Without a Data Governance Strategy

What happens to an organization if it does not have a data governance strategy (DGS)? Most organizations are only now considering establishing one, but those that do not have a DGS may be experiencing the following problems:

1. Redundant data. Each application creates its own database, often with the same base data, such as customer and supplier. The databases are not only redundant, but also, the data was created differently, it had different edits, different filters, different timing factors and different naming conventions. The data may be on different platforms, different and incompatible database management systems and different operating systems. Some of the data might be on an enterprise resource planning (ERP) system such as SAP while other data might have been developed in house. This all means wasted storage, greater hardware expense and far more code that must be created and maintained. The reasons for the redundancy are manifold, including pressure on time to deliver, political issues, relationship issues with the owner of the original data, potential performance and availability issues, the way the developers are being measured and compensated, and not even knowing that the other data exists.
2. Unclear understanding of who owns the data.Without a clear understanding of who owns the data, some data will be fought over for the rights to determine meaning, security and performance requirements, and some data will remain an orphan. This means that some data is exposed to misuse, performance and availability problems, and security issues.
3. Results are based on different definitions and different calculations.Everyone in IT has been faced with reconciling inconsistent reports. Management hates it when they have two different reports with results that don’t match. It may be that one report has gross sales while the next report includes returns, but the heading just reads “Sales.” One monthly report that uses the last day of the month as the 31st, the 30th and the 28th (or the 29th on leap year) while another that uses the last Friday of the month will have different results, making everyone crazy. While there were good reasons to initially use the last Friday when that report was created, no one considered the resulting problems when the two reports needed reconciliation.
4. Data quality issues. Without a data quality program, the quality of the data will either be unknown or suspect. When users don’t trust the data, they will spend an inordinate amount of time verifying their results, sometimes against other data that is also suspect. Without a data quality program, you will be delivering bad data, both for operational and business intelligence. This means unhappy users, fleeing customers, bad decisions, wasted money and neglected opportunities.
5. Compliance may be compromised. Without a DGS, it’s unclear how an organization can represent itself as being compliant for health care (HIPAA), for the financial industry (Basel II) or for any company that reports to the Securities and Exchange Commission (Sarbanes-Oxley). A DGS includes a metadata repository that should address all of the data-related requirements for each of these compliance mandates.
6. You don’t have a means to properly categorize your data. Not all data has the same requirements for performance, availability and security. If you have not included this categorization process in your DGS, you are wasting effort and money on data that is unwarranted, and you are not giving the proper attention to the truly important data.
7. You don’t know what to outsource. While you may consider this to be a good thing in the form of job security, at least consider the reasons for outsourcing. Maybe your costs were too high (see number 1). Maybe management was sick of hearing explanations for inconsistent reports (see number 3). Maybe the top floor would like someone else to take the problem off their hands and lower their costs. But maybe a data governance strategy can be used to your advantage as you attempt to keep most of the important work in house. Starting with ownership, it’s unlikely that the data owner will be outsourced, and by establishing a solid data ownership and stewardship program with the data owner understanding his or her authority and responsibilities, the owner would be unlikely to authorize the important, mission-critical applications and data being housed anywhere but close to home. Next, let’s consider compliance. Your DGS will incorporate all the requirements for validated reporting and documenting processes. The outsourcing organization has compliance down to a gnat’s eyebrow, but the compliance work would not be done under your organization’s control, and that control is critical for true compliance.

Without a DGS, your organization is clearly in trouble. You may have addressed one or two of the components of a DGS, but without the components that are the most important to your organization, you will waste money, constantly deal with data-related problems and be continually exposed to having your work outsourced.