Data governance is at the heart of data management. It concerns all agreements and rules of the game of data management with which you determine, among other things, how you want to use all data, what your objectives are with it, how you guarantee its quality, and how you arrange data security.
Without clear rules about data processing, your data will be inconsistent, lack quality, and run risks of security breaches and non-compliance with laws and regulations. Suppose you want to take care of all these challenges when you start with a data-driven approach in your organization. In that case, it is essential to set up a Data Governance Framework which is also continuously maintained and updated.
This post shows you how to set up a Data Governance Framework, starting with the first two of the five pillars in this Framework. My next post will discuss the other three pillars of the Data Governance Framework.
What is Data Governance?
Data governance manages the availability, usability, integrity, and security of the data used in an organization. It involves establishing policies, procedures, and standards for acquiring, storing, managing, using, and archiving data and ensuring compliance with relevant laws and regulations. Data Governance is essential for ensuring that an organization’s data is accurate, reliable, and protected from unauthorized access or use. You do this by setting up policies, procedures, and standards that govern the entire data lifecycle. All these policies contribute to your Data Governance Framework. Your Data Governance Framework should have the following pillars:
- Data Quality Management
- Data Access Control
- Data Retention and Disposal
- Data Security
- Data Compliance
Data Quality Management
Data Quality Management establishes processes to ensure that your data is accurate, complete, and consistent and have different disciplines.
Data Validation
Data validation is checking that data meets specific requirements or constraints before being entered into a database or system. It ensures that data is accurate, complete, and consistent. You validate data in the following ways:
- Syntax checking. You verify that data conforms to a specific format or structure, such as a date in the correct form or an email address with the proper syntax.
- Range checking ensures that data falls within a specific range of values, such as a number within a particular range or a date within a specific range.
- Lookup checking verifies that data matches values in a reference list or table. For instance, you can check if a product code exists in a product catalog.
- Contextual validation secures that data is appropriate in the context of other data. You do this, for instance, by checking that a date of birth is not in the future or that a salary is not lower than the minimum wage.
- Business rule validation verifies if data meets specific business rules or constraints, for example, if a customer’s credit score is within a particular range.
You can perform data validation at different stages of the data lifecycle, such as entering, updating, or using data in an application or report. It can be done manually or using automated tools, such as regular expressions, to check data syntax. By using data validation, organizations can ensure that their data is accurate and consistent, improving the quality and effectiveness of the applications that use it.
Data Cleansing
Other terms for data cleansing are data cleaning and data scrubbing. Data cleansing is identifying and correcting a dataset’s inaccuracies, inconsistencies, and errors. You use data cleansing to improve the quality and consistency of your data and to ensure that it is accurate and reliable. You can use data cleansing in your organization in several ways.
One way is to use data standardization. Data standardization converts data into a consistent format. You can convert, for instance, all dates to the same format or standardize all names and addresses.
With data deduplication, you remove duplicate records from a dataset, such as multiple records for the same supplier or product. Data deduplication is also a handy tool for cleaning up your data.
Another indispensable tool is the process of data validation. Data validation verifies that data meets specific requirements or constraints, such as checking that a date is in the correct format or that a number falls within a particular range.
Data imputation helps you fill in missing or incorrect data, such as using a default value or estimating the value based on other data.
Finally, data suppression is the last tool in your data cleansing tool. Data suppression removes irrelevant, sensitive, or confidential data from a dataset.
You can perform data cleansing regularly, such as monthly or quarterly, or as needed, such as when a new dataset is acquired or when you implement a new system. You can do data cleansing manually, using spreadsheet software, using specialized data cleansing tools, or you can automate data cleansing by using data cleansing software. By using data cleansing, your organization can improve the quality and consistency of its data, improve the effectiveness of its applications, and help organizations make better decisions based on the data.
Data Monitoring
By using Data Monitoring, you regularly review and assess the quality and performance of data to identify and address any issues or problems. You do this to ensure that data is accurate, reliable, and consistent and meets your organization’s needs. There are a few monitoring disciplines that can support you in this process.
One of these tools is quality monitoring. With quality monitoring, you review your data’s accuracy, completeness, and consistency and correct it in case of any issues.
Data performance monitoring assesses the performance of your data and the systems that use it. Examples are checking slow response times or data bottlenecks.
Another valuable and essential tool is compliance monitoring. Compliance monitoring reviews data and data processes to ensure compliance with relevant laws and regulations, such as the GDPR (General Data Protection Regulation) or the HIPAA (Health Insurance Portability and Accountability Act). By actively monitoring and preventing non-compliance, you mitigate the risk of hefty fines.
The last monitoring tool you have is the security monitoring tool. With this tool, you review data access logs and other security-related data. An example is an intrusion detection system to prevent unauthorized access or use of your data. You do this type of monitoring often in collaboration with your cybersecurity department. Using data monitoring, your organization can ensure that its data is accurate, reliable, and consistent and meets its needs. It also allows you to quickly detect and address any issues or problems with data, which can help minimize any negative impact on your organization.
Data Access Control
Data access control is a security measure that regulates who can access and view specific data and under what conditions. You implement a policy of Data Access Control because you want to protect all your sensitive data from unauthorized access or use. Data Access Control has a lot of similarities with “regular” access control policies, implemented and safeguarded by an ICT department, which is why you should involve your ICT (network) department in this process: you don’t have to reinvent the wheel.
The first and most crucial step is establishing a robust user authentication system. A user authentication system verifies the identity of users before you grant them access to data, such as using passwords, biometrics, or multi-factor authentication.
While at it, set up a user authentication system based on a role-based access control (RBAC) structure. RBAC grants access to data based on a user’s role or job function, such as allowing HR employees to access employee data but not financial data.
In addition, you should implement a rule-based access control system. Don’t confuse rule-based access control with role-based access control. Rule-based access control grants users access to data based on specific rules or conditions. Examples of this are allowing access to data only during certain hours of the day or when connected to the company’s network.
Also, make sure to segment your data into certain discretionary levels, allowing users or administrators to set up access control rules for specific data or groups of data. This process is called discretionary access control.
Finally, make sure to set up access control lists. In an access control list, you create a list of permissions attached to an object, such as a file, specifying what users or groups have access or have denied access. Make sure to periodically audit this list thoroughly and take action in case of discrepancies. You can implement Data Access Control at different levels, such as the network, application, or database. You can do this manually or through automated tools such as identity and access management software. By using data access control, organizations can protect sensitive data from unauthorized access or use and meet compliance requirements such as data privacy regulations. It helps organizations to control who can access and view sensitive information and helps to prevent data breaches and unauthorized access.
Final Thoughts
You use Data Governance to establish structures and determine your data standards, vision, and strategy. And you determine who. It involves establishing and enforcing policies and procedures for managing data and assigning roles and responsibilities for data-related activities and decision-making. Data governance aims to ensure that data is accurate, consistent, and compliant with relevant regulations and policies. You use this to support the organization’s goals and objectives. Which responsibilities for this
In my next post, I will discuss the other three pillars of the Data Governance Framework, Data Retention & Disposal, Data Security and Data Compliance.
Feel free to contact me if you have questions or in case you have any additional advice/tips about this subject. If you want to keep me in the loop if I upload a new post, make sure to subscribe, so you receive a notification by e-mail.
