Data Governance

High­quality data are a basic requirement for companies today (Hildebrand, Gebauer, Hin­

richs, & Mielke, 2015, p. 269). In customer relationship management, the importance of high data quality has grown steadily. The data quality in the enterprise contributes to the increase of customer satisfaction. Customer data must exist and be available (Hildebrand et al., 2015, p. 270). Another example are the legal requirements. The requirements and guidelines that companies must comply with are constantly increasing. The company is obliged to provide proof and the company must be able to disclose the required data at any time (Hildebrand

et al., 2015, p. 270). These problems can often be attributed to a lack of concepts and an increasing complexity in data management (Hildebrand et al., 2015, p. 270).

Definition Data governance is fundamentally related to IT Governance. IT governance regulates the alignment and control of IT in the company. Data governance is responsible for managing the company’s digital data (Weber, Otto, & Österle, 2009). Grosser (2013, p. 2) defines data governance as follows: Data Governance is the sum of the people, processes and technologies needed to manage and protect a company’s data assets in order to guar­

antee universally understandable, accurate, complete, trustworthy, secure and discoverable corporate data.

The domains of data governance can be derived from this definition.

Figure 2.7 Domains of Data Governance

The figure 2.7 shows the different domains of data governance. Data governance defines standards and is responsible for their maintenance. It is also responsible for the classification of data. Data protection is another topic. The data in a company must be stored securely and the data protection guidelines must be adhered to. Data governance continues to regu­

late the lifecycle of data and is responsible for data quality. The departments draw up the measurement rules in order to achieve the data quality level desired by the company. In the Regulatory area, directives and instructions are provided as to which regulatory requirements are to be met and the operationalisation of these is ensured. This is where the Data Quality environment is combined with the enterprise­wide governance framework.

Aims Data governance defines the essential tasks in data quality management and provides guidelines for their execution. In order for the tasks to be performed company­wide, it is not sufficient for them to be anchored in individual business and specialist areas or the IT organisation alone (Grosser, 2016a). Data governance must therefore always be integrated into the strategic, tactical and operational levels of the company. A consistent implementation across all levels is important, because only in coordination between the departments can the use of data be designed efficiently (Grosser, 2013, p. 3). In the table 2.3 these levels are explained in more detail.

2.2 Understanding of Data Governance within EGIT | 27 Table 2.3 Levels of data governance (Grosser, 2013, p. 4)

Strategic Goals, drivers and visions are to be defined at management level. The data management strategy should be implemented together with top management and stakeholders. The strategy should be aligned with the company’s ob­

jectives. The data quality strategy makes statements on the most important measures for improving data quality and shows a long­term implementation plan.

Tactical At the tactical level, the business units and the individual projects are located within the company. A coordination between the projects as well as the use of synergies is significantly influenced by this level.

Operational At the operational level, the planned measures are implemented and put into practice.

Roles Essential for any data governance are roles that perform the tasks of data quality management (DQM) (Otto, Kokemüller, Weisbecker, & Gizanis, 2011, p. 276–277). The following roles have established themselves for data governance.

The data governance committeeis responsible for implementing the Data Quality Strategy.

It forms the link between the operational DQM activities and the company management. It is responsible for setting standards. Participants are sponsors, management with assertive competence and expert circles (Otto et al., 2011, p. 276).

The group­wide data steward leads the data quality committee. He invites to meetings for decisions and records resolutions. The main tasks include the implementation of these de­

cisions and the coordination and monitoring of these resolutions. He defines and monitors the key data quality measures. He assesses the extent to which measures must be taken to improve data quality in order to achieve the objectives (Otto et al., 2011, p. 276). As a rule, one business and one technical data steward should be defined for each business area in the company. The departmental data steward is an employee from the user department. In his or her business area, he or she is responsible for detailing the data quality standards. His area of responsibility includes the development of business rules and data models, the imple­

mentation of processes as well as the implementation of measures for data quality (Grosser, 2016b).

The technical data steward takes care of the data architecture and system support for the DQM. Ideally, the technical data steward is also assigned to a business area. His respon­

sibilities include the delivery of standardized data definitions and formats. The technical data steward documents the systems including data objects and data flows between the sys­

tems (Grosser, 2016b). The data manager is represented by a specialist from the IT depart­

ment. They technically implement the requirements of the data owners. The data owner ensures the quality and availability of the data. He determines who has access to the data and defines the requirements for the data (Grosser, 2016b).

Importance of Data Governance Some companies already have data governance in place for individual departments (Grosser, 2016a). However, a sustainable improvement in data quality can only be achieved with the help of defined processes. For a continuous introduction of data governance, the roles from section 2.2.5 must be assigned to a responsible person.

Many companies are afraid of introducing data governance because of fear of complexity or uncertainty (Grosser, 2016a). Building an organization with data governance offers the following advantages, among others (Grosser, 2016a):

• The data is coordinated and uniform company­wide, redundancies can be avoided.

This provides better support for decisions.

• Clear rules regarding processes and data increase scalability on a business, technical and organizational level.

• optimizes costs with regard to data management.

• Existing processes and data can be used multiple times as required.

• The quality of the data is ensured by the documentation of the data as well as data flows. This leads to a higher trust in the company.

• requirements from the audit can be met and controlled more easily.

• The security of the data is guaranteed by a central monitoring of the data protection guidelines.

The explanations on data quality and data governance allow only one conclusion. Data gov­

ernance is fundamentally related to IT governance.

3 | Theoretical positioning of the research on IT­

and Data Governance theory

This chapter contains the assessment of the state of science. Section 3.1 contains a literature review. The review determines where the state of the art is today. In section 3.2 the context between IT Governance and Data Governance is explained. Finally, section 3.3 shows how these principles have been translated into practical methods. These methods can be found in practice in modified forms but also in frameworks.

3.1 Literature review

It is primarily necessary to understand the already addressed topics in measurement of gover­

nance in literature. Therefore a literature review has been conducted. Thus this thesis aims to address future research concerning the measurement in the context of Enterprise Governance of IT (EGIT). But findings and issues of the executed researches must be critically discussed before. It also identify what different concepts have in common and where the differences are. Therefore, the proposed review implied a careful analysis of the literature considering the alignment topics. The content of a literature review has several characteristics such as (1) fo­

cus, (2) goal, (3) perspective, (4) coverage, (5) organisation and (6) audience (Cooper, 1988, p. 109). Each characteristic has categories and a literature review is an instantiation of those categories and so are defining different types of literature reviews (Cooper, 1988, p. 107).

The different categories per characteristic in a taxonomy of literature reviews (Cooper, 1988, p. 109) and shown in table 3.1.

It can be summarised that following Cooper’s taxonomy, this literature review would mainly be set up as the (1) focus to be research outcomes, the (2) goal to be identification of central issues, the (3) perspective to be exhaustive, the (4) organization to be conceptual and the (5) audience to be practitioners or policy makers.

Review Goal: Does the normative literature dealing with IT Governance reflects the mea­

surement and evaluation across different perspectives of governance frameworks?