In a recent conversation with a colleague, I was alerted to some alternate thoughts about data governance that really got me thinking. Without going into great detail about my colleague’s perspective, I can share two aspects that have motivated me to re-frame not only what data governance is (or what it should be), but also, and more importantly, what the implications are for an individual with the title of Chief Data Officer (CDO).
- Aspect #1: In contrast to conventional wisdom, data governance is not about managing existing data assets and using them to their utmost potential, nor is it largely focused on data quality measurement and improvement.
- Aspect #2: Data governance revolves around enforcing information policies to optimize and protect corporate value.
Breaking down assumptions about data governance
We're often pelted with definitions, instructions and guidelines for data governance that presume it is a set of practices that need to be imposed to ensure data quality and usability. And while data governance should not preclude good data management practices, the revelation that I derived from aspect #1 is that there are conventional memes associated with data governance that don’t necessarily hold true. For example, there's a frequent directive to identify redundant data assets and merge these separate assets into one – supposedly to reduce duplication and eliminate inconsistency.
But there may be good reasons for two different silos to create similar data sets, especially if those data sets are neither coordinated from any business perspective nor co-dependent in any way. In that case, the cost of converging two data assets into one may create a number of systemic dependencies and need for synchronization that are not related to any core business need. It might benefit the organization to allow those virtual replicas to remain segregated – because the costs of consolidation and continued integration may outweigh the benefits over the long term.
Just for the record, aspect #2 was not such a surprise to me, since I had been advocating these kinds of ideas for years. Rather, it reminded me that many factors contribute to the corporate value of information; and some of that value isn't necessarily enhanced by processes like data quality improvement or master data management.
As an example, consider requirements for compliance with the European Union’s General Data Protection Regulation (GDPR). The GDPR says that individuals from the EU have the right to request that that their name be erased from a company’s data environment. Having a master data environment may link data assets to an individual’s virtual profile and effectively “infect” certain data assets as personally identifiable information – even though those data assets did not have that status prior to creation of the master index. In that case, the risks of exposure to a data breach or noncompliance with an individual’s request to be forgotten are largely increased. Managing those risks requires additional (costly) resources and staff.
Three suggestions for the chief data officer
Considering the issues I've presented, what are the implications for a chief data officer? Immediately, I can think of three things to present as suggestions for CDOs:
- Develop a framework for assessing information value. Identify all aspects of value and costs that can be attributed to any and all phases of the information life cycle. For example, consider whether the long-term effort, responsibility and costs of creating a new data set will result in more corporate value than the long-term effort, responsibility and costs of data reuse.
- Institute scenario planning to assess the impacts of information policy decisions. Conventional data governance program plans direct decision making based on presumptions that might not hold true in all situations. Use thoughtful planning exercises to consider the broad impacts of policy choices, including their effect on corporate value.
- Be proactive in asserting control and governance over data-centric management. Don’t wait for something bad to happen to assert a level of policy control over data management decisions. Become integrated with development methodologies, and demand compliance with value-preserving information guidelines.
These may be subtle adjustments in thought, but they have deep applicability. In future posts, I'll delve deeper into exploring the value approach to data governance.Download The SAS Data Governance Framework: A Blueprint for Success