An effective data governance strategy is essential for business’ due to the increasing importance of data and imposition of various data regulations. This strategy ensures that the right policies, processes, technology and people are in place to effectively manage the organisations data, while complying with legal and regulatory requirements.
There is no getting away from compliance such as the Protection of Personal Information (PoPI) Act, and it forms a vital element of a sound data governance plan. The combination of national regulations set out by the South African government for business’ in general, and various legislations that apply to certain industries are compelling companies to comply. If a business is affiliated in any way with an international company, they are likely required to comply with international data regulations, too.
However, as compliance with data regulations is a requirement to conduct local and international business, and with data becoming increasingly integral to business and not just an IT matter, it becomes less of a compliance issue and more of a business concern.
The businesses ought to familiarise itself with various regulations and understand which of these apply to them. From there, they can select which processes and policies apply to them, as well as ensure they choose a technology that aligns with their compliance needs while delivering the best business benefits.
Data governance for business
The most crucial element of a data governance strategy is the motivation for developing one in the first place. While a comprehensive data governance strategy is important for legal compliance, it also makes good business sense. The ability to protect, access, use, store and leverage data for business purposes is key, and should form the foundation of any solid data governance strategy.
It’s important that the strategy provides the business with the appropriate process to identify important data and facilitate the management thereof in the most efficient and cost-effective way in the long-term. The data must be easily accessible, whether on-premise, in the cloud or offline, over the retained period.
The business should also be cognisant of what data is being stored in order to know how to govern it. This enables the business to choose the right data governance, compliance consultant or specialist, ask the right questions, and derive the best business benefit from their strategy.
From an IT perspective, it’s important to take a long-term view to ensure the proper storage, management and data access is catered for. Data infrastructure should also enable the business to use their retained data in order to garner valuable business insights and attain additional business value.
Creating a sustainable and effective data governance strategy requires input and collaboration across all departments of the business. Although IT plays a vital role in providing the infrastructure, data governance is not an IT decision and must be driven from top of the organisation (the C-suite), based on business requirements.
Treating data governance as a “grudge” initiative and doing only the barest minimum in order to comply is a short-sighted view. A data governance initiative without an obvious business benefit is perceived as a financial drain on the company, and the business loses the opportunity to leverage the data for its own benefit.
A good data governance strategy will avoid silos and ensure that the entire business is integrated into the retention and management process. Working in silos could cause the company to overlook the crucial data that they have, for example on their laptops or at branch offices, and not include this in the data governance and compliance process.
Data Governance for the win
Not all data is created equal and not all data needs to be kept, regardless of it seeming like the easiest way to comply with regulation. As data expands, the storage requirement, along with the associated infrastructure prerequisites, management requirements, power and cooling and all other resources needed to retain the data, become increasingly costly and complex.
Developing effective, comprehensive data governance is not just about regulatory compliance. Organisations should incorporate and execute a strategy that delivers business value while ensuring data is accessible, protected and compliant.
By Mike Rees, Territory Account Manager for South Africa, Commvault