Data Governance framework, based on relation with Corporate governance & IT Governance
Updated: Mar 4
One of the initial data governance frameworks, developed by Cheong and Chang (2007), focuses on overcoming organizational challenges, i.e, reactive management of data issues such as availability, standards, and difficulty obtaining consensus on such issues. After the collapse of Enron in 2001, Sarbanes-Oxley (SOX) Act of 2002 was enacted and requires compliance for publicly traded American companies. From then on, executives of publicly traded companies are held accountable for the credibility of their financial reporting. Further, underlying data serving the financial reports have to be managed and governed to ensure consistency, integrity and accuracy.
SOX compliance had brought about the introduction of Control Objectives for Information and Related Technology (COBIT) as the generally accepted framework for IT auditors to assess SOX compliance. A successful COBIT framework depends on the quality of the underlying corporate data. This is supported by research, which states that “data quality is the hidden assumption behind COSO”. The data governance framework is therefore needed along with IT governance for effective data management.
a. Corporate data quality plays a crucial role in determining the success of IT Governance.
b. Another noted part of the framework is the suggestion around IT Governance council and the Data Governance council reporting to the members of the corporate governance council. However, it’s yet to be proven such a hierarchical relationship between data, corporate, and IT Governance council is effective.
Figure-1: Relation between corporate, data & IT Governance
c. The strength of the research lies in the method chosen, namely, a case study of data governance implementation. The limitation is that it’s a qualitative study within one organization, and is not a longitudinal study. It defines roles, responsibilities, and accountability, along with organizational bodies, policies, standards, and processes, as well as required technology.
d. Moreover, the research establishes that formal data governance and collaboration are crucial to have an impact on organizational outcomes. Formality in data governance has been stated to be achieved by policy, however, the mechanism for establishing continuous communication for collaboration can make this effecient. A formal framework would require planning for stakeholder communication as a major component.
e. A lot of consideration has been given to IT personnel's perspectives on data-related issues. The ownership of data in today's organizations is attributed to business divisions, which means that the business issues associated with data in either board-level decision-making or customer service issues can be considered in perspective.