The advent of secure cloud-based services has revolutionised the way businesses manage their data. Harkish Sen, CITP MBCS Senior Consultant at CGI, explains how the competitive edge for business lies in efficient digital transformation.

As the promise of technological capability and capacity grew, so did the demands of customers. The short-term fix to build on top of existing legacy systems was no longer a viable option given increasing operational and servicing costs. Cloud technologies now host physical hardware servers based in remote locations and can be virtually accessed from anywhere.

New services for example platform as a service (PASS), infrastructure as a service (IASS) and software as a service (SASS) are now staple offerings from IT cloud providers. Effectively, businesses can rent out servers, data centres and infrastructure without the need to physically house on the premises.

For businesses, this effectively removes maintenance charges off balance sheets. However, the maintenance savings are generally offset by the introduction of new computing costs. However, once transition from legacy to new technology has occurred, businesses face the next challenge...

Managing data governance

Data governance (DG) is now becoming the most important issue in IT. Without effective governance of data, people and businesses risk exposure to stiff regulation, adverse publicity and large financial penalties. Data has become newsworthy, not least because of the negative use of social media profiles, fake news and data profiling. Wider calls for transparency mean the government is now enforcing controls through stricter legislation.

Legislation (like the EU General Data Protection Regulations or GDPR) with stricter penalties is designed to change the way companies use personalised identifiable information. GDPR may be a catalyst for new legislative measures guarding against what might be considered unethical data profiling practices by businesses. Legislation and regulations provide effective compliance checks but only if they are enforced properly and effectively.

Although GDPR enforcement is just beginning, the impacts for organisations adapting to stricter regulations are likely to be just as significant. Indeed, the effects will be even more obvious for organisations that currently have no measures in place to manage the data governance landscape. The size of the company is not necessarily an issue. Here, the approach and methodology will apply equally to both large organisations and micro-sized businesses.

What is data governance, exactly?  

Like all technologies, the definition of data governance continues to evolve. Once considered to be based around technical data quality or information management, the term ‘data governance' has evolved into a myriad of different meanings and approaches.

Taking a punt to find a definition means using data governance as an umbrella term, bringing together many different data related functions, including technical, managerial, strategic, political, and legal approaches. Adopting an umbrella type approach may helpful in relaying the importance of data governance across an organisation. That said, there are a variety of definitions available depending on employee vantage points across each organisation.

At the senior level, the boardroom might consider data governance to be a technical IT issue and may struggle to see any relation between the daily operations of a company and managing data effectively. Of course, data has a role to play at the boardroom level, but this is usually in the format of facts and figures to ensure sound decision making.

At the other end of the organisation, those on the ‘ground’ may be solely focused upon the technical demands of their particular role. Invariably, the practical and physical aspects of business operations are prioritised above other issues, therefore it may be difficult to quantify data governance at this level.

Who is responsible for DG?

The challenge for many businesses, is to find a way to bring both board and operations together in a manner that makes sense and can be recognised throughout. This can be achieved by ensuring that the importance of data is recognised at all levels.

A practical way of achieving good data governance requires a number of different roles across senior, executive and operational levels to ensure data is regulated and managed effectively. In terms of specific data governance roles, these may include for example: Chief Data Officer - to manage the strategic direction; Data Management roles - that look to align data practices and processes in a unified way and data governance officers, that are embedded within operational functions to manage data matters on a daily basis.

The aim of data governance related roles is to help align technology, communication and people together in a more focused and balanced way. This, of course, is no easy task but the practical approach is to embed a system of data governance that captures and manages data in an efficient manner. Yet, some businesses struggle to agree upon basic operational definitions, let alone how to take a holistic approach to data. Without clear governance practices in place, companies risk creating inefficient data silos. Data silos will only impact negatively on the ability to manage and use information effectively.

Before starting a large undertaking of new data governance practices, a business must first understand its current state of health. Recognising how your business works first and foremost is key to creating a strong base for data governance. Establishing whether a business is 'data fit' means understanding whether the business has the right framework or data governance structures in place to ensure compliance.

Is your company ‘data fit’?

One way of assessing data fitness is to conduct a review of the company. For example, questions may be structured along the following lines:

  • Is the data governance system capable of managing challenges? Does the company have effective controls in place to adapt to potentially increased regulation across its businesses? This type of data fitness questioning might be challenging but helps to understand where a company might be, on its data governance journey.
  • In some ways, data governance, as a subject, can be summarised by asking a simple question. Who is affected by Data Governance? The answer is more direct - virtually anyone who comes into contact with data.
  • How can people and businesses prepare for data governance fitness more effectively? Using education, standardising processes and creating flexible policies that can adapt in changing environments.
  • How does data governance benefit from being fluid in nature? For example, does it have the advantage of being able to align with a business strategy or positively effect operational procedures? To meet the challenges of data governance, compliance and anticipate future legislative change, businesses will need to ensure they are ready to adapt now.

Beyond business, the data environment has changed dramatically. As a result of technology, data now wields incredible power and has become integrated into everyday life. Mobile technologies and the internet of things (IoT) now hold personalised identifiable information which grant companies deeper insight into their customers and behaviours. Alongside the conflicting demands for stronger data protection and greater transparency, the focus of data and its governance has become less operational and more politicised.

This is where creating a data governance function to support the business becomes essential. Moving forward, data governance in its present form is about exercising controls and growing best practices whilst balancing the need to encourage new developments in data and technology.