Data Governance: A Necessity in an Integrated Information World
Information Management Magazine, December 2006
You live in a typical neighborhood. You know most of the people who live there. Every household maintains its home according to its own preferences - some people mow the lawn once a week; others work in their yards on a daily basis. Now imagine that everyone on the street is packing their bags and leaving their homes. All the occupants of each house are moving in together!
Each household brings its own ways of living, preferences and attitudes. We can immediately see the potential for conflict. Certainly a different level of coordination and cooperation is required to live together productively and peacefully in the same house than was needed as neighbors in separate dwellings.
Advertisement
Any time your company integrates information, such as in an enterprise resource planning (ERP) application or data warehouse, it is as though each of the source systems - with its associated people, business processes and data - is packing up and moving in together. Companies are living in a world that is much more integrated than in the past. Figure 1 shows the evolution of information integration within a company and approaches to managing information.
Figure 1: Evolution of Information Integration
Our applications and business needs for information are integrated, but our behavior has not changed to work effectively in this world. For example, your company may need information to support end-to-end processes and enterprise decision-making, but the information is being created by an individual contributor from the business who has no visibility to other needs for the same information. The application manager is accountable for system speed and performance, not content accuracy. Both focus on and are rewarded by executing the immediate transaction only. Once again, we see conflict between needs and behavior.
We have different business uses of the information; different platforms, systems, databases and applications; different types of data (customer, vendor, manufacturing, employee and finance); different data structures, definitions and standards; and different data, processes and technology customized to fit a specific business, geography or application. All these differences are supposed to be resolved so everyone can live happily ever after in their new integrated world.
How are decisions to be made in this integrated world? In my house example, each family has its own room in one large home. Occupants of a particular room have the right to put down new flooring and decorate the room the way they want. However, none of the occupants can change the plumbing or redecorate the living room (a common area for all) without the agreement of those who live in the building. In some cases, the occupants could bestow authority upon someone to make the plumbing and common-area decisions. They would entrust that person to make decisions for the benefit of everyone who lives in the building, expect to be informed of changes, and be able to raise any issues that need attention. There needs to be roles, responsibilities, rules and processes in place for managing the house. In other words, governance or formalized accountability is required.
How do we handle the corresponding issues in our information world? The answer is also data governance or formalized accounting. Govern means to "control, regulate or direct something; to have or exercise an influence over and to be the defining rule for something." I consider data governance as a process and structure for formally managing information as a resource. Data governance ensures the appropriate people representing business processes, data and technology are involved in the decisions that affect them. Data governance supplies the structure, roles and processes that provide venues for interaction and communication paths for gathering appropriate input, making decisions, identifying and resolving issues, escalating when necessary, implementing changes and communicating actions.
Data stewardship is often mentioned along with data governance. Data stewardship is an approach to data governance that formalizes accountability for managing information resources on behalf of others and in the best interests of the organization.
Stewardship is an important concept within data governance. I promote stewardship over ownership when it comes to data. A steward is someone who manages something on behalf of someone else. I do not promote the use of the word "ownership" when it comes to data and information. Why? Too often people act as though the data belongs to them and not anyone else. This is a nonproductive attitude. Managing that information for one specific use when it actually impacts many other uses across the company can be dangerous.
I promote the use of the word ownership when it comes to business processes. Why? Because in this case it means to acknowledge full personal responsibility, and those with the authority own the business processes in that sense. But even though the business may own a process, anyone who touches the data in the course of carrying out that process is a steward of the data. That is, they have to manage the data to meet not just their own immediate needs, but manage it on behalf of others in the company who also use that data or information. Whatever word you use in your company - steward, owner, custodian, trustee, etc. - be sure it means both acknowledging personal responsibility and the responsibility of managing that data on behalf of others and in the best interests of the organization.
As a guiding principle for any data governance program, information is owned by the enterprise and is maintained in various company systems. In addition, customers, vendors and employees retain certain rights to their own information. Various organizations, teams and individuals in the company are stewards of the information. They have the responsibility to manage the enterprise's data effectively on behalf of others and in a fair, lawful and honest manner.
In addition to the need for data governance due to integrated information, the biggest motivation for companies to institute data governance comes from regulatory and legal requirements. A few of the U.S. requirements stem from The Sarbanes-Oxley Act of 2002, the Data Quality Act, The National Data Privacy Law and more.
Page 1 of 3.
