Blog

8 Data Governance Best Practices For Modern Organizations

Group of people sitting at a table in their office

With the average cost of a data breach surpassing $4M last year, it’s never been more important for organizations to optimize their data governance program. If you’re in the process of taking on this task, then you’re in the right place. This article is your guide to the most common, practical, and effective data governance best practices for modern organizations.

Jump to a section…

8 Data Governance Best Practices For Modern Organizations
    Start With Why
    Execute a Multi-Stage Communication Plan
    Understand Your Operating Model
    Emphasize Simplicity
    Prioritize Your Data Assets
    Get Visibility into Vendor Access
    Develop Your Governance Processes
    Quantify Your Progress
Data Governance Is Impossible Without Visibility

Learn more about how to keep you and your business’ information secure with the Symmetry Systems’ guide, What Is Data Governance?

8 Data Governance Best Practices For Modern Organizations

Start With Why

Developing a clear and compelling business case is the first step to developing an effective data governance strategy. This step entails understanding the benefits of your data governance system and translating those benefits into concrete numbers like bottom-line impact, work hours saved, etc. It also means breaking down the costs involved in the transition, the time commitment involved, and the potential risks. As elementary as this best practice may seem, it’s shocking how many organizations move ahead with projects whose goals are murky, risks undefined, or scope vague.

Back to top

Execute a Multi-Stage Communication Plan

No data governance initiative will succeed without a strong communication plan. The best plans break down the critical messaging and tailor it to the adoption process’s three phases: buy-in, education, and implementation.  

  • The Buy-In Phase: With your business case in hand, you need to meet with your organization’s key stakeholders and communicate your project’s essentials in terms that they care about. Each leader needs to understand how improved data governance will help them meet their goals. If you do this effectively, you’ll earn their support, unlock access to their resources, and increase the likelihood that the changes you’re advocating stick.
  • The Education Phase: Once you’ve got leadership’s approval, it’s time to communicate your message more broadly across the organization. So boil your system down and explain how following your recommendations will materially benefit each employee. If you do not have compelling reasons why everyone should adopt your system, they won’t.
  • The Implementation Phase: Regular communication is vital to turning your system from an idea everyone likes to a process they participate in. Whether it’s periodically reporting data governance KPIs or sharing the implementation status, you need to create a consistent story that people can track and get invested in to drive adoption.

Back to top

Understand Your Operating Model

Your operating model establishes your organization’s data governance structure, which could either be centralized or decentralized. A centralized structure consolidates data management under a single controller, while a decentralized structure spreads that authority across several hubs within the organization. Neither design is inherently better than the other: The right one depends entirely on the particulars of your organization, from its resources to its goals.

In addition to the data governance structure, your operating model also provides foundational guidelines around the organization’s data domains, delineates data governance roles and responsibilities, describes the relevant language, etc.

Back to top

Emphasize Simplicity

As you work to improve your organization’s data governance system, it’s essential to focus on simplicity. The more complex your policies are, the more KPIs you have, and the more procedures you create, the less likely it is that your system will work.

Remember, your aim with this project is not perfection: It’s real-world impact. Your system’s success largely depends on people — many already overloaded with both information and responsibility — so do your best to demand as little of them as possible. It’s one of the best ways to increase the probability your project will positively impact your business.

Back to top

Prioritize Your Data Assets

While a perfect data governance system would account for all your organization’s information, you’re much better off taking an 80/20 approach as you work to get your initiative off the ground. The 80/20 principle dictates that 20% of the work will get you 80% of the desired results, which, in this case, means starting with the most important data assets will get your program well on its way.

If you don’t narrow your focus early on, you risk building an overly complex system that takes forever to roll out and sputters when you turn on the ignition. Instead, recognize that not all your business’s data is created equal and develop your system around managing the most critical assets. You can always work outward from there once you get a viable version up and running.

Back to top

Get Visibility into Vendor Access

As the recent breach of a third-party Okta support provider indicates, having a robust vendor management access management strategy is becoming increasingly critical In today’s cloud-based, remote-work world. So make sure your data governance standards, processes, and tools provide comprehensive visibility into and control over the relationship between your business’ data assets and outside organizations. If Okta had deployed a Data Store and Object Security (DSOS) solution like Symmetry Systems ahead of the breach, they would have been alerted to the potential issue and shut down the vendor’s access before the compromise occurred.

Back to top

Develop Your Governance Processes

One of the most challenging aspects of a data governance program is its ongoing nature. Once adopted, there is no end date — so you’ll need to develop a host of governance processes that ensure your program continues to improve over time. This step means fleshing out your use of automation, issue management system, reporting process, feedback methodology, etc. Finding your footing here takes time, so be patient with yourself and your organization. It will be impossible for you to navigate the trials and errors of successful adoption without it.

Back to top

Quantify Your Progress

Once your system has been implemented, you must track its progress against the goals you outlined in your business case. Like many of the data governance principles in this article, the importance of measurement is widely known and accepted. But there’s often a significant gap between what people know they should do and what they actually do, especially when it comes to actively holding themselves accountable.

Don’t fall into that trap. Are you aiming to boost access, improve data quality, or increase profitability? Whatever your stated outcomes are, do your best to find real data that captures how the initiative is fairing. Even in the worst-case scenario, the objective presentation of the facts will earn the respect of many in your organization — and give you a great shot at righting the ship.  

Back to top

Data Governance Is Impossible Without Visibility

From understanding your operating model to tracking your progress, this article has outlined eight best practices that IT teams should keep in mind as they develop or improve their data governance. The linchpin of any data governance program, however, is data visibility. Without a direct line of sight into an organization’s data landscape, building the processes that protect and manage those assets is impossible.

Symmetry Systems DataGuard is a DSOS solution that builds a comprehensive risk mapping of every data store and object across a company’s entire IT infrastructure — on-premises, cloud, hybrid, etc. — and their access records. This solution enables IT teams to spot vulnerabilities, identify policy gaps, and shore up their governance program so they can dramatically reduce the probability of a breach. Contact our team today to see how DataGuard could enhance your data governance program.