WHITE PAPERThe SAS Data Governance Framework:TitleA Blueprint for Success
iiContentsFraming Data Governance . 2Corporate Drivers. 4Regional Bank .4Global Bank.4Data Governance: Putting It Together. 5Program Objectives.5Guiding Principles.5Data Stewardship. 7Data Management. 7Data Architecture.8Metadata.8Data Quality.8Data Administration.9Data Warehousing, Business Intelligence and Analytics.9Master Data .9Reference Data .9Data Security.10Data Life Cycle.10Methods.10Solutions.12Summary.13
1As a concept, data governance has been around for decades. By the 1980s, thecomputing boom led to technology designed to tackle things like data quality andmetadata management, often on a departmental basis to support database marketingor data warehousing efforts. While pockets of “data governance” emerged – and sometimes grew as a grassroots effort – it was rarely a hot topic in the IT community.By the early 2000s, data governance started to get more attention. The collapse ofcompanies like Enron led the US federal government to establish rules to improve theaccuracy and reliability of corporate information. Data governance was a key component of these efforts. For example, the Sarbanes-Oxley Act required executives to know– and be personally responsible for – the data driving their businesses. In the face ofsuch industry drivers, data governance matured rapidly. Technology that grew out ofdata quality or business process management tools began to offer automated creationand management of business rules at the data level.To keep pace with technologies, trends and new regulations, data governancecontinues to evolve. Consider, for example, the demands placed on governance bystreaming data analytics, the internet of things, Hadoop and requirements of regulations like Current Expected Credit Loss (CECL) or the General Data ProtectionRegulation (GDPR).The majority of C-level executives today understand why they need to manage data asa valuable corporate asset. And to ensure proper oversight, executives in emergingroles – like the chief data officer or the data protection officer – have appeared in manyboardrooms. But despite the high adoption of data governance as a formal set of practices, there are many examples of organizations that are struggling to overcome failedattempts or tune ineffective organizations.Consider this quote from an executive at an integrated health care provider:“Jim is the fourth data governance director from the corporate office in the past sixyears. I hope this time it sticks.”Or this quote from a risk manager in a regional bank:“Our first attempt at data governance kicked off with great fanfare a few years ago,then fizzled. Now there is quite a bit of skepticism this time around.”There are many reasons why data governance fails1 – or at least, underperforms. But thecause is often one of these: Data governance is not well-defined. Business executives and managers consider data “an IT issue, ” and business unitsand IT don’t work together. The organization’s unique culture isn’t taken into account. Organizational structures are too fragmented, the culture doesn’t support centralized decision making, or decision-making processes are not well understood ordesigned.1 Read more by downloading a SAS Best Practices white paper, 10 Mistakes to Avoid When Launching Your DataGovernance Program.
2 Data governance is viewed as an academic exercise, or is treated like a finite project. Existing steering committees with knowledge and clout are overlooked. Execution is lacking; data is not managed in a structured, tactical and repeatableway. The return on investment (ROI) isn’t clear, and it’s hard to link data governance activities to business value. Key resources are already overloaded and can’t take on governance activities.So, no matter how much you need data governance, there are a variety of reasons itmay not work. In this paper, we will highlight the SAS Data Governance framework,which is designed to provide the depth, breadth and flexibility necessary to overcomecommon data governance failure points.Framing Data GovernanceStarting data governance initiatives can seem a bit daunting. You’re establishing strategies and policies for data assets. And, you’re committing the organization to treat dataas a corporate asset, on par with its buildings, its supply chain, its employees or its intellectual property.However, as Jill Dyché and Evan Levy have noted, data governance is a combination ofstrategy and execution. It’s an approach that requires one to be both holistic andpragmatic: Holistic. All aspects of data usage and maintenance are taken into account in establishing the vision. Pragmatic. Political challenges and cross-departmental struggles are part of theequation. So, the tactical deployment must be delivered in phases to provide quick“wins” and avert organizational fatigue from a larger, more monolithic exercise.To accomplish this, data governance must touch all internal and external IT systems andestablish decision-making mechanisms that transcend organizational silos. And, it mustprovide accountability for data quality at the enterprise level. The SAS Data Governanceframework illustrates a comprehensive framework for data governance that includes allthe components needed to achieve a holistic, pragmatic data governance approach.The framework presented here is a way to avoid data dysfunction via a coordinated andwell-planned governance initiative. These initiatives require two elements related to thecreation and management of data: The business inputs to data strategy decisions via a policy development process. The technology levers needed to monitor production data based on the policies.Collectively, data governance artifacts (policies, guiding principles and operatingprocedures) give notice to all stakeholders and let them know, “We value our data as anasset in this organization, and this is how we manage it.”Definition ofData Governance“The organizing frameworkfor establishing strategy,objectives and policiesfor corporate data.”Jill Dyché and Evan LevyCustomer Data Integration:Reaching a Single Versionof the Truth
3Corporate DriversComplianceMandatesData GovernanceProgram ObjectivesGuiding PrinciplesDecision-Making BodiesDecision RightsMergers &AcquisitionsData StewardshipRoles & TasksCustomerFocusAt-Risk ProjectsData onData QualityData Life CycleData Warehousing& BI/AnalyticsReference andMaster DataData iesDecision MakingData QualityDataIntegrationDataPreparationReference DataManagementMasterDataData Profiling& ManagementBusinessGlossaryProcessTechnologyThe top portion of the framework – Corporate Drivers – deals with more strategicaspects of governance, including the corporate drivers and strategies that point to theneed for data governance. The Data Governance and Methods sections refer to theorganizing framework for developing and monitoring the policies that drive datamanagement outcomes such as data quality, definition, architecture and security.The Data Management, Solutions and Data Stewardship sections focus on the tacticalexecution of the governance policies, including the day-to-day processes required toproactively manage data and the technology required to execute those processes.While the framework can be implemented incrementally, there are significant benefitsin establishing a strategy to deploy additional capabilities as the organization maturesand the business needs require new components. It’s important to develop a strategythat can address short-term needs while establishing a more long-term governancecapability.On the bright side: Organizations never start from zero. Groups exist in your organization that have varying levels of governance maturity. As you develop your long-termdata governance plan, the framework can help you understand how the individualcomponents can be used as a part of the whole, helping you achieve a sustainableprogram for data governance.
4Corporate DriversMany companies that recognize a need for data governance find it challenging to getbroad consensus and participation across business units. Why? It’s often difficult to tiethe results to a business initiative or demonstrate ROI.As much as possible, it’s important to tie data governance activities (and investments) tocorporate drivers. This will allow you to more rapidly link data governance “wins” withkey business goals. Consider these contrasting, but very real examples of data governance program launches:Regional BankA regional financial services company launched an initial data governance programwith great fanfare and a surprising amount of business-unit support. It identified datastewards, acquired data profiling tools and decided to tackle data quality problems inits startup efforts. Profiling revealed the data elements with the largest amount of issues,and the teams went to trace data, identify root causes and find solutions.There was only one problem. The fields identified as the most problematic (aftermonths of mapping and tracing) were phone number and seasonal addresses, neitherof which had any strategic value to the executives. The program failed to win incremental support, and executives turned their time and attention to problems that tiedmore closely to their business strategies and drivers.Global BankThis bank, while a larger institution than the regional firm, faced increasingly complexcompliance mandates around Basel III and risk data aggregation principles. As a result,data governance became a sanctioned set of practices within the bank’s multiprongedcompliance strategy.Launching data governance with this more focused approach, the bank focused ondata required for risk data aggregation. The data steward teams consolidated all siloeddata quality efforts into a single area, identified the key data owners for this data, andbuilt a program designed to illustrate how they were managing information to thenecessary regulatory bodies. This program demonstrated its value and receivedincreasing executive support.As these two banks found, companies get more traction if the governance initiativelinks to a specific strategic initiative or business challenge. Not only does this allowgovernance activity and investment to follow corporate objectives (and make clear theROI for such activity), but it also eliminates the “academic exercise” label that is sometimes applied to data activity. When aligning data governance with corporate drivers isnot possible, bottom-up approaches can be championed to drive progress via prototyping smaller projects with clear wins to build momentum.
5Data Governance: Putting It TogetherObstacles and challenges related to organizational culture, decision-making cultureand staffing limitations are also factors that have high potential to take your data governance program off the rails.The levers for managing these issues are the program objectives, decision-makingbodies and decision rights outlined in this part of the framework. These are theplanning tools that enable data governance to be implemented in a way that fits theculture and staffing. Taken together, the program objectives, guiding principles, and theroles and responsibilities make up the data governance charter that needs approval bysenior leadership as part of the initial launch.If key resources are overloaded, there must be a clear set of stakeholders, key performance indicators (KPIs) and ideally some measure of ROI to obtain funding forresources needed to launch and sustain governance. Also, it must be clearly delineatedwhich activities will be done and by whom. How is this accomplished? It is all aboutplanning today based on a future vision of a mature data management process