Does your company have operating policy that focuses on the management and governance of data assets? If you do (have a Data Management Policy) – Ask yourself the following questions … Who wrote it and who is responsible for keeping it up to date? How is the policy accessed or used? Who approved the policy, who supports and enforces it? Do staff members (both technical and business) know that the Data Management Policy exists? What does the policy state? Is someone mentoring your staff on what it means to adhere to the policy and making certain that the policy is followed? There are so many questions and there is so little time.
If you cannot answer these questions – the chances are that your organization’s Data Management Policy either doesn’t exist or it isn’t very effective. The same can be said about Data Governance (“the execution of authority over the management of data”) in your organization. Either both of these statements are true or your organization may be one of “those” organizations that question the value of, or whether or not there is a need for, such a policy. Your organization may or may not think you need one, but I am here to tell you that the Data Management Policy is a cornerstone of governing enterprise data assets.
From my experience I can also tell you that Data Governance & Data Stewardship Programs, Enterprise Data Architecture Programs, Meta-Data Programs, Business Intelligence Program … or you might say – Data Management Programs in general – are much more effective if they are supported by an enforced Data Management Policy. The statements that make up a Data Management Policy can explicitly outline the understanding of the “Chiefs” and the requirements coming from your Top Executives for governance and accountability for the management of enterprise data.
Simple policy and guideline statements, like the samples listed below, are valuable talking points to use with Senior Management. Data Management Directives, proposed by a Data Management group, are a great way to take Senior Management’s temperature on the value of data management to the organization. Practical and pragmatic statements, again like the samples below, will likely appear sensible to novice and experienced Data Management Professionals for inclusion in a Data Management Policy.
Senior Management may ask “aren’t we doing these things already?” If they ask that question, take advantage of the opportunity to tell them why a Data Management Policy will be an enabler to governing and stewarding the data assets of the organization, and how – without the policy – chances are good that enterprise data will never be governed.
In many organizations, the Chief Information Officer (CIO) and other Senior Management can demonstrate their understanding of the importance of data management discipline and accountability by either authoring or standing behind (supporting) staff-written directives that will be used to govern and enforce data standards, stewardship and procedures put in place by the Data Management function. Without Data Management Policy, Guidelines and Directives firmly in place, there is always the potential that business areas and departments within the organization will question the commitment to the changes that will be required to implement an enterprise (or even a departmental) data management function.
I am including below a brief list of simple statements that your organization may want to consider for inclusion in a first draft Data Management Policy. If you can get your Senior Management to stand behind these principals, that is a great first step toward the development of an effective Data Management or Data Architecture Program, or the improvement of an existing Data Management Function.
Data Management Policy Statements
When creating your organization’s Data Management Policy / Guideline Statements, consider including statements like –
- “Enterprise” Data is the Property of Enterprise and is not “Owned” by Any Individual or Business Unit – Data (both structured and unstructured) and the meta-data about that data are business and technical resources owned by fill your organization’s name in here. “Enterprise” data includes, but is not limited to – shared (or potentially shared across business unit) data about managed entities, interests, finances, employees, resources, customers, providers, business affiliates, best practices, operating procedures, etc. All employees must recognize that the proper management of strategic Enterprise data is critical to the success of the organization.
- Enterprise Data Must Be Modeled – All strategic Enterprise data shall be modeled, named, and defined consistently (according to standards) across the business divisions of the organization. Every effort must be made by management to share data across divisions, and not to maintain redundant data without justification. Originating business stewards of data must recognize the informational needs of downstream processes and business units that may require said data.
- Enterprise Data Must Be Maintained Close to Source – All Enterprise data shall be created and maintained as close to the source as feasible. Data quality standards shall be managed and applied actively to approved reliability levels of Enterprise data as defined by the business units.
- Enterprise Data Must Be Safe and Secured – Enterprise data in all electronic formats shall be safeguarded and secured based on recorded and approved requirements and compliance guidelines. These requirements are to be determined by the business stewards of the Enterprise data. Appropriate backups and disaster recovery measures shall be administered and deployed for all Enterprise data.
- Enterprise Data Must Be Accessible – Enterprise data and information about that data (meta-data) shall be readily accessible to all, except where determined to be restricted. When restrictions are made, business stewards of the Enterprise data are accountable for defining specific individuals and levels of access privileges that are to be enabled. Information Security will be responsible for the implementation of proper security controls.
- Meta-Data Will Be Recorded and Utilized – All Enterprise information system development and integration projects will utilize the defined meta-data program for data naming, data modeling, and logical and physical database design purposes. Data Management is responsible for developing plans to capture and record specific data administration-focused meta-data consistent with the defined meta-data program.
- Data Stewards Will Be Accountable for Enterprise Data – Individuals and management recognized as business definers, producers, and users of Enterprise data will be designated “Data Stewards”. Data Stewards are those individuals ultimately responsible for the definition, management, control, integrity or maintenance of a departmental or Enterprise data resource. All Data Stewardship information will be maintained as a form of meta-data and will be made available to the department through on-line accessibility.
- Data Stewards Will Be Accountable by Job Description – Individuals designated as stewards will have specific Enterprise data accountabilities (such as data definition, data production and data usage) incorporated into their job descriptions.
Data Management Policy, by itself, CAN NOT change your organization’s ability to manage data. Data Management Policy, by itself, CAN change your organization’s philosophy toward managing data as a valued enterprise asset. Only when Data Management Policy is approved and supported by the Senior-most Management, can organizations truly start taking steps toward governing and stewarding its data assets.