There’s a fair amount of high-level advice on the internet about implementing data governance, which means the practices an organization uses to ensure its data is available, usable, complete, and secure.
But what you won’t find, at least not in abundance, is guidance about what not to do when establishing a data governance practice. That’s unfortunate, because there are many missteps that organizations tend to make when trying to establish data governance. Avoiding them is critical if you want to build a data governance strategy that actually allows you to govern your data – as opposed to talking about governing your data without really establishing effective governance controls and processes.
To that end, here’s a look at data governance mistakes to avoid, which draw on my work helping organizations chart effective data governance and management strategies.
Mistake 1: Treating Data Governance as a Technology Problem Alone
Probably the biggest mistake I see companies make when approaching data governance is assuming that they can simply purchase technology to solve their data governance needs.
The reality is that data governance is fundamentally a practice, not a technology you can buy. To be sure, there are great data governance tools that can help you with tasks like discovering your data, improving its quality, and protecting it from risks. But those tools only deliver value if you define clear data governance objectives, and then determine which tools you’ll need to achieve them.
In other words, while technology is part of the data governance equation, it’s only one part – and it’s not the most important one. You need to determine which data governance practices your business requires before you can deploy tools to support them. Tooling is simply an enabler of practices, not the practices themselves.
Mistake 2: Restricting Data Access in Ways That Disrupt Productivity
Because part of the purpose of data governance is to mitigate data security risks, minimizing who can access data may seem like one way to achieve data governance. The less access people have, the lower your risks.
This is true to the extent that unnecessary access rights to data assets should be revoked. However, this practice becomes a mistake when it blocks access to data that some of your users or employees legitimately require. Data security should never come at the expense of data usability and availability – which are, after all, equally important parts of data governance.
Mistake 3: Not Understanding Day-to-Day Data Requirements
At many companies, the people who actually use data on a daily basis are often not at the center of conversations surrounding data governance policies. The result is policies that reflect what managers think employees do with data instead of what they actually do.
This is bad not just because it can restrict employees’ access to data. Even worse, it can breed situations where employees deploy unofficial tools to work with data without the organization’s knowledge, leading to shadow IT.
The point here is that data governance policies must align with what users actually need, lest users take it upon themselves to meet their data requirements using tools and processes of their own choosing.
Mistake 4: Treating Data Governance as a Reactive Process
The goal of a data governance program should not be simply to identify and mitigate data availability, quality, and security issues. It should also be to achieve these goals as efficiently as possible – which is why data governance must be a proactive practice.
For example, rather than waiting until data processing is complete to check for data quality issues, you should build tests into your pipelines that alert you proactively to problems. Otherwise, you end up having to rebuild the entire pipeline and reprocess your data, whereas you could have solved the issue with less time and effort if you’d caught it earlier.
Conclusion: A Better Approach to Data Governance
A data governance program that delivers real value requires more than just tools, data access restrictions, and periodic data quality checks. Its most important components are actionable policies and practices that align with the way all stakeholders actually use data. Understanding this is what differentiates businesses with an effective data governance operation from ones that talk about data governance but do little in practice to enable it.