Increasingly, the initial focus for good data governance – and a key foundation for data quality – is security, particularly with the global realities of cybercrime and the damage this can cause to reputations, customer trust and business performance.
Leaders also have to bear in mind financial penalties: in the UK, the Information Commissioner’s Office can issue fines of up to £500,000 per data breach, while the EU is bringing in new legislation from 2018 that could see firms fined 4% of their turnover (or €20m, whichever’s greater). UK MPs are also calling for pay to be docked if chief executives fail to prevent cyberattacks.
Ben Meade is a CIO level Interim Manager and change specialist who helps companies build frameworks for data governance and security. He says: “With big data, the cloud and the Internet of Things, organisations are creating more data than ever before. This data is getting harder to manage, easier to share and easier to lose as cybercrime grows and becomes more sophisticated.
“What I see a lot of companies do is hire a lower level manager or have their IT department handle it. But data – digital and physical – is becoming too integral to businesses; it needs to be in the DNA of your organisation.
Building a framework
Ben says that data governance and management must be part of the wider company strategy. Companies should start by carrying out an analysis of their current standards and where they want to get to. Have you got the right people, processes and controls in place?
The government runs a Cyber Essentials scheme to help companies protect themselves and provide a basic level of assurance. However, you may work in a sector that requires more stringent governance, or have customers who demand it, in which case you may need higher standards and assurance, such as those laid out in ISO 27001 on information security.
Once you know where you need to get to, Ben says you need a clear, simple framework that everyone understands. This has to be owned at a senior level. From this, you can build a programme of changes.
“You have to set out how you’re going to drive this forward,” he explains. “You may need to invest in some specialist people and you’ll need training that goes right down to the grassroots; the people who are handling data every day. The board must take an active interest in this and have a clear view of progress.”
Better governance leads to better quality
Not only does this structured approach give you better data governance, but it can also help you improve the quality of your data and overall business performance. “The first step is governance and security, which will protect you and your customers and help you win and retain business,” Ben explains. “But this process also gives you a better understanding of the quality of your datasets, where that data is held and who has access to it.
“This will help you to improve the quality of your data. Having a clear understanding of it can then feed into shaping your business, driving sales and better business performance. It will also give you a deeper insight into your customers, building greater loyalty and trust.
“Increasingly we’re seeing organisations trying to be more customer-centric and adapt faster to customer changes. And that’s what everyone aspires to.”
- Data security and governance needs to be owned at board level.
- Carry out an analysis of where you are and where you want to be.
- Implement a simple framework and adequately funded programme of change.
- Good governance gives you the foundation to own quality data that will drive your business.