One of the first steps organizations take when preparing to deliver a data governance program is to determine where in the organization data governance should be placed. Or in other words, who should own data governance? There are typically two schools of thought: either “the business” should own data governance or IT (Information Technology) should own data governance. I answer the question of who should own data governance with a simple one word reply. My answer is…“Yes.” The responsibility to administer or lead data governance must reside somewhere.
This article attempts to answers the questions of where data governance should reside in your organization and who should have the responsibility for assuring that a program is successful. The typical answer to the question is that “the business” should own the discipline. This answer is very vague. Are we talking about the financial part of the business or the risk management part of the business? Are we talking about the operations part of the business or the marketing and sales part of the business? There are many facets to the business. Maybe we should be more specific.
“The responsibility to administer or lead data governance must reside somewhere.”
Many organizations position data governance under the Chief Financial Officer (CFO). Other organizations position data governance under the Chief Risk Officer (CRO) or the Chief Operational Officer (COO). In addition, some organizations position data governance under the Chief Privacy Officer (CPO) or the Chief Information Security Officer (CISO). These days there are so many C-levels.
Placement of data governance under any one of these C-level people is never wrong. Data governance must reside somewhere and having a C-level person as your Executive Sponsor is always a good thing. In fact, many organizations state that senior leadership’s support, sponsorship and understanding of data governance is the number one best practice for starting and sustaining their program. Having a C-level person as your Executive Sponsor often dictates where data governance will reside in the organization.
Is it better for data governance to be placed in Finance and report through the CFO than it is to have it reside in Operations and report through the COO? The answer to that question is, “It depends.” It depends on the interest and ability of that person and that part of the organization to provide for the proper level of capacity in terms of resources to operationalize and engage the organization. There is no single area of the business that deserves to always own data governance. The correct part of the organization is any part of the organization that understands the need for the governance of data, and who will support and sponsor the activities of the individuals or group that have responsibility for administering the data governance program.
“Having a C-level person as your Executive Sponsor is always a good thing.”
More about that individual or group in a moment.
Announcing a new two-day virtual live course on How to Build and Implement a Non-Invasive Data Governance Program, taught by Bob Seiner, that will take place on December 14 & 15, 2020. Download more information here.
If data governance does not reside in “the business,” the other place for it to reside is in IT or under a Chief Data Office (CDO). The CDO is sometimes positioned under the Chief Information Officer (CIO) and sometimes the Office of the Chief Data Officer stands alone. Again, there is not a right or wrong answer to how the organization should be set up. The positioning of the data governance program sometimes influences where the CDO is positioned. And sometimes it does not.
There are industry experts that claim that if data governance is positioned in IT or under the CIO that the program is doomed for failure. I am not one of those people. I have seen several organizations demonstrate success with their programs under the top guidance of the CIO. A trait that these programs share is that data governance is not put in place for IT’s purpose or with IT as the sole owners or stewards of the data. Data governance must be a shared responsibility of business people with business knowledge of the data, and of technical people with technical knowledge of the data and the information systems and data resources.
There are some industry thought-leaders that state that data governance should be positioned under a Chief Analytics Officer (CAO). This makes sense for some organizations, however, at the time of writing this piece, only a limited number of organizations formally have a person in the CAO role. I state again here that it matters less where data governance resides than it matters that the level of support, sponsorship and understanding of the Executive Sponsor and leadership is substantial enough to encourage and give credence to the definition, development, and delivery of the program.
“It matter less where data governance resides than the fact that it resides somewhere.”
No matter where in the organization your data governance resides, it is best practice that a person or a group of people in that part of the organization administer the program. If it is a group of people, they are often called the Data Governance Office or Data Governance Team.
Many organizations, especially in the beginning, initiate their program with a single person that has responsibility for directing the governance activities. In fact, some organizations struggle to provide the single person and make the role of administering the program a percentage of a single person’s responsibility.
In most cases, a resource dedicated to managing the program is 1) necessary to demonstrate to the organization that management is committed to moving data governance forward and 2) necessary to provide ample attention to gaining requirements, designing, and developing the program, and incrementally rolling the program out into the organization. Experience has shown me that many organizations will not add people, and thus capacity, to the running of the program until the strategic level is convinced that the program is heading in the right direction and that the approach is well thought-out and supported.
“Resources are not added to the administration of data governance until the strategic level is convinced that the program is heading in the right direction.”
The role name often given to the person responsible for the data governance program is the Data Governance Manager, Data Governance Lead, or (my suggestion) the Data Governance Administrator (otherwise referred to as the DGA). This role is typically responsible for managing all organizations-wide data governance activities and has the responsibility for reporting the results and status of the program to the strategic level. The position focuses on establishing and ensuring adherence to an enterprise data governance framework for data policies, standards, and practices, both at the enterprise and business function level, to achieve the required level of data quality, data protection and availability of data to meet overall business needs.
The DGA most often serves as a point of escalation for governance, data quality and availability issues and works closely with business and functional leadership to improve the availability and value of core data assets and respond to operational, tactical, and strategic requirements. The DGA does not own the program. The organization owns the program. However, the DGA plays a critical role in demonstrating early value from the data governance program while reporting into the executive sponsor mentioned earlier in the article.
The question of who should own the organization’s data governance cannot be answered in the same way for every organization. Where the program resides and who has responsibility for administering the program are both key questions that must be answered early in the program development phase. data governance best practice indicates that somebody must steer the data governance ship while reporting to a part of the organization that is committed to the activities required to be successful.
“The data governance program will not deliver itself.”
I say often that the data and the metadata of the organization will not govern themselves. The same hold true for the program. The data governance program will not deliver itself, must be placed in an appropriate part of the organization, and allocated the appropriate resources necessary to develop, build, communicate, sustain, and grow the activities of governing data.
Announcing a new two-day virtual live course on How to Build and Implement a Non-Invasive Data Governance Program, taught by Bob Seiner, that will take place on December 14 & 15, 2020. Download more information here.