Data governance is more than just your IT team’s problem

Every business these days operates in a data driven world, which is why forward-thinking and focused organisations are all attempting to unlock the value their data offers. Unfortunately, enthusiasm for the management and governance of this data hasn’t reached the same heights.

The problem lies in the fact that even if we know where to successfully locate our data, we’re often unsure whether the data has any real value or whether it can be trusted. But enterprises are now realising that the value of good data governance isn’t just realised by the business driving more revenue and creating improved efficiencies.

Between cyber criminals and hackers seeking to steal and monetise this data, and governments and industry bodies who are regulating the protection of sensitive data, organisations no longer have a choice whether to invest in data governance programs as evidenced by APRA’s CPG235 which is all about improving data governance. Data breach incidents are also highlighting the irreparable damage that poor data governance can have on an organisation’s brand and reputation. This can lead to loss in customers’ trust and the share of their wallets.

Every month, another giant corporation with seemingly impenetrable security has hit international headlines by exposing the sensitive data of millions of individuals. Take the case of Cambridge Analytica’s misuse of the Facebook data of 85 million accounts. After that was revealed, Facebook’s share prices slid 16% while forcing Mark Zuckerberg to front government enquiries in both the US and EU or the more infamous Equifax where they lost their CEO, 30% of their market value and substantial reputational damage after its handling of the data breach issue last year.

The introduction of GDPR also means potentially massive fines for a data breach for any business that has the personal data of EU citizens stored anywhere within their business. In Australia, there are also some new regulatory forces that are placing digital data at the very top of the governance agenda, including:

• Notifiable Data Breach
• Security of Critical Infrastructure Bill
• Prudential Standard CPS 234

Data governance is now a key strategic management discipline, but it’s often lumped in as a strictly IT function, distinct from the business itself. But it’s now more important than ever for a senior leaders to adopt a strong data governance approach, before the complexity of data increases exponentially through new technologies such as IoT and smart devices.

A prevailing myth has long existed that the IT department owns the data of an organisation, when IT are actually only responsible for the infrastructure the data is held on. Which data is collected, and how it’s used, is the decision of business leaders.

However, many organisations currently have an IT led governance system which probably only makes sense for the IT department. They’ll know what data is currently being held, and where to find it, but it’s unlikely they’ll understand the business value and context of that data.

While many IT leaders may have recognised that data needs to be governed, and have commenced data governance initiatives, business leaders need to be on board; preferably driving it and willing to take responsibility for their data, as they’re responsible for driving value from data as well as protecting their stakeholders’ sensitive data.

About the author:

As the General Manager of InfoCentric, my team and I provide specialised expertise, advisory and implementation services in digital and data analytics to help our clients convert data assets into business insights for competitive advantage with faster, smarter and more accurate business decisions. If you’d like to discuss how your organisation can leverage your data assets to drive operational efficiencies, attract new business, and minimise risk, please feel free to get in touch with me at [email protected].