Building an Effective Data Governance Framework

A data governance framework enables you to define and document your data governance policies and compartmentalize the steps required to provide high-quality, trustworthy data to everyone in your organization whilst maintaining regulatory and internal compliance. Developing a high-quality framework is a critical first step in any data governance initiative.

What is a data governance framework?

A data governance framework is the blueprint that defines the roles, responsibilities, policies, and procedures of the data governance initiative, so everyone in the organization knows the plan and is in agreement. It enables you to outline the components of your Data Governance implementation strategy based on the most important use cases.

When you develop a data governance framework for your business the aim is to set out a series of goals and objectives that span the lifecycle of your implementation efforts. Your framework will be unique to your organization and focus on the most critical business requirements.

Need help convincing stakeholders of the importance of data governance? Download our free Data Governance Business Case Builder

Why do you need a data governance framework?

A well-designed data governance framework will enable you, from the get go, to define policies and rules, standardize the most important data terms in your organization, document your decision-making process, share your findings, identify data owners, disseminate roles and responsibilities, and construct a solid roadmap based on the most important use cases in your organization.

Data governance must be targeted towards clear goals if it is to be effective, that’s why a data governance framework is so useful, because it enables you to set those goals and document the means by which you can achieve them.

Policy Making 

For an organization to govern a variety of data, it needs to have specific policies in the following area.

• Data transfer policy, (e.g. PII information can’t be shared until encrypted)
• Naming convention policy
• Access control policy
• Data quality policy

Change Management

A traditional company can move towards self-service, or in a reverse scenario, a fast-moving start-up can start having more controls. In both cases, we need a change management program. Data Governance team should be equipped to provide various training to adapt to these changes.

Aligning Data Strategy with Business Strategy

A company has to align overall data strategy with the business strategy of the company. Only then the data governance programs are successful.

Principle & Ethics

Ethical data handling can increase the trustworthiness of an organization and the organization’s data and process outcomes. Like W. Edward Deming’s statement on quality, ethics means “doing it right when no one is looking.”

Data Classification

Data classification helps the teams find, organize, and secure relevant data. We can classify data as per various categories:

• Functional categories- Customers, Suppliers, Items, Inventory
• Security categories- PII, Sensitive, Protected and more

Building Business Glossary

A business glossary helps to solving communication problems by creating a common vocabulary across the entire organization. It additionally ensures the consistency of these terms by synthesizing all of the information of the organization’s data assets through an array of data dictionaries. It then rearranges it into a more understandable and straightforward format.

Data Quality Monitoring and Control

Data quality must be tracked, managed, and monitored if that data is to drive better business decisions. Therefore, being able to measure and monitor data quality throughout the lifecycle and compare the results over time is an essential ingredient in the proactive management of ongoing data quality improvement and data governance.

The Elements of a Data Governance Framework

There are various elements that constitute an effective data governance framework. These range from the specific roles and responsibilities required to roll out a program, to the management structures and technology you will require to achieve the best results.

Aspects of a data governance framework

• Why: ‘Why’ concerns the reasons you embark on a data governance initiative in the first place. ‘Why’ should cover the business decisions you pre-plan before rolling out your strategy. For example, you may wish to avoid the fines related to non-compliance, you might want to provide a better service to your customers, or maybe you want to explore new avenues of data-driven growth. In data governance terminology the ‘why’ are also considered as drivers of data governance.
• Who: With so many stakeholders from different departments, it can be difficult to maintain data standards. A data governance framework enables you to find relevant stakeholders and monitor their meeting cadence. Data Owners, Stewards, and Steering Committee are responsible for administering a data governance program led by a CDO or Data Governance Manager.
• What: The ‘what’ in a data governance framework are the steps you take to achieve your data governance objectives. At an organizational level, it can be very daunting to begin a data governance program. That's why you should take a progressive approach. Choose a department, select specific initial data sources, then start the data governance program in those areas. There are multiple programs for different objectives, so choose wisely before beginning the implementation phase.
• When: It's critical that you plan when you intend to roll out each element of your data governance strategy. For example, you don't want to introduce a series of measures that rely on the competency of certain team members if they are not data literate. A move such as this could derail the entire process.
• Where: Ensuring that the data in your organization is stored correctly is vital. These considerations will govern the security and accessibility of your data. However, data storage should be a company-wide concern. Top-level management committing to storage budgets, and individual data owners must take responsibility for safeguarding the data assets in their care.

Roles in a data governance framework

When you develop a data governance strategy, you need to ensure you have the right team to implement it. The following roles and responsibilities should be present in your framework.

Chief Data Officer

A Chief Data Officer will oversee the development and organization of a data governance strategy. They are the key point of contact for both the data team and business executives.

Data Governance Manager

A Data Governance Manager will oversee the development and organization of various data governance programs. They are the key point of contact for both the data team and business executives.

Data Owner

Data owners are responsible for maintaining specific data assets and making them accessible to other users. A data owner is not just responsible for data, but accountable for it.

Data Steward

Data stewards oversee the policies laid out in a data governance framework. They must ensure everyone is accessing, using, and maintaining data in a way that complies with the framework.

Related: Data Governance & Data Stewardship Explained

Data Governance Committee

A data governance committee should include data owners and meet monthly or quarterly, depending on your company's requirements.

The aim of the committee is to decide on data policies and standards, manage budgets, determine business terms, and more.

Data Governance Team

While optional, it's good practice to set up a data governance group that will implement your data governance initiatives. The group will be led by an independent data governance manager and should include the data architect, data analysts, and compliance experts.

• Data Architect: A data architect is responsible for finding and developing the relevant technologies required in a data governance framework. They are usually highly proficient in various processing solutions and will help to identify the best solution for your business. 
• Data Scientist: Much of the data required to gain top-level business insights will be captured by data scientists. Their role is crucial as a data governance framework should be based on the most important business use cases which the data captured needs to reflect.
• Data Analyst: Analyzes data to discover trends that inform business decisions. The data analyst makes sense of the data that the data scientists capture.
• Compliance Specialist: Ensures all compliances (privacy, security, legal, etc.) are adhered to.

How to create a data governance framework?

There are numerous theoretical frameworks for data governance. The trouble is, most of them are too in depth for regular data users to understand, let alone implement. For example, they could include multiple frameworks for different areas of governance such as data security, metadata management, or data integration.

The framework we present in this article is holistic and straightforward and most importantly - practical.

The framework will provide you with a practical way to implement data governance measures in your organization quickly and comprehensively.

The first thing you need to do before building a data governance framework is to establish what the state of data governance is in your organization. This step will inform how you proceed and the measures you need to take to build a framework.

When you know what data you have in your organization and who is responsible for it, you must set up a data governance committee to implement your data governance program. 

Three initiatives

There are three initiatives that will help you to set up a successful data governance strategy in your organization. These initiatives are the responsibility of the data governance committee.

1. Create an inventor

   The first step is to identify where all of your data is stored. Following the identification process, you must create an inventory of all the data sources including applications like SAP and Salesforce, data warehouses, and other databases too.

2. Confirm data ownership

   The next step is to identify the owners of the data in your organization. However, you need to specify that the owners you identify are the business owners and have full access, permissions, and can make decisions on how the data is used.

3. Set up a data governance committee

   A data governance committee will help oversee data governance company-wide and act as an authority. Essentially, they will receive and review reports from the data governance committee regarding new protocols, access, and permissions.

Three core programs

1. Managed access

   You must define policies for confidential data and PII then work towards implementing these policies across your organization. These policies will govern who has access to what data, how they access it, and how others can be prevented from doing so. 

2. Data literacy

   One of the cornerstones of successful data analytics is data literacy. When your staff is data-literate they can use data to innovate. Granting easy access is the first step towards this goal, the others include awareness building of your data governance objectives, and standardizing terms using a business glossary.
   
   Collaborating on data assets enables data users to make the best business decisions. To make this possible, users need to be on the same page in regards to data terms and definitions. 

3. Data quality improvement

   There is no point in providing users with access to data if it is not of high quality. Bad data can only lead to bad business decisions. The aim of a data quality improvement program is to document the lineage of data, carry out root cause analysis, and fix any errors that may have occurred in the past. 

Related: How Chief Data Officers overcome three key challenges they face

Data management by IT

One of the core purposes of end-to-end data governance is to ensure that data is secure. Although most of the work conducted in this area is performed by IT staff, a company's data governance committee must ensure that security standards are followed.

Data security is largely the responsibility of the IT team, which should conduct regular audits to ensure the data is secure and implement encryption methods to defend the data while it travels from location to location.

The three major aspects of IT data management are:

• Security: Generally, a data access management program covers data security in an organization. However, a data governance program should incorporate measures that ensure that the latest patches are installed and there are no software vulnerabilities present.
• Encryption: A data governance program should include an encryption policy for data at rest and during transfer. Data at rest must be encrypted so that if a hard drive is stolen, it can't be read by anyone. Data in transfer must be secured at every stage of its journey.
• Auditing: The data governance committee must ensure that every access management activity is adequately audited. It is essential to create an audit policy for personally identifiable information (PII) and other confidential data too. 
  
  

Wrapping Up

If you follow all of the measures we have documented in this article, you should have the means to roll out a successful data governance program. Just remember to be patient, taking the implementation phase step by step is a proven way of avoiding failure.