I asked several people recently if they had ever heard of “IT Data Governance.” The most common responses I received were “that is when the Data Governance function resides in IT” or “that is when you educate IT on their role in the Data Governance function.” These answers were incorrect but not entirely different from what I expected.
Everybody I asked focused on the traditional enterprise-wide business data discipline of data governance rather than the first two words of the term. If Big Data Governance is the governance of Big Data—and Metadata Governance is the governance of metadata—then IT Data Governance is the governance of IT Data.
What is IT Data? IT Data is simply the data or information that is required to operate IT as an efficient and effective business function. IT Data includes data about hardware, software, licenses, vendors, configurations, networks, incidents, storage / backup and project portfolios, just to name several areas. The list includes “anything that IT needs data about” in order to operate and support the organization.
There are frameworks and tools for managing all of this information. You may have heard of ITIL, formerly an acronym for Information Technology Infrastructure Library. ITIL is a set of practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business. [1]
You may have heard of COBIT (Control Objectives for Information and Related Technology) which is a framework for information technology management and IT governance. [2]
You may have been involved in the deployment of a CMDB (Configuration Management Database) which is a repository that acts as a data warehouse for information technology installations. CMDBs hold data relating to a collection of IT assets (commonly referred to as configuration items). [3] It is not like IT Data is new at all.
Data Governance, and particularly Non-Invasive Data Governance™, formalizes accountability for the management of data to address data definition, production and usage matters. IT Data, because of its lesser organizational focus, has matters that require formal accountability as well. From my experience the formal governance of IT Data has not been a priority or a consideration for the implementation of starter or established data governance programs.
The question is: How is your organization governing your IT Data?
All of the components of traditional data governance apply to IT data. These components include formal accountability, executing and enforcing authority for the data, process, roles, and decision making, to name a few. However, the business requirements for governing IT Data are somewhat different.
Requirements for governing IT Data differ in how the data is used, protected, reported and analyzed. Requirements differ as IT Data is typically “owned” or stewarded by IT (which is different in many ways from traditionally focused data governance). If the organization has “shadow IT” or “stealth IT” defined as IT functions outside explicit organizational approval and management, the problem of governing IT Data becomes more complex. Sound familiar? The same holds true for business data.
To gain requirements for governing IT Data, I suggest you ask the same question of IT people that you asked business people when defining the requirements for your business Data Governance Program. That question is “what can’t you do, that you would like to be able to do, because you don’t have the data to support doing it?”
You may be surprised by the answers you receive; you may hear that people want to track licenses across platforms, protect the data warehouse by monitoring application and database component changes, report total spend to a specific vendor when negotiating future contracts, identify and quantify technology risks associated with protecting customer information … In order for Information Technology to operate like a business, the IT Data must be governed.
I hope I provided you with an understanding of what I mean when I use the term “IT Data Governance,” the governance of IT data. Please share your understanding of what IT Data Governance means and how your organization is addressing this important and largely untapped facet of data governance.
[1] – https://en.wikipedia.org/ITIL
