How to Develop a Data Governance Policy
Do you have a data governance policy for your association? In this post, we'll discuss why data governance is important and what your policy should include.
Why You Need a Data Governance Policy
Data is an asset, just like cash, buildings, and people. Just like other assets, data requires strong, consistent management.
When we neglect data, the results aren't pretty - you get data quality issues, conflicting information, and confused staff who don't know how to get answers. The result is lower quality data that causes mistrust and frustration. Staff turn to other means -- intuition, politics, and tradition -- when it's not easy to make data-guided decisions and that can cost your organization.
Data governance is a cross-functional management activity that, at its core, recognizes data as an enterprise asset. A data governance policy will ensure that your association is treating data as an asset.
Developing a Data Governance Policy
Data governance policies can be authored by an internal team. Although, you may want to consider hiring an outside consultant if you have a large amount of data and data systems and/or would like a third party partner to provide an objective perspective. Here's a 10-step process to developing your own policy.
- Communicate the value of data governance internally to business users and leadership. If your organization doesn't currently have data governance, you may need to establish a business case. Consider the cost of the current situation and also the possible savings if your organization had data governance.
- Build a Data Governance Team. An internal team can help manage data governance and help ensure cross-departmental support.
- Assess the current state of data governance in within IT departments and business operations.
- Determine roles and responsibilities. A RACI chart could help you map out who is responsible, who is accountable, who needs to be consulted, and who should be kept informed about changes.
- Establish expectations, wants, and needs of key stakeholders through interviews, meetings, and informal conversations. This serves two purposes - you get valuable input but it's also an opportunity to secure buy-in.
- Draft your policy and ask key stakeholders to review it and endorse it.
- Communicate the policy to all stakeholders. This could be a combination of group meetings and training, one-on-one conversations, recorded training videos, and written communication. Remember to consider other's learning and communication preferences when selecting how to communicate.
- Establish performance metrics and a way to monitor adherence to the policy.
- Review performance regularly with your data governance team.
- Keep the policy fresh. Regularly review your data governance policy to make sure it reflects the current needs of the organization and stakeholders.
What Your Data Governance Policy Should Include
Unsure of what to include in your written Data Governance Policy? There are a number of factors to consider when developing a data governance policy and ensuring that data governance is adopted at a cultural level. Here's an outline of a policy that you can adapt for your organization.
- Goals - Establish overarching goals for each area below. Establish performance metrics so you can evaluate success.
- People - Define the key data-related roles throughout the organization. For every data system, identify the data stewards who manage data as a corporate asset and focus on data quality; the data owners who have decision-making authority and define data quality standards; and the IT staff who provide technical support and monitor compliance. Consider using a RACI chart for this section.
- Data Inventory - Inventory and document all data sources. Regularly review the inventory to include new sources and remove old sources.
- Data Content Management - Identify purposes for which data are collected. Communicate purposes to staff and customers. Review collection policies regularly.
- Data Records Management - Develop and adhere to policies that define how records should be created, maintained, and deleted.
- Data Quality - Assign responsibility for data quality to appropriate staff. A data steward should perform regular audits to ensure quality.
- Data Access - Define permissions and who has access to what systems.
- Data Security - Define policies around data security, sharing of data, access to data. Include a risk assessment in this section that indicates the risk and the probability of risk occurrence.