From my many years of experience implementing data governance programs (and most importantly Non-Invasive Data Governance programs), I have noticed that there are several misconceptions around how to get started implementing a successful program.
The first misconception is that data governance programs are expensive and time-consuming. I have suggested (in the past) that there are ways to move forward with a data governance program without spending a lot of money or time (see “Data Governance and Dancing in the Rain” also in TDAN.com).
Another misconception is that data governance, on its own, must generate significant return or value rather than focusing on adding value in other areas. Wherever there is a call for bringing together disparate – some may call desperate – data, wherever there is a need for managing the risks associated with data, wherever there is a need for resolving data issues and improving data quality, there is a need for data governance. The recent article, “The Data Governance Test” also in TDAN.com, spells out eight specific areas where data governance can add value to the organization.
This brief article focuses on two distinct area where data governance can quickly and inexpensively support all eight of the disciplines covered in the test. These two areas are 1) communications and 2) awareness. This article introduces a simple tool that can be used to dramatically improve the planning around data communications, and improve awareness around data security and risk management concerns.
Data Handling and Communications
Data handling and communications typically plays a key role in the success of data governance activities at most organizations. Communications around the management of data will involve the ability to address the various audiences defined in KIK’s Data Governance Framework of Roles & Responsibilities (at the executive, strategic, tactical, operational and support levels). See past articles on the KIK Framework starting with Chapter 6 of the Stewardship Approach to Data Governance series in TDAN.com.
In order to provide effective communications on how the data should be handled, it will be necessary that someone within the organization has the responsibility to physically record or capture the rules that are associated with sets of classification coding. Typical levels of classification coding include highly confidential, confidential, public and sensitive data.
The sample diagram/matrix shown in Figure 1 depicts the potential audiences (across the top) for data governance communications and the types of communications that may add value to your organization (down the left side). The diagram provided is a generic version of a KIK Data Governance Communications Plan Matrix.
The intersection of audiences and types displays the specific types of communications that should be considered for the specific audiences. Organizations should consider using the following to help develop specific communications around the handling of data:
Audience: Clearly identify your audience. Who needs to hear? Who will be affected? Is the communication for an internal or external organizational unit (district, department, division, section, program, project); role (managers, project managers, stewards); responsibility (through the data management life cycle such as collecting data); or individual (where support from that person is particularly crucial)?
Message and Desired Action: Articulate what you want the audience to learn and what action they need to take. Consider what the audience cares about, such as what is changing, how they are impacted, and “what’s in it for them” if they support you.
Time and Communication Vehicle: How much time do you have available and what is your method of communication? Is this a 30-second “elevator speech,” a 3-minute status report at a team meeting, a 30-minute phone call, a 2-hour training session, a face-to-face meeting, a website article or a dashboard with metrics?
Role within the Data Governance Framework: What is the audience’s role within the data governance framework – executive, strategic, tactical, operational, or support?
Risk Management and Data Security Awareness
Improving risk management and data security awareness will also play a key role in the success of data governance activities at most organizations. Communications around the risks associated with the handling of specific data will also involve the ability to communicate data risk and data security issues and topics with the various audiences defined in the KIK Data Governance Framework of Roles & Responsibilities (at the executive, strategic, tactical, operational and support levels).
In order to improve how data risks are managed and improve awareness associated with data security concerns, it will be necessary that someone within the organization have the responsibility to physically record or capture the risks that are associated with specific sets of data and the data security precautions associated with that data.
The diagram/matrix in Figure 1 depicts the potential audiences (across the top) for the different data risk management and data security awareness communications items that are meaningful to the organization (down the left side). The diagram provided is (again) the generic version of a Data Governance Communications Plan Matrix© that should be used for data handling and communications as well as to manage the communications associated with data risk management and data security rules.
This brief article focused on one way to improve data communications planning and awareness around the handling of data as an important value add of a data governance program. This article introduced a simple tool, the Data Governance Communications Plan Matrix, that can be used to dramatically improve communications around data and awareness as well as data security and risk management concerns.