Data Governance
Image: magele-picture/Adobe Stock

Vendors as varied as Google Cloud and Oracle all hope to sell you data governance, but it turns out data governance isn’t something you can buy. Sure, there are products that aim to help enterprises check for and secure sensitive data stored in databases and elsewhere, but data governance is more a matter of people and processes than technology and tooling.

Many enterprises try to buy their way into data governance success, which is one reason a Gartner survey found that 90% of data governance projects fail. For those organizations that figure out the people-side of data governance, significant benefits await.

Data governance sets clear standards for data processing while improving the quality and consistency of data within your company. This guide will help you understand what makes for good data governance.

Jump to:

What is data governance?

Data governance dictates how an organization manages its data throughout the data’s lifecycle, from acquisition to disposal, as well as the different modes of usage in between. Though data governance involves tooling, it’s much more than that: It also involves the processes people must follow to ensure the security, availability and integrity of data.

SEE: Hiring Kit: Database engineer (TechRepublic Premium)

This people-centric approach is also an indication of what data governance is not. Traditionally, data governance was a highly centralized function that was more focused on controlling data than enabling innovation. No more.

Due to “varying levels of uncertainty in today’s world,” argued Saul Judah, VP Analyst at Gartner, data governance needs to embrace “speed and agility,” which has rendered “traditional approaches to data governance… obsolete.”

As such, modern data governance tends to be driven by principles that link data to a business case and flexibly respond according to business needs.

Why data governance matters

While data governance was traditionally a way to guard and secure a company’s data assets, thereby contributing to compliance objectives, this is arguably the least compelling purpose for data governance today. It’s not that security isn’t important; rather, it’s a question of how to increase the value of data, particularly with companies becoming increasingly dependent on data to drive machine learning and other new initiatives.

SEE: Artificial Intelligence Ethics Policy (TechRepublic Premium)

The higher the confidence in the availability and consistency of an organization’s data, the more that organization can put its data to use in innovation.

Why is data governance important for all businesses?

The benefits of improved data governance aren’t exclusive to Silicon Valley upstarts using data to unseat legacy incumbents. Given the rising importance of data to every business, the benefits of strong data governance extend to all companies that want to remain competitive in their respective industries.

While not every company will have stringent data privacy needs, nearly all organizations benefit from improved data quality, lower data management costs and more predictable access to data throughout an organization.

Who is responsible for data governance?

For organizations that make effective use of data governance, there’s no one person responsible for data governance policies and processes. Rather, the responsibility falls primarily on a few key roles:

Steering committees or data governance program teams

This committee often includes senior management who set the overall goals and guidance for an organization’s data governance strategy.

Data owners

As the name implies, these individuals take responsibility for data in a given domain to ensure responsible use across lines of business. This function will often sit within IT and take care of the necessary infrastructure to safeguard data under their ownership.

Data stewards

Data stewards are subject matter experts who take responsibility for the routine management of data. These stewards are on the front line for preserving data quality. They report to data owners on the ongoing use of data, especially on big projects and company initiatives.

Every employee

There are different permutations for each of these roles, but it’s important to point out that data governance tends to fail when it’s perceived as “someone else’s job.” The most successful organizations make data governance an integral part of all employees’ roles.

Data governance models

Traditionally, enterprises have favored top-down data governance models. Unfortunately, these models have largely failed. Gartner has found that, through 2025, 80% of organizations will fail to scale digital business because they persist in outmoded data governance approaches.

In addition to a top-down approach, there is also a bottom-up approach for data governance that businesses are increasingly adopting. The Data Governance Institute explains the bottom-up approach to data governance as “center-out,” driven by experts within the organization, and “silo-in,” where different business units or groups join together in a data stewardship council to determine how to collaborate on data governance.

Selecting data governance models for your business

As tempting as it might be to pick a model and impose it on an organization, the reality is that most organizations need an adaptive, hybrid approach that fits their culture and existing people and processes. Selecting a data governance model involves balancing four key steps, according to Gartner’s Laurence Goasduff:

  1. Define a clear set of adaptive data governance principles: This involves deciding which principles can and should align with an organization’s existing culture.
  2. Establish accountability decision rights across organizational areas: It’s important to create clear responsibilities for each team and role and how they factor into the organization’s larger data governance objectives.
  3. Apply the right adaptive governance style to your business scenario: Adapting a governance model to your business ensures the right tools, procedures and supervisory expectations are in place for business goals.
  4. Sustain adaptive governance by basing your governance operating model on it: At an operative level, data governance focuses on applying change management principles and tactics to all data-driven work so operations align with data governance expectations.

By making data governance fit an organization rather than trying to force the organization to fit data governance, businesses will maximize their chances of success and minimize the chance of individuals or business units opting out of the burdens imposed by an overly authoritarian approach.

Disclosure: I work for MongoDB but the views expressed herein are mine.

Top 3 GRC Solutions

1 SafeBase Trust Center

Visit website

SafeBase is the leading trust center platform designed for friction-free security reviews. With our enterprise-grade Trust Center Platform, we automate the security review process and transform how you communicate your trust posture, ditching outdated 'security through obscurity' in exchange for transparency that helps you build customer trust, gain valuable insights, and elevate your security story.

Learn more about SafeBase Trust Center

2 Alyne

Visit website

Leading GRC tool powered by AI technology so your team never misses a red flag. From enterprise and third-party risk management to ESG and information governance, Alyne helps CISOs and risk professionals understand and assess risk, confidently implement compliance requirements, leverage and report on analytics for more risk-aware decisions, and drive 24/7, agile defense against threats. covering regulations: ISO 27001, SOC 2, SS1/22 & SS2/22, COBIT, NIST, CCAR, sr 11-7, DFAST, SOX, TRIM & More

Learn more about Alyne

3 StandardFusion

Visit website

Simplify GRC with StandardFusion's unified platform, integrating risk, compliance, vendor, privacy, policy, and audit management. Overcome complexity with scalable and customizable workflows, tailored for your needs while ensuring compliance amid evolving regulatory challenges including AI and privacy laws. Automate GRC tasks, protect data, and drive collaboration across departments for a seamless, future-proof strategy.

Learn more about StandardFusion

Subscribe to the Data Insider Newsletter

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more. Delivered Mondays and Thursdays

Subscribe to the Data Insider Newsletter

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more. Delivered Mondays and Thursdays