Information Sharing Depends on Data Governance
Over fours years after the September 11th attacks, federal government agencies are still struggling to improve their ability to share timely and accurate information about potential terrorists and
threats with the appropriate authorities to prevent future attacks. The 9/11 Commission just issued poor marks on the federal government’s progress. This article explores the powerful role data
governance can play in enabling information sharing. The examples in this article are from federal agencies, but the basic tenets of effective data governance presented here are equally applicable
to state and local agencies and even private sector enterprises.
Data governance is the proactive management of data and information assets to enhance mission performance. Data governance focuses on enterprise data and specifies what it means, where it should
come from, who wants it, who can have it and when, who can change it and when, and who absolutely shouldn’t have it. Data governance ensures that these data-focused questions are asked at the
appropriate times and answered by the “right” people. The “right” people are those who have a thorough understanding of the data, the laws and policies that drive the data, and the agency’s
use and purpose for the data. They are the people who should be authorized and accountable to provide the answers from an enterprise-wide, not a parochial, perspective.
Absence of Data Governance Impedes Information Sharing
For decades, many federal agencies chose not to deal with the challenges of proactive, strategic, enterprise-wide data management. Instead, they focused on developing and deploying functionality in
large-scale application systems, many of which replicate, duplicate, and even imprison data in system-specific stovepipes. It’s common knowledge that these data prisons have made the sharing of
vital information an extremely complex and difficult challenge. Data governance can provide the key to unlock existing data prisons and prevent the creation of new data prisons to enable
information sharing.
Without effective data governance federal agencies and their data stakeholders can not be confident that the data and information being shared is current, correct, relevant, secure from
inappropriate use, yet readily available to those who should have it to take timely and appropriate action.
You would think that federal government departments and agencies would naturally embrace governance practices because that is, in fact, what they do – they govern. The fact is that the opposite is
true when it comes to data governance. Awareness of what data governance is and why energy or resources should be invested into the establishment of data governance has been slow in coming to many
federal agencies.
On the other hand, those agencies that do “get it” are making great strides realizing significant benefits. The following are two examples.
Federal Agency Examples
Federal Agency Example 1
The managers in the business program areas of this organization recognized the need to address risks and issues they were facing because of their inability to effectively share data and
information. They established a robust data stewardship program with empowered stewards from each of the program areas with authority over one or more data subject areas. These data stakeholders
are organized into working groups of business data stewards who collaborate to manage data within their assigned data subject areas in the best interest of the enterprise as a whole. They define
the enterprise data, establish information security categorizations, define business rules, and maintain the Enterprise Conceptual Data Model from an enterprise perspective. These collaborative
working groups are supported by operational data stewards who are subject matter experts in one or more “slivers” of the enterprise’s data. The strategic data stewards who set the strategic data
direction are organized into a steering committee with one representative from each organizational component. The steering committee chair is elected on a rotating basis for a 6-month term. The
information technology organization provides technical and administrative support to facilitate the activities of the data stewards. For example, the data stewardship facilitators in the IT group
facilitate data stewardship interactions in the investment management and system development life cycle processes, populate and maintain metadata repository, document and promulgate the data
stewardship policy decisions, provide data stewardship orientation and training and communications, and maintain the Enterprise Data Architecture model content, provided by the stewards, in an
automated tool. The data governance decisions are made through touch points that have been inserted into existing processes to ensure that enterprise data considerations are addressed during the
investment management, information technology project planning, and system development processes. This agency is about 5 years into its data governance model and has received industry recognition
for its program.
Federal Agency Example 2
This agency was undertaking a major effort to modernize its information systems and recognized the opportunity they had to design and standardize the data in the modernized environment to enable
better sharing, reuse, quality, and security. This agency chose to implement data governance, including data management policy, data stewardship, and consistent processes to ensure that decisions
considered the potential impacts on the data assets and their ability to reach their data management goals in the modernized environment. In addition, this agency included outreach to its external
data stakeholders as part of its formal governance processes.
The following paragraphs highlight the characteristics these two, and other agencies that have been successful with data governance, have in common and the improvements data governance is making in
their ability to share information.
Common Characteristics of Successful Data Governance
Data Governance should be business-led. Data governance is most successful when accountability for making key data management decisions is embraced by those on the
business side of the agency. When those performing mission functions understand that defining data and business rules and determining who should have access to agency data is primarily their
responsibility, the agency is well on its way toward success with data governance.
Data policy and data stewardship form the foundation for data governance. Clear, unambiguous data policy and a solid data stewardship program combine to form the
foundation for effective data governance. A good data policy should succinctly and clearly specify the data principles that the organization values and strives to uphold. Each agency should have
formally identified data stewards who understand the operational use of the data and who are accountable for managing data throughout its life cycle within the agency. These data stewards should be
structured within a formal framework that promotes collaboration and communication among all data stakeholders.
Successful Data Governance depends on and reinforces strong partnerships between business data stewards and the IT planners and implementers. In successful programs roles
and responsibilities for data-related decisions and issue resolution are clear and well understood. This clarity and understanding draws upon and reinforces effective business-IT partnerships.
Good communication and outreach facilitates effective data governance. Transparent communications is one clear indicator of effective data governance. This means that
communications between the stewards and IT personnel happen naturally and seamlessly, as part of the natural way of doing business. Further, focused outreach must be done to raise awareness and
educate everyone in the agency as well as agency data stakeholders about the data governance practices.
Data Governance touch points must be incorporated into key business practices, including business planning, information technology planning, investment management, and application
development practices, to ensure that enterprise data impacts are considered and accommodated in making IT and business decisions. These touch points represent the process component
of data governance. They are the decision points inserted into existing IT management processes to ensure that impacts on enterprise data are considered as IT investment, planning, and
implementation decisions are being made. It is through these touch points that opportunities for data integration, sharing, reuse, and data privacy and information security protections are
identified and leveraged for the good of the overall enterprise. These touch points prevent the creation of new data prisons.