Data Governance Plans Many Companies Don’t Have One

Forty-four percent of companies don’t have a formal data governance policy, and 22% of firms without a data policy have no plans to implement one. That’s one of the key findings of a recent data governance survey conducted by Rand Secure Data, a division of Rand Worldwide.

Rand’s 2013 Data Governance Survey included responses from 454 organizations regarding the state of their in-house data governance policies. Survey respondents included representatives from well-known private and public-sector enterprises, including Disney, Motorola, Shell, the City of Los Angeles, and the University of Virginia.

The report makes it clear that data governance, such as a set of enterprise-wide processes for managing data archiving, backup, and e-discovery, isn’t new to large organizations. But the number of respondents who said their company lacks a formal data governance policy is surprisingly high.

Some survey respondents said this lack of planning could have unwanted consequences. “If we don’t get a decent data governance strategy and acceptable data governance statutes in place over the next two years, we will face the risk of losing data, losing control and track of data, and lawsuits,” one respondent wrote.

The survey showed a vastly different level of involvement in the sub-regions of data management. For instance, more than 98% of respondents said their organization has a backup program in place, with 95% reporting backups of all data regularly.

But there seems to be considerably less interest in e-discovery and managing stockpiles of data in case of litigation. Just over a third of respondents said their organization couldn’t “easily produce” data for discovery, and the same percentage said they couldn’t “prove the integrity” of data in the event of ligation.

The survey also found a strong link between the participation of C-level executives in creating a data governance policy and the success of data management within the enterprise. In fact, when the C-suite is either “very” or “extremely” involved, the organization is three times less likely to “experience complete data loss or a data audit failure,” the survey found.

The report concludes with four recommendations:

1. Organizations should develop a formal data governance policy or reevaluate their current plan. “This survey shows that no policy is flawless, but continually working to improve your policy can only increase the value your organization derives from its data.”
2. Develop a “cross-functional approach” to data governance. Solicit input from everyone in your organization, from C-suite executives to IT managers, corporate counsel, and end-users. Once the data policy is in place, you should instruct employees on how to contribute to and benefit from the plan.
3. A data governance policy should comply with the organization’s legal and regulatory requirements. Since different types of data have different retention period requirements, you should know what those requirements are and find ways to meet them.
4. Keep an eye open for new technology. With the growth of Big Data, AI and Blockchain, data governance should be reliable, scalable, and efficient. Consider new technologies that help you reach your data management goals.