Data governance refers to the management and protection of an organization's data assets. As businesses continue to collect and store large amounts of data, it becomes increasingly important to have a framework in place to ensure the accuracy, security, and reliability of this information.
In this post, I will showcase the components of a data governance framework that I have created in the past. Additionally, I will provide insights I have gained for implementing a data governance program, as well as discuss the challenges and benefits of doing so.
The first thing I always do is review the capacity of the organization that I am creating the data governance policy. I break it down into three sections:
Data capacity
What data assets do we have access to? What current policies or agreements govern the data? Where does the data come from? Who uses the data?
People capacity
Who are the people that are using data? Who should be using data? Who wants to be using data? How is data being used currently?
Technology capacity
What technology is being used in the data process? What technology can we implement to improve the flow? what technology can we get rid of?
When creating a data governance policy, it's important to understand why the policy is needed and what is expected of it. To make the policy as effective as possible, it should be kept concise and simple, while still addressing the specific requirements of the organization. While some policies may need to be more detailed to meet certain requirements, it's not necessary to include information on topics that are outside the scope of the policy ,organization, or distant future.
Once you have reviewed the organization's needs, it is time to consider how your data governance policy should be structured. Keep in mind that not all data governance policies are the same; although they cover similar topics and areas, they should be customized to fit the specific needs of your organization. It is also important to remember that the policy cannot be created in isolation; it must be developed in collaboration with the people who will be following it, and whose jobs may be impacted as a result.
Examples of Policies and Frameworks:
Brandeis University
University of Nevada, Las Vegas
East Caroline University
New Hampshire Dept of Education
NH Dept of Ed Data Governance Example.pdf
It's important to define the purpose and scope of what the policy is going to be. This can be a living document or chiseled in stone. This should match up with the management style and values of your organization.
Based on the purpose and scope, it should become clear which policies need to be created and which procedures need to be documented. This is where the bulk of the work will take place.
There are many different policies that can be a part of this section. The following are just some of the ones I have created:
Data Storage and Retention Policy - a set of rules that should be followed when data is being used and stored.
Data Privacy Policy - a policy that addresses how personal data is being handled. The general rule is that data should be anonymized before use.