Data, through its effective management, ensures the survival of the company, especially considering the abundance of regulations in the public and private sectors and more so for banking and financial services organizations. The increase in storage capacities with the Cloud, the rise of BI and AI have allowed to convert this data into information that can generate business and strategic value. The centralization of data within a company allows the provision of global information for its strategic orientation. However, the quality of data is often impacted when it comes to centralizing it: different names for the same data depending on its origin and the absence of a common taxonomy for the company impact integration efforts.
Organizations have implemented fragmented approaches (by business unit/department) to manage their data. They should however be treated on a larger scale. It is important to understand that there is no one-size-fits-all solution that will meet the needs of every organization. A data governance program that works well in one case may not work in another. Many public or private organizations have already addressed these issues and find themselves at different stages of development. There has been quite some learning along the way and this experience could help organizations which are in their early stages or have lost their way in the process.
Initiatives are ongoing at European Union level establishing a legal framework to facilitate the voluntary sharing of data, without however setting out new rights or modifying existing rights in terms of access and use of data (“Data Governance Act”) and establish harmonized rules on access and fair use of data (“Data Act”). These future legal acts concern the public and private sectors of the European single market. Specifically, the Data Governance Act would deal with the accessibility of public sector data for re-use, the sharing of data between companies (against payment), the use of personal data with the help of a “personal data sharing intermediary”, and the use of data for altruistic purposes. The Data Act, for its part, would deal in particular with access to and use of data by consumers and businesses, the use by the public sector of the EU of data held by businesses in certain situations (e.g. in the case of public emergencies), and the development of interoperability standards for data intended for re-use between sectors.
Data governance promises to help organizations take a holistic approach to managing data and overcome consistency issues. Data governance is the formal orchestration of people, processes, and technology to enable an organization to leverage data as a business asset.
The best data governance meets seven principles. First, it is important that governance be carried by a sponsor who provides leadership to all data governance initiatives within the company. This is the principle of sponsorship. The organization should also have a data governance committee whose role is to lead the adoption and compliance of data management controls and procedures. The principle of ownership implies that the company defines in a clear and documented way the roles and responsibilities for the data management. Data consistency is ensured throughout the company by clearly defining and communicating data standards and policies. The monitoring principle makes it possible to establish procedures for tracing, analysing and reporting data compliance with the standards and data policies defined within the company. Change control is the principle by which the organization puts in place a procedure to evaluate, approve and communicate changes to data standards and policies. Last, but not least, is support from the executive. All business leaders need to be engaged and aligned with data governance initiatives.
In organizational terms, data governance consists of the sponsor (leadership role), the data governance board (steering role), and the stakeholders who execute and operationalize data governance.
A “data-centric” approach to governance
Rapidly accelerating technological evolutions, the recognized value of data, and increasing knowledge of these data are changing the meaning of the term “data-centric”.
Data are embedded in every decision, interaction, and process: Organizations are able to make better decisions and automate basic day-to-day activities and decisions that occur regularly. Employees are free to focus on more “human” areas, such as innovation, collaboration and communication. The data-driven culture facilitates continuous performance improvement to create truly differentiated experiences for both customers and employees.
The provision of data is approaching a “real-time” model: the way data are generated, processed, analysed and visualized by end users is radically transformed by new and ubiquitous technologies. Advanced analytics tools are reasonably accessible to all organizations as the cost of “cloud computing” continues to drop and more powerful “in-memory” data tools come online.
More flexible databases allow data to be integrated and ready to use. Although data proliferation is fuelled by unstructured or semi-structured data, most usable data today are still organized in a structured way using relational database tools. An unstructured model should be preferred as the first level of storage, such as NoSQL databases, for example, allowing data to be organized more flexibly and accelerating the development of new AI-driven capabilities.
Data should be considered as a product: they are used by internal teams or external customers; they should be managed by dedicated teams to integrate security, evolve data engineering (for example, to transform data or continuously integrate new data sources), and implement tools for access and analysis. The “data product” is constantly evolving to meet consumer needs (continuous integration and delivery model). Overall, these products provide data solutions that can be used more easily and repeatedly to address various business challenges and reduce the time and cost of delivering new AI-driven capabilities.
The mindset of organizations has totally shifted towards treating privacy, ethics and data security as mandatory competency areas, due to changing regulatory expectations such as data protection (GDPR). Efforts in this area should be common across the entire organization and included in governance. Overall, they allow organizations to build greater trust in both the data and the way they are managed, ultimately accelerating the adoption of new services based on these data.