Building your data governance organization: 7 essential elements

10-minute read

Quick summary: We explore the seven elements that help ensure your data governance organization is up to the task of fulfilling its mission.

The decisions you make for your organization have consequences, but is your team prepared to measure the effectiveness of those decisions quickly and accurately? Or at all? A well-considered data foundation program can give your business a competitive edge, but it takes a sustained effort and investment to reap the rewards. A few questions you don’t want to leave to chance:

• Is your website driving business?
• Did your blog post educate and influence its target audience?
• Is your project management team making progress towards business objectives?
• Is your supply chain running efficiently?
• Is your data secure? Who has access to it and why?
• Is your data well documented? Do you know what it means, or where it came from?

The list goes on and, surprisingly, companies of all sizes may find themselves unable to adequately make data-driven decisions.

Every data foundation program starts with a vision that informs the path forward. One of the first things you’ll want to focus on to realize that vision is the formation of a data governance team to ensure your organization understands and has confidence in the data available to it. Read on for some insights into the components and structure of a data governance team.

1. People and organization

Your IT staff may be the best on the market, but their priorities are often focused on operational necessities, often to the detriment of business stakeholders. A balanced data foundation program ensures operational awareness and efficiency, but not at the expense of business needs. The way to improve this is to spread the workload by establishing clear oversight for key datasets. This frees the IT staff from many of the responsibilities related to governance.

For data governance to work, you’ll need a team of focused, detail-oriented professionals who will drive it—never to completion, but to a steady run state that embraces the inevitable changes that will occur over time. This is where collaboration and buy-in are important, since the team you select will consist primarily of people who are already experts in your organization. Their buy-in is crucial to avoid resistance as new duties are required of them to support the effort.

After the Data Governance Lead, the next roles you’ll want to identify are Data Owners and Data Stewards. Best practice is to identify different team members to occupy these roles for each distinct data set.

• The Data Owner is ultimately accountable for the dataset and is a role that is best assigned to a senior employee with the authority to make decisions on how the data is collected, stored, and distributed.
• The Data Steward role is best assigned to a subject matter expert who has deep experience with the data. They should be able to answer any questions about the data, even at a very granular level, and would be the primary role to address any data quality issues that may be found.

In some cases, the Data Owner and Data Steward roles may be assigned to the same person, particularly in smaller organizations or in the early stages of a data governance implementation.

2. Process and data architecture

While the data governance team won’t be building any of the tools that ingest or process data, they would be involved in the decisions around software tool selection, with a focus on clear rules around security, classification, cataloging, data retention, access constraints, and conventions, to name just a few. A structured approach toward onboarding new data sources and bringing pre-existing data sources into the data governance fold is key.

Ideally, data governance would be in place before any data has been collected at all. In reality, most companies, large and small, initiate their data governance program well after the fact and find themselves faced with a daunting variety of siloed architectures and ad-hoc data in a range of forms. Structured databases, Excel files, scanned documents, and externally sourced datasets are common, all with different levels of standardization and access control. And much of the detailed knowledge of these datasets will exist, undocumented, in the heads of employees, past and present. Over time, data governance will bring order and consistency.

3. Documentation and metadata management

Documentation has a tendency to be badly neglected and, as a result, much of the deep knowledge of pre-existing datasets may have been lost after your workers moved on to other employment. There are other reasons as well:

• Some employees avoid documenting their work as a means of ensuring job security.
• Engineers may have been given difficult technical challenges to solve with no time allocated to documentation work.
• Detailed documentation may have been completed, but then never updated to reflect changes over time, thus providing little value to future consumers.
• Very often, people on the engineering team simply don’t enjoy documentation work and put little effort into it.

The business value of documentation is often not well communicated, and the above issues can be improved by ensuring that those who compile it understand the benefits to them as well as to the organization. It’s true that documentation can be of low value but, in the case of data, particularly data that’s critical to decision making, it’s the only effective way for business users to understand the data that’s available to them.

For engineering teams, good, thorough, and current documentation helps them to avoid after-hours emergency calls and allows them more flexibility if they want to transition to other roles within the company. It’s also the best way for technical teams to quickly get up to speed on datasets they inherit.

4. Data quality management

How you choose to define data quality will have a large impact on the level of trust your downstream users will have in the finished product. Most data will have some common quality checks on structure, timeliness, and completeness. Beyond that, you’ll want to work closely with your Data Owners and Data Stewards to put in place quality checks that make sense. For example, threshold checks would often be the right choice for financial data, or geographic data that has to fit within specific boundaries.

Data quality rules should be applied automatically any time new data arrives—or existing data has been updated—to allow for continuous measurement. Automating the process eliminates guesswork and ensures timely delivery. The metrics you define can be used to establish KPIs that provide visibility to the business on the effectiveness of the data quality checks on the downstream data and if business objectives are being met.

Data that doesn’t pass the quality rules should be brought to the attention of the Data Owners and Data Stewards and remediated before moving forward. The outcome is a clear, holistic view of the quality of your data that mirrors your Data Owners and Data Stewards specifications.

5. Training and change management

If your organization is implementing data governance from scratch, a phased approach is recommended to avoid overloading your team, to ensure tool selection is compatible with existing systems, and to allow the company to build on its successes over time. Early wins may include:

• Better understanding of the data that’s available for immediate use
• Visibility into gaps in the data that need to be filled
• Clarity on roles and responsibilities

To ensure a good outcome, employees will benefit from multiple types of training, including in-person classes, a centralized portal with easy access to documentation on data assets, recorded sessions, and other resources.

It is also a good practice to include organizational data literacy as part of your onboarding process so that new hires start off with a good foundation.

6. Data security and privacy

Data security has grown in importance and complexity in recent years. And, more than ever, it’s important to have a layered approach to security. At their core, your security policies should address who has access to data and should take into account different classifications of data. A few common classifications to be aware of:

• Public: This is the lowest level of data security classification and indicates that the data is suitable for public consumption.
• Personally identifiable information (PII): This signifies data that is linked or linkable to a particular person.
• Low/medium/high business impact: Variations of this general classification are present in most large companies. Its purpose is to communicate the level of damage the business could face if the data was to make it out of the company and into the wrong hands.

While your IT teams will likely have data security in place, the data governance team is instrumental in ensuring that data security and privacy policies are well defined and applied consistently across the organization.

7. Technology selection

There are a growing number of data governance tools on the market, each with its pros and cons and associated costs. Most organizations will benefit from a series of narrowly scoped proof-of-concept projects that minimize the time burden on your team while maximizing their learning. By spending some time on proof-of-concept projects, you’ll move past marketing promises to see first-hand how the tools will actually work within your environment.

What comes next

As much as you believe in the importance of a strong data foundation program, it’s important to understand some ways it can fail. First, a mature data culture isn’t built overnight. Your disparate teams have likely been doing things the same way, effectively, for some time, and it will take patience and persistence to help them see the benefits that the changes will make to them and their deliverables. These benefits can include:

• Improved certainty when preparing reports, building dashboards, or fulfilling compliance requirements
• Ability to make data-driven decisions faster and with consistency across departments
• Reduced exposure to lawsuits due to improved data security and access management
• Clear insight into progress towards key business objectives

The care you take in planning and implementing your data governance program will create lasting value for your business, but, as alluded to in the beginning of this post, your work is never done. This applies not just to changes in the datasets that have been brought into the data governance fold, but also to the tools, systems, and analytics programs that have been enabled by it. With well-governed data at your fingertips, your business will be well positioned to harvest the rewards of a modern and mature data culture.