Data governance doesn't lack for definitions and never has. Here is one that's as good as any:
The process of creating and agreeing to standards and requirements for the collection, identification, storage and use of data.
Clocking in at 19 words, this definition works just fine. To boot, it certainly jibes with the efforts of most traditional data governance efforts. That is, it emphasizes an inward focus predicated on boards, councils and stewards.
Data governance entities have generally focused on questions such as:
- Are we allowed to do [insert task]with our data?
- Should we do [insert task]with our data?
- What data should constitute master data?
- How many and what data sources exist for each type of master data?
- Who is allowed access rights to which data type? And what actions can these individuals and groups perform?
Are these still important questions? Sure, but as I wrote recently, organizations need to start viewing data governance from external points of view. To me, it's downright silly to ignore the benefits of thinking about data-related issues in different and unexpected ways.
Still, you can go too far with this type of expanded, externally based mind-set. Yes, there are those who advocate crowdsourcing data governance. (You read right.) Imagine an organization taking a Wikipedia-type approach to critical issues surrounding user, customer, product and employee data.
This to me sounds like anarchy. The idea seems terrible in theory and I've yet to read a single case study on its successful implementation. Organizations are ultimately responsible for what they do with enterprise data, not "the crowd." (Along these lines, there's a famous axiom in the open-source software world: "Think free speech, not free beer.")
Simon says: Find a middle ground with data governance.
To be sure, crowds can certainly improve data quality. Groups can spot errors that we often overlook. They ask different questions. By virtue of distance, they often avoid many of the biases that plague individual decision-making. Forget proper crowds, though. We individuals often stand to benefit from a single, separate pair of eyes. (Pair programming exists for a reason.)
But fully crowdsourcing something as essential as data governance? I just don't buy it. My biggest hangup with the concept: it necessitates a loss of control that could very well cripple organizations. Are individual users or groups likely to accept responsibility for high-profile privacy breaches? Not unless they are affiliated with Anonymous.
Maybe, like Amazon's infamous empty chair, organizations should formalize the presence of those groups historically not at the table.
What say you?