merely having policies, processes, standards, rules, procedures, and establishing roles and responsibilities. Effective governance also requires enforcement of the policies, processes, standards, and rules. Metrics provide checkpoints along the data governance implementation to ensure that the processes that have been defined in theory are effective in practice too. Metrics also help in making mid-course corrections for making improvements to the existing data governance model. If metrics are not measured, then it is unlikely that you will discover what is not working and hence, be unable to limit potential adverse outcomes by making adjustments or improvements. Metrics create a culture of transparency and accountability. The right combination of quantitative and qualitative metrics, and relating them to business outcomes can help gain continued executive support for your data governance program. However, identifying, prioritizing, tracking, reporting metrics,

6.9 Concluding Thoughts

195

and creating dashboards is a time taking endeavor, and requires management and financial support. While data governance programs with no metrics to track value and progress are generally doomed for failure, as you do not know where you are at with your data governance implementation, having too many metrics can be overwhelming, and obscure the important ones and not set you up for success. You should also be careful to not select vanity metrics that sound and look nice, but add little value. When it comes to metrics, Scott M. Graffius statement applies – If you don’t collect any metrics, you’re flying blind. If you collect and focus on too many, they may be obstructing your field of view.

There is no fixed number that defines the right number of metrics, or too few, or too many metrics. Organizations differ and one organization’s business needs, objectives, culture, action plan, and business drivers for data governance is most likely to differ from another organization’s; hence, the metrics themselves and the approximate number of metrics that are suitable for one organization for measuring, tracking, and improving data governance, and demonstrating value may not be suitable for another organization. While sample metrics are extremely useful, and can serve as a reference for organizations venturing into the world of data governance, metrics may have to be customized or completely new ones may have to be established to deal with an organization’s unique situation, business needs, and objectives. Also, metric creation and selection is not a one-off process; it is repetitive and needs to be monitored and reviewed. As an organization’s business objectives change, its data governance program will also need to evolve, requiring metrics to be re-assessed and revised, retired, or even result in the creation of new metrics. The combined set of metrics that you choose when implementing data governance should create a balanced focus and direction, while aligning to your desired end objectives defined in your business case.

References Ajilitee (2011) Ultimate guide to data governance metrics for health payers. Last accessed 1 June 2018. https://www.ajilitee.com/wp-content/uploads/2011/11/Ultimate-Guide-to-Data-Gov ernance-Metrics-for-Health-Payers-Ajilitee-November-2011.pdf Basili V, Caldiera VR, Rombach HD (1994) The goal question metric approach. Last accessed on 10 June 2019 from http://www.cs.umd.edu/~mvz/handouts/gqm.pdf Chiang Alexander ‘Sandy’ (2011) What is a dashboard? Dashboard in sight. Last accessed 1 Jun, 2018. http://www.dashboardinsight.com/articles/digital-dashboards/fundamentals/what-is-a-das hboard.aspx Dennis AL (2017) Data governance program effectiveness by the numbers. Last accessed on 26 Dec 2018 from http://www.dataversity.net/data-governance-program-effectiveness-numbers/ Henderson L (2015) 35 metrics you should use to monitor data governance. DataFloq. Last accessed 1 Jan 2019. https://datafloq.com/read/35-metrics-monitor-data-governance/1601

196

6 Data Governance—Metrics

Jena D (2011) The need for data governance metrics to measure success. Launch Point Blog. https:// launchpointcorporation.com/the-need-for-metrics-based-data-governance/ Krishnan M (2013) Data governance for financial institutions. Capgemini. https://www.capgemini. com/wp-content/uploads/2017/07/data_governance_for_financial_institutions.pdf Mahanti R (2021) Data governance and compliance, Springer Books, Springer, number 978-98133-6877-4 McAllister Chad TEI 293: FAST Goals for better aligned product projects—with Jeannine Siviy. The Everyday Innovator Podcast, Last accessed Jan 1, 2021. https://productinnovationeducators. com/blog/tei-293-fast-goals-for-better-aligned-product-projects-with-jeannine-siviy/ O’Neal K (2017) Measuring data governance- progress vs. real impact, enterprise data governance online, First San Francisco Partners, DataGovernanceOnline.com Ries E (2010) Entrepreneurs: beware of vanity metrics. Harvard Business Review. Last accessed on 18 Sept 2019 from https://hbr.org/2010/02/entrepreneurs-beware-of-vanity-metrics Rajan S, Hertzler M (2017) Developing program metrics to demonstrate IG maturity. KPMG. Last accessed on 27 Dec 2018 from http://armagg.org/images/downloads/2017_Presentations/ kpmg_pge_sf_arma_presentation_on_ig_metrics___nov_15_2017_rajan_and_hert....pdf Sarsfield S (2009) The data governance imperative, it governance ltd, ISBN: 1849280126 9781849280129 Siviy J, Ismail N, What is your strategy? The FAST Goals© Methodology. SDLC Partners Insight Siviy J, Kirwan P, Marino L, Morley J (2008) Strategic technology selection and classification in multimodel environments. White Paper, Copyright 2008 Carnegie Mellon University Siviy J (2017) Healthcare solutions: innovation vs. efficiency. SDLC Webinar Smith A-M (2016) Identifying business value for data governance and data stewardship. EW Solutions. Last accessed 1 Jun 2018. https://www.ewsolutions.com/identifying-business-value-datagovernance-data-stewardship/ TechTarget and RSD. Information governance strategy: Developing a roadmap and structure for improving corporate information management, SearchContentManagement.com E-Book, TechTarget. Last accessed on 22 Dec 2018. Information governance strategy: http://docs.media. bitpipe.com/io_25x/io_25448/item_394579/RSD_sContentManagement_SO%23033718_EBook_053111.pdf Willcocks L, Lester S (1996) Beyond the IT productivity paradox. Eur Manage J 14(3):279–290. https://EconPapers.repec.org/RePEc:eee:eurman:v:14:y:1996:i:3:p:279-290

Chapter 7

Data Governance Success—Concluding Thoughts and the Way Forward

If you can’t fly then run, if you can’t run then walk, if you can’t walk then crawl, but whatever you do you have to keep moving forward. —Martin Luther King Jr.

Abstract Data governance is transpiring as a key success factor in not only data centric organizations such as finance and professional services, but also in organizations that seem to be less data centric, such as manufacturing and utilities. This is because data is important in every organization irrespective of the industry sector, and data governance ensures that data is treated as an asset. This chapter discusses data governance as a key success factor and the various aspects of data governance success in a nutshell.

7.1 Data Governance—A Success Factor Data governance is transpiring as a key success factor in not only data centric organizations such as finance and professional services, but also in organizations that seem to be less data centric, such as manufacturing and utilities. This is because data is important in every organization irrespective of the industry sector, and data governance ensures that data is treated as an asset. As reinforced by Christopher Butler, CDO, HSBC, UK and George Firican, Director of Data Governance & Business Intelligence at UBC DAE and Founder of www.lightsondata.com. Christopher Butler: “The one thing for certain is that data will become more and more important as a differentiator for businesses going forward. Data governance is at the heart of whether an organization will be in a position to benefit from its data.” George Firican: “Data is an important asset and always needs to be treated and managed as such. Data governance programs are essential in managing this asset. After all, the engine for economic growth is no longer fueled by gasoline but more and more by data.”

© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4_7

197

198

7 Data Governance Success—Concluding …

However, many organizations still fail to realize the strategic value of data and hence, also fail to realize the value of investing in data governance. A key to overcoming this challenge is to map the corporate objectives to the underlying data in the organization, and outline the data requirements to meet these corporate objectives. It is important to assess the current state of data and data governance, outline the future state, craft a solid business case for data governance, and create a data strategy and data governance strategy to ensure executive buy-in of data governance implementation.

7.2 Data Governance in a Page Figure 7.1 shows various aspects of data governance and the relations between these aspects in a page. Data governance objectives is driven by the business objectives. Business drivers for data governance vary from organization to organization, which in turn drive the data governance approach. However, business driver is not the only factor that drives data governance approach, which consists of people, process, and technology components. Data governance approach needs to be tailored depending on characteristics such as organization size, industry sector, geography, organizational goals, business strategy, business drivers, context, scope, organizational structures, organizational hierarchies, interactions between different organization teams and groups including IT and business, data management challenges and opportunities, data landscape with varying complexities and data volumes, organizational culture, maturity levels, and circumstances. Hence, the data governance approach is not a “one size fits all” approach, and needs to be tailored for the specific organization. Essentially the people, process, and tools and technology components, need to be tailored to the specific needs of the organization. It is important to understand the current state, determine the future state, and do a gap analysis to understand what needs to be done to jump from a lower level of data governance maturity to a higher level of data governance maturity in line with satisfying the organization’s strategic business objectives. Data governance along with other data management functions and initiatives have an enterprise wide impact. Data governance ties together other data management functions and initiatives such as data architecture management, data modeling and design, data quality management (DQM), data security management, data warehousing and business intelligence (BI) management, data integration and interoperability (DII), document and content management, metadata management, reference data management, master data management, data storage and operations, and big data, data lake and data analytics (Mahanti, 2021b) as shown in Fig. 7.1. While data governance drivers such as compliance, reputation management, improving customer satisfaction, better decision making, improving data quality, data security, data privacy, data analytics, big data, improving operational efficiency, revenue growth, mergers and acquisitions (M&A), partnering and outsourcing drive

Gap Analysis DG Current Lowest BLOCK Maturity OR SLOW

DG Future

Highest Maturity

Fig. 7.1 Data governance in a page

DG Challenges

DG Business Case • Cost • Value • Risk

DATA & DATA GOVERNANCE STRATEGY

DG drivers

Leads to

DG Approach

Data management functions and initiatives

Ties together

enables

DG key factors

DG benefits

7.2 Data Governance in a Page 199

DG results in

200

7 Data Governance Success—Concluding …

data governance implementation in an organization, data governance challenges such as lack of executive and organizational support, resourcing issues, difficulty in getting executive buy-in, resistance to change and change obstacles, organizational conflicts and politics, and various false notions around data governance blocks and/or slows down a data governance program. It is an unpredictable, competitive and digitized world with rapid changes and numerous external phenomenon that are out human control, that change the status quo. Data governance is an enterprise wide program which is very relevant in the high stakes environment that organizations operate, but needs to be carefully planned to reap benefits. A number of factors enable the data governance program and drive its successful implementation in an organization. These factors include leadership and management commitment and alignment, strong executive sponsorship, strategy and business case, adequate training and education, organizational change management, communication and collaboration, skill sets, knowledge and abilities, DG framework, incremental approach to data governance, and DG tools and technology. Successful implementation of data governance in organizations results in a number benefits such as increased operational efficiency, improved data understanding, improved data lineage, better decision making, and greater data quality, increased confidence in the data, improved risk mitigation, and cost savings.

7.3 Evaluating Data Governance—The Journey Ahead With respect to data governance, an organization can have one of the following scenarios1. 2.

An organization does not have formal data governance in place. An organization has formal data governance in place, but are uncertain of the efficiency or benefit.

In the first scenario, an organization that does not have formal data governance, may still be governing data to some extent informally. In both the scenarios, it is important to understand what business objectives data governance is expected to meet, and the data governance maturity. In the first scenario, the organization will embark on a formal data governance journey based on the business drivers of data governance and what needs to be done to attain the future state; whereas in the second scenario, the organization would need to evaluate the data governance metrics too, in order to assess the DG effectiveness and then adjust its current data governance direction if needed. Data governance is a long journey and needs lots of patience, careful planning, definition and enforcement of roles and responsibilities, processes, and metrics to define progress and success. Organizations have struggled to implement data governance in the past, mostly because of DG challenges, DG misconceptions, limited understanding of the risks associated with data in organizations, and a lack of knowledge and understanding of

7.3 Evaluating Data Governance–The Journey Ahead

201

the key factors in the successful implementation of data governance. However, data governance is maturing. I will conclude this book and this series with the following statement of Dr. John R. Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners Inc. (Mahanti 2021a): Data governance is clearly growing in adoption and maturing in practice… The first adopters usually had to make 2, or even 3, attempts before seeing any success. However, like any new paradigm it takes time to iron out the wrinkles. As more and more organizations implement DG and share their “lessons learned,” DG practice is improving and success rates are increasing. We now have good models to follow. It is still a very difficult undertaking but I see things beginning to get better with fewer failures and restarts.

References Mahanti R (2021a) Data governance and compliance, Springer Books, Springer, ISBN 978-98133-6877-4 Mahanti R (2021b) Data governance and data management, Springer Books, Springer, ISBN 978981-16-3583-0

Appendix A

Glossary of Terms

Chief data officer (CDO) The chief data officer (CDO) is a C-level role to transform the organization into a data driven organization, with overall accountability for data as an enterprise asset. Dashboard A dashboard is a visual representation tool that visually tracks, analyses, consolidates, and displays metrics and key data points in a way, that is easy for the end-user to understand and use, and can help monitor the progress and effectiveness of data governance in your organization. Data governance Data governance is the exercise and enforcement of policies, processes, guidelines, rules, standards, metrics, controls, decision rights, roles, responsibilities, and accountabilities to manage data as a strategic enterprise asset. Data governance framework The data governance framework is a structure that is designed so that the organizations can reactively as well as proactively capture and manage data, and also manage the interactions between different data stakeholders, to ensure that the data is fit for purpose and meets the need of all the data stakeholders. Data governance maturity Data governance maturity relates to the sophistication of processes and structures to oversee the management of data, and moves from ungoverned data to governed data with the increasing levels of maturity. Data governance maturity is a metric that gives an insight into the maturity of data governance in an organization.

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4

203

204

Appendix A: Glossary of Terms

Data governance maturity assessment Data governance maturity assessment is an exercise that you need to carry out in order to be able to benchmark your capabilities in the current state, determine the current maturity of your organization’s data governance program by establishing a maturity level, and establish what level you want to achieve for each of the dimensions. Data governance operating model Data governance operating model is the mechanism used by the board and management to translate the elements of the data governance framework and data policies into practices, procedures, and job responsibilities within the data governance infrastructure. Data governance strategy The data governance strategy defines the objectives and desired outcomes of the data governance program, the scope of the data governance program, the stakeholders, and the roadmap. Data ownership Data ownership is accepting responsibility for the data, taking control, and making decisions regarding how data is managed, shared, transformed, accessed, and used. Data stewards The data stewards are individuals responsible for the day to day management of data sets in their specific business units or as per their assigned processes. Data stewardship Data stewardship is the operational facet of a data governance program that involves the actual routine work of governing the enterprise’s data (Plotkin 2013). Data strategy Data strategy is the vision and actionable foundation for the organization’s ability to harness data-related or data-dependent capability that helps achieve the strategic objectives of the organization. Metric A metric refers to a standard for measuring something, and creates a culture of transparency and accountability. Metric threshold value Threshold value for a metric is the minimum or maximum acceptable value the metric can have without adverse impacts. Reference 1.

Plotkin D (2013) Data stewardship, Elsevier Science Publication

Appendix B

Data Governance—Perceptions Versus Realities

Your perception of the world around you is not necessarily the same as what is actually occurring. —Peter Ralston

When embarking on a data governance program, you will encounter a rocky road embedded with both real problems and perceived problems (perceptions). We have discussed these in the different chapters of this book. It is important to be able to distinguish between the real problems and the virtual problems to steer the data governance program in the right direction. To clarify some of the confusing and conflicting points of understanding on data governance, we have provided a summarized version of the prevalent perceptions around data governance alongside an explanation of the facts and realities in the Table B.1, to provide clarification, better understanding, and guide the reader to make the right decisions when pursuing a data governance program.

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4

205

206

Appendix B: Data Governance—Perceptions Versus Realities

Table B.1 Data governance perceptions versus the realities Perception ID

Perception

Reality

1

Responsibility for data governance lies with IT

Data governance is a shared responsibility

2

Data governance is restricting

Good data governance must balance security, protection, accessibility, and enablement

3

Data governance is a project/data governance is an IT project

Data governance is an ongoing process, whose life is as long as the business is running, and technology is supported to run that business

4

Technology alone can drive data governance outcomes

Tools play the role of an enabler and facilitator in data governance, and require active participation of human resources

5

“Data governance” is a synonym for “records management”

Records management is a key component of data governance

6

Data governance is about data storage Data governance is about setting rules, in a central repository standards, policies, and processes to oversee the management of data in the central repository

7

Data governance is metadata management

Data governance uses metadata management to force management and discipline on the collection and control of data

8

Data governance is all about compliance

While compliance is a trigger for data governance, data governance results in increased operational efficiency, improved data understanding and lineage, better decision making, and greater data quality

9

Data governance is only about data privacy

Data privacy is one of the focus areas of data governance

10

Data governance is about documented policies

Documented policies are a part of data governance

11

Data governance is siloed by business Data governance is an enterprise wide units or departments initiative and should not be siloed, as data is enterprise asset, and can be shared by multiple departments or business units (continued)

Appendix B: Data Governance—Perceptions Versus Realities

207

Table B.1 (continued) Perception ID

Perception

12

Data governance is a published Published repository of common data repository of common data definitions definitions is one component of data governance

Reality

13

Data governance is the same as data quality

Better quality data is a key desired result from the implementation of data governance policies and processes, whereas data governance is the comprehensive, strategic, and corporate vision of recognizing and managing data as a valued corporate asset

14

Data governance is the same as data management

Data governance is the policy-making, process, and standards framework for enterprise data while data management involves the execution of those data policies, processes, and standards set by the organization

15

Data governance is the same as master data management

Master data management requires the integration of data governance throughout the initiative

16

Data governance is the same as change management

Change management is a crucial element in the successful implementation of data governance

17

Data governance does not work in small organizations/ data governance only works for large organizations

Data governance can be tailored to be implemented satisfactorily in organizations, irrespective of the size

18

Data governance is simple and straightforward to implement

Data governance implementation involves many business areas and departments including people, process, and technology, and involves significant changes

19

Data governance can be done big bang

Data governance is a time taking endeavor, and should be done incrementally

20

Data governance is the same as data stewardship

Data governance is mostly about strategy, roles, organization, and policies, while data stewardship is all about execution and operationalization

21

The data governance office are the data stewards

The data governance office (DGO) headed by the chief data officer (CDO) is a support team that facilitates and co-ordinates activities of the various data stakeholders such as business data stewards, technical data stewards, data owners, and working groups/committees in a data governance program

Appendix C

Bibliography

Some books are to be tasted, others to be swallowed, and some few to be chewed and digested; that is, some books are to be read only in parts; others to be read, but not curiously; and some few are to be read wholly, and with diligence and attention. — Francis Bacon, The Essays

1. 2. 3.

4. 5. 6. 7. 8.

Bhansali N (2013) Data governance: creating value from information assets. CRC Press DAMA International (2017) DAMA-DMBOK: data management body of knowledge (2nd ed). Technics Publication Ladley J (2012) Data governance: how to design, deploy and sustain an effective data governance program (The Morgan Kaufmann Series on Business Intelligence) 1st edn, Paperback ISBN: 9780124158290 Mahanti R (2019) Data quality: dimensions, measurement, strategy, management and governance. Quality Press, ASQ, ISBN:9780873899772 Mahanti R (2021a) Data governance and data management, Springer Books, Springer, ISBN: 9789811635823 Mahanti R (2021b) Data governance and compliance, Springer Books, Springer, ISBN: 9789813368774 Robert S (2014) Seiner, 2014. Technics Publications, Non-Invasive Data Governance Sebastian-Coleman L (2018) Navigating the Labyrinth. Technics Publications

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4

209

Index

A Activity matrix, 139 Amitech, 8 Analise Polsky, 144 Analytics, 3 Andres Perez, 19, 30, 36, 45, 57, 143 Anne Marie Smith, 144, 149 Aristotle, 62 Ashish Haruray, 17

B Becky Metivier, 150 Benchmarking tool, 117 Big bang, 26, 27 Big bang approach, 39 Big data, 2 Business case, 84 Business glossary, 159 Business involvement, 15

C Cannae, 74 Capability Maturity Model.. See also CMM model Carnegie Mellon University, 102 CDO role, 93 Change, 19, 28 Change management, 26, 43, 44 Change management models, 45 Change obstacles, 19 Chief data office, 91 Chief Data Officer (CDO), 91–94 Chief Information Officer (CIO), 92 Christopher Butler, 8, 94, 194, 197

C. Lwanga Yonke, 43 CMM model. See Capability Maturity Model Collaboration challenges, 14 Communication and collaboration, 50 Communication plan, 50, 52, 57 Communication strategy and plan, 50 Complex data landscape, 14 Complexity of the data landscape, 10 Compliance, 3, 24, 49, 61, 164 GDPR, 136 Conflicting requirements, 58, 59 Connotations, 16 Controls, 21 Corporate objectives, 68, 75–77 Corporate strategy, 68, 69, 75, 76 Cost, 86 Cost buckets, 86 Cost estimation, 86 Costs and budgets, 18 Critical assets, 76 Critical data, 8, 13 Critical data domains, 88, 89 Critical data elements, 13, 88–90 Critical data sets, 88, 89 Cross-functional, 38 Crowdsourcing, 164 Cultural changes, 19, 43, 124 Culture, 13, 31, 42–44 Culture change, 19, 43 Current state, 72 CVS Health, 19, 20, 43, 169

D Daniell, 72

© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 R. Mahanti, Data Governance Success, https://doi.org/10.1007/978-981-16-5086-4

211

212 Dan Power, 16, 30, 142 Dashboard, 192–194 Dashboards and scorecards, 192 Dashboard vendors, 193 Data, 3, 67, 76, 168, 197 Data access, 153, 154 Data architecture—data access and security, 122 maturity, 122 Data architecture and modeling, 2 Data centric, 197 Data compliance, 121 maturity, 121 Data consumer, 135 Data custodians, 136 Data domain, 88 Data driven culture, 31 Data facilitator, 136 Data governance, 1, 3, 5, 7, 8, 13–15, 21, 22, 24, 28, 30, 31, 35–37, 41, 43, 50, 59, 68, 69, 78, 93, 127, 149, 197, 200, 203 benefits, 200 challenges, 200 drivers, 198 high level components, 133 impacts, 129 interactions and relationships, 133 scenarios, 200 Data governance and change management, 25 Data governance business case, 82, 83 Data governance capabilities, 88 Data governance challenges and barriers, 11 Data governance communication plan, 50 Data governance council, 137 Data governance failures, 7 Data governance framework, 36, 131, 132 DGI data governance framework components, 132 factors to consider, 131 Data governance implementation one size fits all approach, 198 Data governance in a page, 199 Data Governance Institute, The, 50, 132 Data governance key factors model, 29 Data governance maturity, 100, 120, 190, 198. See also DG maturity Data governance maturity assessment, 70, 119, 125 example, 123 Data governance maturity levels, 72

Index Data governance maturity models, 70, 81, 102, 116, 125 DataFlux, 105, 106 dimensions, 118, 120 IBM, 105, 116 Data governance council maturity model, 116 Informatica, 105, 113 Kalido, 104, 105 metamodel, 102 elements, 102 Microsoft, 105, 108 Oracle, 105, 115 Data governance metrics, 168, 175, 177 Data governance metrics – health check, 174 Data governance model, 42 Data Governance Office (DGO), 27, 139 Data governance lead, 139 structure, 139 Data governance operating models, 36, 55, 160 definition, 160 factors to consider, 160 types, 161 Centralized model, 162 Crowdsourced model, 164 Decentralized model, 163 Federated model, 163 Hybrid model, 163 Top down model, 161 Data governance or information governance, 16 Data governance people metrics, 183 Data governance perceptions, 21 Data governance pilot, 90 Data governance policies, 37 Data governance process metrics, 185 Data governance progress metrics, 182 Data governance roadmap, 87, 88 Data governance roles, 58 Data governance semantics, 16 Data governance stakeholders, 168 Data governance steering committee, 81 Data governance strategy, 33, 34, 68, 79–81 Data governance strategy creation, 81 Data governance strategy map, 81 Data governance strategy – the five Ws and how, 80 Data governance success key factors, 200 Data Governance Success: Growing and Sustaining Data Governance, xiii Data governance technology metrics, 186

Index Data governance tools, 38 Data governance verification metrics, 182 Data Influencer, 136 Data integration, 2, 155 Data lakes, 2 Data landscape, 10, 13, 144 Data life cycle, 156 Data management, 1, 21, 28 Data Management Association, 90 Data management discipline, 1 Data management functions, 198 Data management related misconceptions, 27 Data mapping documents, 13 Data metrics, 186 Data models, 13 Data owners, 58, 135 Data ownership, 121, 140, 141 data owners, 141 definition, 141 maturity, 121 Data owner versus data steward, 143 Data policies, 149, 150 data access policies, 153, 154 data classification policy, 153 data governance structure policy, 153 data integration policy, 155 data quality policy, 155 data records management policy, 155 data retention policy, 154 data usage policy, 154 maturity, 120 Data privacy, 24 Data producer, 133, 135 Data Protection Officer, 136 Data publisher, 133, 135 Data quality discipline, 122 DQ Issue log, 124 maturity, 122 Data quality dimensions and metrics, 187 Data quality metrics, 186 Data revolution, 91 Data Savvy Manager, 136 Data shadow systems, 13 Data silos, 14, 15 Data stakeholders, 131 Data standards, 159 examples, 159 maturity, 120 standardization of addresses, 159 Data steward and the data owner, 148 Data stewards, 14, 135, 137, 142–144

213 number of data stewards, 142, 146 Data stewards and data custodians, 136 Data stewardship, 27, 41, 142–144 definition, 121 failure, 143, 144 maturity, 121 Data stewardship and data governance, 27 Data Stewardship Council, 137 Data stewardship models, 145 Data steward by business process model, 146 Data steward by function model, 146 Data steward by project model, 147 Data steward by subject area model, 145 Data steward by systems model, 147 Data strategy, 68, 69, 76–78 Data usage, 13, 154 Data warehousing, 2 David Plotkin, 142 DG business case building blocks, 83 DG functional titles, 135, 136 DGI data governance framework, 132 DG maturity. See Data governance maturity DG program structures and bodies, 138 Digital, 3 Diversified data environment, 14 Document and content management, 2 Dollar Shave Club, 74, 75 Dylan Jones, 35 E Education and training approaches, 49 Efficiency metrics, 188 Elait Australia, 50, 164 Enablement, 68 Enforcement metrics, 190 Erwin, 18 Erwin and UBM, 16 Executive buy-in, 18 Executive sponsor, 18, 32, 33 Executive sponsorship, 62 Executive steering committee, 137 Experian, 141 Experian and UBM, 68 F Facebook, 74 FAST Goals approach, 182 Feedback mechanism, 42 Financial data domain, 89 First San Francisco Partners, 168, 169 Formal governance strategy, 68

214

Index

Framework, 131 Framework for Enterprise Architecture, The, 75

Kim Jackson, 128 Knowledge, skills, and abilities, 34 Knowledge, skills, and expertise, 34

G Gartner, 7, 168 George Firican, 36, 96, 126, 136, 161, 197 Gillette, 74, 75 GlaxoSmithKline, 93 Governance operating model, 160 definition, 160 Governance organization structures, 36 Gray Matter Analytics, 19, 95, 125, 141 Gwen Thomas, 50, 139

L Laura Sebastian-Coleman, 19, 20, 43, 77, 169 Leaders and management, 31 Leadership, 28, 30 Leadership and management, 28, 30 Legislations, 54 Lessons learned, 57 Lestoil, 74 Lewis Carroll, 87 Liddell and Scott, 72 Lightsondata.com, 136 Linguistic barriers, 14 LinkedIn, 17

H Hannibal, 74 Henry Mintzberg, 72 High priority scope items, 90 HIPAA, 89 HSBC, UK, 8, 94, 194, 197

I Impact/value metrics, 183 Importance of strategy, 74 Incremental approach, 39 Inderpal Bhandari, 93 Information governance survey, 7 Information Technology Partners, 139 IRM Consulting, Ltd. Co., 19, 30, 36, 45, 57, 143

J Jacob Borowsky, 74 Jeannine Siviy, 182 Jeff Howe, 164 Jill Dyché, 35, 36, 42, 60, 68, 77, 96, 161 Jill Dyché, LLC., 35, 36, 42, 161 John A. Zachman, 125. See also John Zachman John Gallant and Kevin Fleet, 77 John R. Talburt, 201. See also John Talburt John Talburt, 57, 63, 81, 91, 94, 168, 182, 183 John Zachman, 75

K Kelle O’Neal, 168, 169 Kimberley Nevala, 60

M Mahesh Krishnan, 188 Mark Ramsey, 93 Master data management, 2 single version of truth, 2 Master Systems Inc., 9 Maturity, 99 Maturity assessment exercise, 72 Maturity level, 47 Maturity models, 100 structure, 101 Measurement, 39, 168 Measurement framework, 40 Memorial Sloan Kettering Cancer Center, 93 Metadata, 2 definition, 122 maturity, 122 Metrics, 39, 40, 60, 62, 168 Mission translation, 75 Morris Chang, 96 Multiple versions of truth, 14 Mustimuhw Information Solutions Inc., 132 MySpace, 74

N Nancy Couture, 8 Nicola Askham, 150 Noetic Partners Inc., 15, 57, 81, 168, 182, 201 Non-disruptive, 55 Non-invasive, 55

Index O OCM factors, 41 Once bitten, twice shy syndrome, 17 One size fits all, 45, 53, 95, 178 Operating model, 160 Organizational, 36 Organizational change management, 28, 41 Organizational conflict, 20 Organizational culture, 20, 95 Overlapping functions, 41 Ownership, 140 Oxford dictionary, 131

P Paul Barth, 78 Personally Identifiable information, 47 Peter Drucker, 39, 43, 44, 167 Philip Russom, 52 Phil Watt, 50, 164 Pilot phase, 88 Plug and play, 38 Porsche, 74 PricewaterhouseCoopers, 78, 194. See also PwC Proactive communication, 52 Processes, 156 controls, 156 automated controls, 157 manual controls, 156 validation controls, 156 data principles, 149 examples, 149 guidelines, 155 processes versus procedures, 157 risk, 156 rules, 159 Project, 22 Proof of concept, 56 Providence St. Joseph Health, 128 PwC. See PricewaterhouseCoopers

Q Qualitative metrics, 180 Qualitative people metrics, 184 Quantitative metrics, 180

R Ramesh Dontha, 77 Readiness assessment, 70 Reference data, 2 Reference data management, 2

215 Regulations, 61 Regulators, 61 Regulatory requirements, 61 Resistance to change, 19 Responsible, Accountable, Informed (RACI), 57 Richard Inserro, 78 Ries, 173 Risk, 84 Risk factors, 84 Roadmap, 39, 77, 87, 88 Robert S. Seiner, 60, 85 Rob Karel, 157 Root cause, 13

Consulted,

S Scope of the chief data office, 91 Scorecards, 193 Scott Baret, 160 Secondary domains, 89 Segregation of duties, 57 Senior management, 31 Shannon Fuller, 19, 20, 95, 125, 141 Soft skills, 34, 35 Software Engineering Institute, 102 Software process maturity, 99 Stakeholder coverage, 41 Stakeholder engagement and managment, 28, 41 Stakeholders, 37, 41, 42, 50 Stanford University, 132 Stan Rifkin, 9 Stephen Covey, 78 Strategic enterprise asset, 13 Strategic roadmap, 34 Strategy, 28, 68, 72, 74, 75 Strategy and execution, 28, 33 Strategy execution, 68 Strategy mapping technique, 68, 77 Stu Gardos, 93 Subject matter experts, 14 Success stories, 57 Sunil Soares, 93 Support and commitment, 30 Svetlana Sicular, 32, 39 Swati Consultancy Pty Ltd, 21 Symantec’s 2014, 7 T Target state, 72 Teamwork, 52, 53 Technical business analyst, 13

216 Technical data debt, 186 Technical skills, 34 Technology, 24 Technology and tools, 24 Technopedia, 132 Ted Friedman, 168 Threshold, 175, 177 Tick box approach, 61 Tony Epler, 167, 168, 194 Tools and technology, 38 Training, 47, 49 Training and education, 45 Types of data stewards, 147 business data stewards, 147 chief data steward, 147 coordinating data steward, 147 data domain stewards, 145 data object stewards, 145 enterprise data steward, 147 executive data steward, 147 operational data steward, 147 process data stewards, 147 process stewards, 146

Index project data stewards, 147 technical data stewards, 147

U UBC DAE, 36, 126, 161, 197 University of Arkansas, 15, 57, 81, 168, 182, 201

V Value, 84 Varun Pant, 21

W Walmart, 74 Warning signs, 60

Z “Zachman Framework”, The, 75, 125 Zachman International, 75, 125