Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Data governance 2.0: Adapting to a new data governance framework

Data governance 2.0, an updated enterprise data governance framework, brings challenges and opportunities. Henry Peyret of Forrester Research details.

Companies are collecting more data on the behavior and sentiment of customers than ever before. They use multiple...

partnerships into what Forrester Research Inc. calls a data economy ecosystem, which involves four distinct roles: data originators (fidelity and payment cards, sensors, social networks), data aggregators (Acxiom, Bluekai, Experian, Rapleaf), data analyzers (Adobe Marketing Cloud, Acxciom, Buxton, Rapp) and data clients (retailers). As of now, these four roles are mostly delivered by different companies, but going forward, this data economy ecosystem will fuel a transition to adaptive intelligence, where data is collaboratively sourced, updated and shared between partners to produce insights that can help form the complete picture about customers.

There will be certain data that your company owns but will not have the right to use.

The challenges of the data economy are huge and are changing the dimensions of data governance. Enterprises need to collaborate and share information about customers, but they also need to share rules, ethics and processes between companies participating in the ecosystem. To address data governance at an "ecosystem" level, an updated name -- data governance 2.0 -- reflects that change of dimensions.

In this tip, we'll explain how companies should view this new framework for data governance, from shifting objectives to the changing nature of employee and partner collaboration to, ultimately, customers deciding what they would like to share.

Data governance 2.0 explained

To lay some groundwork for this emerging data governance framework, let's first consider the Forrester definition for data governance 2.0: "An agile approach to data governance focused on just enough controls for managing risk, which enables broader and more insightful use of data required by the evolving needs of an expanding business ecosystem."

Today, data governance is taking care of data collection and aggregation. But depending on the role of data within any given enterprise's business model, new conversations on topics such as data usage may emerge. For example, when a stock trader uses private information that should only be used when it is made available to the public, the trader is guilty of insider trading, and standards (such as Basel III) and enforcement agencies (such as AMF in France or SEC in the U.S.) regulate and control these behaviors. Similar scenarios will crop up throughout various sectors of the data economy; there will be certain data that your company owns but will not have the right to use.

Current data governance programs are based on a maturity assessment against a fixed list of subjects, such as naming data stewards. Data governance 2.0 may eventually mature and stabilize, but for now, the objectives vary because new data usage scenarios materialize as new business opportunities are discovered. At the same time, new threats -- particularly in regards to bad data usage (e.g., ethics infringement or privacy) -- will introduce new data governance objectives and activities: for example, trying to avoid a lower e-reputation by establishing strict ethical rules around using or reselling personal data or behavior.

For several years, IT pros involved in data governance have attempted to convince somewhat reluctant business executives that they should be in control of data governance decisions. It's easy for business leaders to think this is only a technical issue and let IT establish the semantic meaning of data or navigate the multiple regulations around data. In the future, though, business leaders -- from the chief marketing officer to the chief people officer (and increasingly their operational employees), through the chief risk officer and the communication officer -- will be immersed in data and its usage, and they will increasingly see the need to establish pragmatic and easy-to-comply guardrails for their operational employees. Guardrails establish, for example, that after two marketing email deliveries without an answer, there is no need to send another one which will annoy the prospect.

Pragmatic and easy to use will come to the fore as managers discover that their operational team is making numerous decisions using powerful tools, but that the team is not controlled under  laws and regulations, internal or external ethical rules, or even guardrails . A further complication is that data usage tools -- available, for example, in self-service BI environments -- lack sufficient controlling capabilities. At the same time, they are becoming increasingly powerful.

Finally, data governance 2.0 requires more collaboration throughout the enterprise. Answers to emerging challenges won't come from managers trying to control or regulate these empowered employees (e.g., data scientists or customer intelligence professionals) individually. Instead, under a data governance framework, managers should emphasize collaboration among employees; though they should not focus solely on typical peer-to-peer collaboration, which falls down when, for example, a trader mentors another trader but they share a similar mindset. Rather, managers should involve other parties within or outside their company to reflect other viewpoints. This collaboration should be a consistent process to review changing global trends in data governance. As a result, the enterprise can learn from its errors, debrief employees on their good and bad decisions and convert these lessons into guardrails.

With data governance comes data value at less risk

These changes in the data economy are creating new data governance challenges for enterprises. Businesses must come to grips with shifting objectives and new user roles (for example, a new European Union regulation under discussion actually requires every company with more than 250 employees and based or acting in the European market to name a data protection officer), along with emerging data usage. But for forward-thinking enterprises that embrace this new framework, plenty of opportunities will emerge to leverage data in new ways with risk mitigation, particularly around image, brand and reputation risks.

About the author:
Henry Peyret is a principal analyst at Forrester Research Inc. serving enterprise architecture professionals.

This was last published in October 2013

Dig Deeper on Data security strategies and governance