1University of Nevada, Reno Data-Driven Organization Governance

1

Governing a data-driven organization (4/24/2014)

Define governance within organizations. Understand the general activities of

governance. Define relative levels of governance “maturity”. Identify key aspects of data governance Discuss how an organization governs data.

Data-driven decision making is relative

Organizations are in various stages of using data to support organizational decision making.• Spans from standard accounting reports to

competing on analytics.

Organizations vary in data availability.• Internal silos to integrated data.• Internal only to integrated external and

internal.

Organizations vary in data understanding.• We have data??? to Data is an asset.

Organizations vary in analytical capability.

What does it mean “to govern”?

gov·ern v. gov·erned, gov·ern·ing, gov·erns • To make and administer public policy and affairs • To exercise sovereign authority • To control the speed or magnitude • To regulate • To control actions or behavior • To keep under control; to restrain • To exercise a deciding or determining influence • To exercise political authority • To have or exercise a determining influence

4

Corporate Governance

IT Governance

Data Governance

5University of Nevada, Reno Data-Driven Organization Governance

5

Governance Activities

What are the key activities in corporate governance? What are the key activities in IT governance?

Governance Artifacts

PolicyPolicy defines “what” the

organization must do or not do. They are the

principles/rules of an organization.

StandardsA standard sets a requirement

and/or creates a baseline

GuidelinesA guideline describes a preferred

approach with practical directions.

What do we need policies about?What is the goal of a given policy?What level of standards are necessary? How detailed should a standard be?What guidelines would be helpful?

Drives

7

IT Governance

DataInternal, external, structured, unstructured, purchased, free

ProcessOngoing work

ProjectShort term goals

PeopleStaff skills

TechnologyDBMS,

multimedia

ApplicationsERP, app software

FacilitiesNetwork, servers

8University of Nevada, Reno Data-Driven Organization Governance

8

IT Governance Frameworks

Information Technology Infrastructure Library (ITIL) Control Objectives for Information and Related

Technology (COBIT). Commonalities:

• Align IT objectives with business goals.• Provide list of general processes that must be

accomplished by IT organizations.• Provide metrics to evaluate efficacy of

processes.• Use maturity models to evaluate relative formality of processes.

9University of Nevada, Reno Data-Driven Organization Governance

9

Evaluating governance based on maturity level

“Maturity” evaluates the degree of formality and optimization of a policy/standard/guideline structure.

A maturity model:• Defines high and low levels of maturity.• Categorizes degree of maturity based on key

characteristics.• Describes steps that move an organization

from one level of maturity to another.

10

Why use a maturity model?Maturity

Model

Assessment• Describe the overall

environment.• Evaluate current state

of capabilities.• Consistently compare

evaluations over time.• Compare organization

to other organizations.

Improvement• Define and create a

path for progression.• Direct the potential

next steps.• Target priorities and

resources necessary for action.

Capability Maturity Model Integration (Carnegie Mellon Software Engineering Institute)

12

What are the key aspects of data governance?

Protect and Control:• Improve data quality.• Protect and safeguard data.• Assign ownership.• Understand the value of data and impact of loss.• Control change.

Make Useful :• Define data across the organization.• Integrate data from a variety of different sources.• Ensure data availability.• Enhance data accessibility.

Adapt and Change:• Encourage data use.• Facilitate ongoing data evolution and acquisition.

Data Governance

Initial Managed Defined Quantitative Management

Optimized

Protect and Control

• Manually maintain trusted sources.

• Inconsistent encryption and usage standards.

• Undefined ownership.

• Individual projects with formal security standards.

• ETL processes managed by project.

• Definition of organization security standards.

• Definition of ETL processes.

• KPIs are set and tracked.

• Security is centralized service

• Monitor risks across apps and dept structures.

• KPIs are compared against others.

• Proactive inquiry into potential threats.

• Experimentation

Make Useful • Inconsistent silo structures.

• No overall data definition.

• Data definition for internal data.

• Some integration.

• Data definition & integration across apps.

• KPIs are set and tracked.

• Eliminate bad usage.

• Research usage outside of org.

• Adapt best practices.

Adapt and Change

• No formal usage policy.

• Data identified for future purchase by chance/luck.

• Chaotic.

• Tacit agreement on ongoing use of data for decision making.

• Individual project management.

• Explicit agreement on use of data.

• Data identification and acquisition processes.

• KPIs are set and tracked.

• Understand trends in data usage.

• Encourage innovation and experimental usage of data.

How to govern data?

Governance artifacts: Policies, standards, guidelines. IT is all about the people. Organizational structure issues:

• Who is responsible for data governance?• Who will establish the policies, standards,

guidelines?• Who will encourage the policies, standards,

guidelines?• Who will enforce the policies, standards, guidelines?• How should data be managed across the enterprise?• Should “protect and control”, “make useful”, “adapt

and change” activities be handled separately?

16