You'll get no argument from me on the import of this subject, especially today. After all, we long ago entered the era of big data. As such, it's imperative to look anew at traditional data-related concepts, roles and rules. Which are still relevant? Which need to adapt or die?
I can think of no entity that should take a harder look in the mirror than the conventional data-governance council.Before going too far, a proper definition of the term is in order. A data-governance council (or committee) is defined here as:
"A cross-functional group with representatives from business and technical data stakeholder functional groups. In some organizations, this group may be labeled a data stewardship council. Members may be called data governors, lead data stewards, executive stewards or council members.
These councils make high-level decisions about how organizations use data."
If this description seems kind of bureaucratic and top-down, you're right. I can imagine a monthly or quarterly meeting in which near-retirement senior execs debate in a vacuum what should specifically be done and how. Not exactly agile and/or lean. I can just imagine many ambitious employees wanting to take advantage of burgeoning opportunities, only to be told that the council needs to vote on the idea next quarter. (Lest you think I'm being unnecessarily contrarian, I'm hardly alone in believing that there's a great deal of room for improvement here.)
I've argued before that much of big data is inherently ungovernable because it "lives" outside of the enterprise. That is, it is born on third-party sites, often accessible by APIs that may or may not remain open. To boot, not all APIs are created equal. Let's say that LinkedIn restricts or closes its API to developers, something that it has done more than once. What's a DG council to do? Those high-level decisions that it used to make in relative isolation about who can do what are now often made for it.
Is a DG council even necessary today?
The answer appears to be "it depends." Google's data-governance program aims to "create, maintain and promote radically stronger and more efficient protections around sensitive data." As of this writing, no one at Uber appears to work in a data-governance capacity. This is potentially disturbing given the company's well-publicized gaffes over its God view, or is it? Perhaps another department handles these critical responsibilities – maybe even its new chief security officer?
The elephant in the room is the CDO. Has the chief data officer usurped the duties of a data-governance council in many organizations? Put differently, is the use of data so important today that it can't be relegated to some type of "council" anymore? Is its misuse so potentially damning that it's high time to appoint a "data person" in the C-suite? These are all fair questions and I don't purport to know all of the answers.
I will say the following three things about traditional data governance councils. First, react quickly. Second, think guidelines, not rules. Finally, data security, privacy and general protection matter as much as – if not much more than – traditional data governance.
What say you?