By definition, data governance requires collaboration between various departments, including IT, legal, compliance, and business units, not to mention data and analytics teams. Collaboration is necessary to ensure that data is managed effectively and in accordance with organizational goals and legal requirements. Developing a data governance framework is the first step in managing data effectively.
Who should be responsible for data governance in a large company?
In larger companies, data governance becomes considerably more complex. Generally speaking, there is a greater volume of data being collected and processed, a greater number of data sources, which can often interact, overlap, and conflict with each other, a greater number of teams managing the data, and a larger number of users with varying levels of permissions and access requirements. This requires a strong set of systems, processes, and rules to manage, all of which must be documented. For more details, read our guide on why you need a data governance framework.
Due to all of these complexities, data governance at larger organizations typically requires a greater number of participants and engagement. Data teams should not be the sole owners of data governance due to its broad scope which requires varying levels of expertise across topics both directly and indirectly related to data, and across other subject matters. No single department should own data governance, due to its cross-functional nature; instead, a data governance committee should be formed with representatives from legal, compliance, IT, data management, data science, and business teams. This helps provide coverage across the broad scope of needs and influences of data governance.
Who should be included in a data governance committee?
Data governance leader: the committee needs a manager who is ultimately accountable for the overall data governance program. This person coordinates activities, reviews data governance strategy and KPIs with the team, and can be a final decision maker when required. In some organizations, a Chief Data Officer is responsible for overseeing the overall data strategy, including data governance. The CDO typically plays a central role in aligning data governance with business goals and ensuring that data is treated as a valuable asset.
Data owners: these are often leaders or executives with the organization. Their scope goes beyond that of data stewards, and they play a more strategic role. They determine how data should be used to align with the organization's goals and objectives. Data owners are involved in defining data strategy, setting priorities, and making decisions about how data should be collected, stored, and utilized to benefit the organization. This can include visibility and involvement with the data warehouses the company uses.
Data stewards: these individuals are accountable for specific areas of data. They are accountable for the quality, security, and compliance of data in those specific areas. For example, one data steward may be responsible for customer data, while another is responsible for supply chain data. In highly complex organizations these roles may need to become even more specific. Ultimately, however, this is a more operational role which manages day to day governance issues with their respective data.
Data Management Teams: These teams are responsible for data maintenance, quality assurance, data integration, and data architecture. They work closely with data stewards and data owners to implement data governance practices.
IT Representatives: those responsible for implementing technical aspects of data governance, such as access control, data security, storage, and data management.
Legal and Compliance Experts: they ensure that data governance practices align with relevant laws and regulations.
Data Users: Employees who access, use, and share data are also responsible for adhering to data governance policies and best practices. It may be important to include some users on the committee in order to ensure that the data governance frameworks fit with the ways they need to use the data.
Compliance and Legal Departments: These teams ensure that data governance practices align with relevant laws and regulations, including data protection and privacy laws.
Data Auditors and Quality Assurance Teams: Responsible for regularly auditing data governance practices to ensure compliance and data quality.
Data Privacy Officers (DPOs): In organizations subject to data protection regulations like GDPR, DPOs play a critical role in ensuring data governance practices align with privacy requirements.
Who should be responsible for data governance in a small or medium sized company?
In a small organization, the structure for data governance may be simpler than in larger enterprises, but it is no less important. As with larger organizations, data governance on smaller teams still requires different skill sets, including legal, business, and tech teams.
There are a few key roles which are similar to data governance committees at larger organizations, although all of the depth and breadth of these roles may not be as intensive due to a smaller set of requirements.
First, the data governance committee still needs a manager, although this can even be the business owner or CEO for smaller teams. It’s important to have someone from leadership represented, to ensure that the data is used and governed in a way that furthers the company’s business objectives, and to make sure that data is used strategically in the organization.
At least one data steward is still necessary to manage day to day aspects of the different data sets and managing data assets. In a small company, it may be helpful to have the data steward work with other staff to help fulfill these responsibilities. IT personnel are still required to manage access levels, technical aspects, and more. They can help with data security, access controls, and data management. They work closely with the data steward to ensure that data systems and processes align with governance policies.Data users can play a greater role in data governance at smaller companies; it’s important to ensure that the voice of the end users are heard, and they can help shape the data management and governance process in a way that helps them use data in their day to day roles.
Finally, given all of the privacy and security considerations when working with customer data, supplier data, and more, there should be a representative from legal as part of the data governance committee. In small organizations without in-house counsel or legal expertise, a qualified outside expert should be brought in to help with these areas. This is especially true for industries with specific compliance requirements.
In small organizations, the key to effective data governance is simplicity and clarity. Roles and responsibilities should be well-defined. While a small organization may not require the extensive infrastructure and committees that larger enterprises employ, a structured approach to data governance is still critical to maintaining data quality, security, and compliance. Small organizations can have an outsized advantage through proper use of data analytics, and can develop data warehouses for small businesses. In many cases, there may be efficiencies leveraging a smaller organization, as it can bring data users as well as other types of employees closer to the data, build analytical capability within the organization, and evangelize the use of data for decision making.