A good data governance program requires a vision and business case. The vision identifies your broad strategic objectives for building a governance framework, while the business case articulates the specific opportunities you will pursue. The business case will provide the rationale for spending time, energy and money on your data governance effort. It will also identify the actual people (roles), technologies and processes that you will need to support your governance goals.
For example, you may need to develop a strategy to manage unstructured data. This type of data is difficult to govern because it lacks structure and cannot be easily categorized and stored. You will need to implement a new data architecture and implement a process for managing unstructured data. This will require a significant investment and will take some time to complete. However, if you succeed, the results will be worth it.
If you want to make sure your company’s data governance programs have a positive return on investment, you must put the right people in place. This will include data stewards who can bridge the gap between your business and IT. These stewards should be experienced business analysts who understand the organization’s business processes, decisions and interactions. In addition, they should be able to translate how your data governance framework affects these processes. Strong business stewards can serve as the primary point of escalation for other team members and management.
In addition, you must define your organization’s data governance roles and responsibilities. This will help you ensure that all relevant people have a clear understanding of how your policies apply to them. This will minimize confusion and misapplication of the rules and help you build a data management culture that focuses on value delivery to your business.
Depending on the circumstances, some personal data may be exempt from use limitations and access requirements under the PDPO. Examples of this include: (i) safeguarding Hong Kong’s security, defence and international relations; (ii) assessment or collection of tax or duty; and (iii) crime prevention or detection activities. In addition, the PDPO may permit access to personal data where it is necessary for the purpose of due diligence exercises.
You must also establish how you will assess and measure your data governance program’s success. Your data governance plan should include metrics and key performance indicators that you will track regularly to ensure your program is meeting its goals. Your metrics should be linked to business outcomes and tied back to your data governance strategy. If the metrics are not being met, you will need to review your data governance framework and adjust it as needed. This will require a substantial amount of effort, but it is critical to the success of your data governance program. This is particularly important if your organization is facing competitive pressures to improve its data governance practices. This will enable you to win more business by offering more timely and valuable information to your customers.