The importance of data in corporate firms, state-owned entities and non-governmental organisations cannot be overemphasised.
We maintain our awareness of our nation’s shift towards a Knowledge-Based Economy as well as the global blurring of physical, financial, sociological and digital boundaries birthed by the Fourth Industrial Revolution. It is consequently crucial for governance designates, often in this instance Chief Executive Officers, Boards of Directors, and Chief Information Officers, to fully comprehend both the inherent and manifest value of data within the organisation.
Respecting always that data generally relates to the collective information pertaining to the organisation and its operations, the concept of data governance itself then entails the management of the actual presence, utility, integrity, and overall security of this collective information within the organisation. Data governance is not a realm meant specifically for the firm’s Information Technology department. It is, in essence, a multi-level consideration that requires the application of the minds of those with governance responsibilities in the institution. In this light, its significance warrants a brief investigation of some fundamental data governance facets.
The first of these facets is the impact that data (and the governance thereof) has on three aspects – cost, revenue and risk, collectively termed ‘financial risk’. Where this impact is concerned, Chief Information Officers and Internal Auditors may ensure that the Board as well as other organisational actors are aware of how data can affect the organisation from the perspective of a wide range of elements related to finance and risk.
Revenue-focused aspects impacted by (and simultaneously dependent on) data may include, for example, income source identification opportunities as well as optimisation of product and/or service pricing. Cost-related features could include an analysis of operational and maintenance costs as well as the existence of duplicate and redundant data which would require elimination. Where risk is concerned, organisational actors within the governance regime could consider compliance to data regulation as well as auditing and reporting, to name a few.
The second point of focus relating to data governance would be value quantification. Just how valuable does the organisation consider its data to be? If there is cause for concern, identification of value enhancement measures of the data would be warranted, which would position the organisation to attain augmented value. The perspectives of value in this instance vary from organisation to organisation, with corporates possibly considering profits whilst state-owned entities may place emphasis on the satisfaction of the recipients of the public goods they offer. Non-profits with specific societal goals may consider value from the perspective of their contribution to the environment and perhaps, their impact on overall community development. A data/value marriage can then be developed and maintained in this regard.
The identification of data sources and internal data owners is the third fundamental facet for governance designates to consider. Where exactly does the organisation’s data come from? Where the data is sourced externally, are the sources dependable and trustworthy? If sourced internally, how confident are we in the capability of collectors? Another avenue is the Internet, wielding its own benefits and detriments. Having collated the organisation’s data, it must be made clear exactly who will take ownership of particular types of data within the organisation so as to ensure that it is not misused, misinterpreted or misrepresentative of the organisation, which would potentially result in overall brand damage and disrepute. Here those involved in the data governance mechanism may decide on the different data subsets that fall under the purview of varied business units or organisational segments, ordinarily termed data stewards.
A fourth and final facet requiring attention is accessibility. Accessibility is closely related to the privacy and security of data. Appreciating always that varied business functions have diverse data requirements, it is important to outline who has access to particular data elements and to what extent. There may be differences in the ability or permissions to alter or manipulate data for organisational actors at different levels of the organogram. Officials with this responsibility must ensure a full organisation-wide understanding of access and permissions. Here, the sensitivity of various data elements informs access, privacy, and authority. Data governance must guarantee the safeguarding of information and prevention of data loss and leakage.
Overall, it must be remembered at all times that data governance is a crucial consideration within the governance regime of the organisation. It is furthermore advisable for governance designates to consider the formation of a data governance framework in which they would define roles and responsibilities and in which they would also express pertinent policies and procedures. This would inform the formation and implementation of high-quality data-driven decisions that would undoubtedly yield ample value for the organisation and its stakeholders.
The views and opinions expressed in this article are those of the author, Dumisani F. Ntini – Governance and Strategy Practitioner. Contact dntini@governancegroup.org.
