Data Governance and Compliance Explained
By Matthew Simmons
Understanding the 5 W's of data - who, what, where, why, and when - is undoubtedly crucial. Organisations also ought to consider 'the H' - how your company will use data and information.
Developing a data framework by creating policies and procedures will assist you in managing your data more effectively. Let's discuss the ins and outs of what this data framework can look like practically within your company.
Data Governance Framework Factors
There are a number of factors to consider within your data framework, such as:
- Data Classification: the process of sorting data into categories based on type, content, and metadata.
- Data Ownership: the possession and responsibility of information.
- Data Quality: this refers to how well a dataset meets criteria for accuracy, completeness, reliability, relevance, and timeliness.
- Data Security: the process of protecting digital information against unauthorised access.
Companies should also implement training for everyone accessing their data so that they fully understand the relevant policies and procedures. You should also consider the Metadata included in all data assets, which can enhance and enrich the ability to categorise and classify your data assets.
What are the common challenges organisations typically face regarding data governance and compliance?
Lack of awareness of data governance expectations
In general, we see many companies who do not know where their data is and who has full access to it. Training around the classification of data, such as sensitivity labels, is not often provided, so when the majority do not understand what should be classed as confidential, they are unlikely to categorise this correctly.
Governance and Compliance, a "Blocker" to productivity
Quite often Governance and Compliance is seen as a negative role within a company and a “Blocker” to getting the job done. In actuality, governance and compliance can be one of the greatest revenue saviours by reducing liability and fines.
This limited stakeholder buy-in along with a lack of a comprehensive Data Governance Strategy severely limits what a company can then do, even if they do understand where and what their data is. Additionally, there is often a lack of resources as well to get the job done effectively.
The aftermath of neglecting data governance and compliance
In multiple industries, we are seeing increased regulation and more robust regulatory bodies bringing more audits and fines, especially in the event of a data breach. The current record fine is held by Meta, the owner of Facebook, with their 2023 fine of 1.2 billion euros from the Irish Data Protection Commission. These fines are not just impacting Social Media companies though, with the likes of H&M incurring 35M euros in 2020, British Airways incurring 22.4 million euros in 2019 and Uber incurring 10 million in 2023.
Creating your data governance strategy
Drafting an effective data governance strategy is a baseline for any organisation that works with digital data, and will explain how your business benefits from consistent, common processes and responsibilities. Business drivers highlight what data needs to be carefully controlled in your data governance strategy and the benefits expected from this effort.
This strategy will be the basis of your data governance framework, which includes your data lifecycle management as well. Our Data Governance guide provides a step by step breakdown to support you in creating a robust data governance framework.
Diagram depicting data governance framework guide to creating a robust approach to data governance and compliance
Data Governance
Keeping things as simple as possible, data governance is a set of principles and practices that ensure high quality through the complete lifecycle of your data.
Access your data governance guide
What is Data Governance, and Why do we need it?
Data Governance with Microsoft Purview
Get visibility, manage data securely, and safeguard all your data across platforms, apps and cloud environments.
Ready to speak to an expert?
If you have any questions about data governance, management or compliance, or you're ready to start a project then we're here to work with you.