Data Governance: From Policy to Practice
Every organization that depends on the use of information is subject to business risks that are ultimately attributable to flawed information. Conceptually, a data governance program is intended to
alleviate the exposure to these data-dependent risks by imposing organizational oversight coupled with operational controls and audits to verify conformance of data to defined quality
expectations.However, as data governance emerges as a stand-alone practice, many corporations are experiencing the pains of distinguishing between setting the expectations for data quality assurance
within the context of risk management and the actual implementation of the activities which demonstrate that the quality data sets are meeting those expectations. This exposes the challenge of
operationalizing the inspection, monitoring and reporting of enterprise-wide conformance to data governance policies.
This directive frames the operational data governance opportunity: identifying information risk factors, determining the types of information flaws related to those risk factors and crafting a data
governance framework that can be used to control the quality of enterprise information. The typical data governance framework is used to establish the roles and responsibilities for overseeing the
observance of protocols for reacting and remediating potential exposure. Yet, as the case studies developed for this research report show, setting up the organizational structure for oversight is
just the beginning of the governance program. Defining data quality metrics correlated to the potential impacts of non-observance enables characterization and prioritization of data issues and
drives the remediation process, thereby maintaining high quality enterprise data.
Organizations are creating data governance frameworks for measuring and monitoring conformance to business data expectations, along with the protocols for documenting, reacting to and remediating
data quality issues. Issue severity is determined based on potential impact and is prioritized accordingly. This process of identifying, continuously monitoring and remediating failures in
observing the data quality rules that reflect business policy conformance – going from policy to practice – is referred to as operational data governance. This report presents best
practices employed in a select collection of business environments for identifying information risk and for integrating people, practices and technology to create enterprise information oversight.
The processes explored in this report simplify the approach to evaluate business impacts associated with poor data quality and explain how one can define metrics that capture data quality
expectations and acceptability thresholds. Dimensions of data quality guide the analyst in defining quantifiable measures that can be correlated to business impacts. Applying these processes will
result in a set of metrics that can be combined into different scorecard schemes that effectively address senior-level manager, operational manager and data steward responsibilities to support
organizational data governance.
Read the entire study.