Data Governance is not Data Quality
Published:
Content Copyright © 2017 Bloor. All Rights Reserved.
Also posted on: Accessibility
Data governance is a term without an authoritative definition. In practice, it tends to be used in one of two ways: as either the overarching process by which data assets are managed to ensure trustworthiness and accountability, from policy creation all the way through to actually ensuring that data meets those policies; or as specifically the highest level of said process, the one at which decisions are made and policy is created. In order to avoid confusion, I will refer to the process mentioned in the first definition as the ‘data governance process’ and the highest level of that process – the second definition – as ‘policy creation’. Clearly data quality and data stewardship are both part of the data governance process. From the second definition, it is equally clear that they are not part of policy creation: data stewardship and data quality are fundamentally concerned with the implementation of policy. It is also apparent that data quality and data stewardship form two thirds of a whole, missing policy creation. This is not so obvious working from the first definition, although of course it is no less true. Unfortunately, its prevalence has contributed to some companies believing that data quality and data stewardship – or even data quality alone – comprises the entirety of the data governance process.
Although the importance of effective data quality and data stewardship solutions has been recognised and adopted by a large number of organisations, corresponding solutions for policy creation have not, at least not to the same degree. Consequently, there are a vast number of tools for addressing data quality concerns, but only very few for policy creation. It’s not difficult to see why this has come about: as the highest level in the data governance process, policy creation is a collaborative management process that relies on data stewardship for its implementation, which itself relies on data quality products, to implement the policies it creates. Data quality has been an issue for years – decades, even – but it’s only relatively recently that it’s become popular to address it formally. The concern, then, is that many companies will end up with a partially formed data governance process, not because of any sort of informed decision-making, but because they are unaware that policy creation solutions exist. This is exacerbated by the fact that many data quality and data stewardship vendors will market their products as data governance, implicitly using the first definition outlined in this paper. Although as discussed this is not strictly false, it is also not telling the whole truth: they may be part of the data governance process, but at the same time they are hardly a complete solution. Furthermore, it is notable that none of the leading tools designed to support policy creation have been developed by data quality vendors.
Policy creation is untilled soil. Only a small handful of products exist, and they are, by the nature of the market, innovators. Conversely, data quality and stewardship tools still have essential roles to play in the data governance process, but for the most part they have little new to offer – data quality products, in particular, have all but become commoditised. The bottom line is that data quality and data stewardship without policy creation is only a partial solution: a complete data governance process requires all three.
Comments are closed.
I think you identify a serious problem, as proper data governance is more-or-less essential these days, because of (amongst other things) GDPR; even if GDPR really doesn’t affect you, without good data governance, how do you prove it?
I agree that “Policy creation is untilled soil” too. But I’m not sure that you always need technology tools to create useful policies, as your last policy implies. If you see the need for policies, then you can create them manually, in a hierarchical way. The top levels (“The firm commits to implementing the spirit as well as the letter of the GDPR regulations”, perhaps) can be subject to continual improvement (perhaps my example is too explicit and badly worded) and they can form a framework for the design of low-level coded solutions, if the lowest-level explicit data policies are missing (as, in a manual policy environment, they probably will be, but if you have good, motivated, developers, you may not need them).
What you do need, in my opinion, are “good governance” and “continual improvement” cultures – and only once you have that, do you need tools. High-level governance policies may be enough: in a mature organisation, “just enough” policy automation tools will follow, along with appropriate data quality and data stewardship tooling.
In an immature organisation, without either “good governance” or “continual improvement” cultures, all bets are off – even if you spend lots of money on good “data wrangling” tools…
Just an opinion, but one based on years of observing “fools with expensive tools” 🙂
First of all, thanks for the comment and the opinion. I agree that you don’t need tools to create useful policies. However, I would argue that for a large or even moderate sized organization, policy tools make things much easier, particularly for enabling collaboration on policy creation as well as ensuring and, as you rightly mention in the case of GDPR, proving your policies are being followed. I also agree that the right corporate culture is integral to good data governance. But how do you go about changing your corporate culture to be more oriented towards governance and continual improvement? While I am aware of the dangers of giving someone tools they’re not ready to use, my suspicion is that good policy backed up by good policy tools – when implemented properly and, more importantly, gradually – would be much more effective at doing this than good policy without support.