Data Privacy, Security, and Compliance through Data Governance - Data Governance: Creating Value from Information Assets

Databases Reference

In-Depth Information

officer has ultimate responsibility for data compliance and would report

directly to the board. An example of this scenario would be an organiza-

tion where the CIO has implemented a new data model, such as an IT asset

management/tracking system. The CIO ultimately owns all IT assets and

is the appropriate person to lead the data governance committee.

In scenario 2, the CEO and CFO have the responsibility for the data and

report directly to the board, followed by the CMO/CMIO/COO and the

CIO. As is the case in scenario 1, the other data governance committee

members are ancillary to the hierarchical body represented and have no

real reporting responsibilities. This scenario places the responsibility on

the CMO/CMIO/COO, followed by the CIO/Compliance officer and the

CEO/CFO. While these scenarios depict reasonable hierarchical models

within the data governance committee organizations that would leave a

single person or group of people within the committee responsible to the

board, organizations must be careful in adopting such hierarchy within

the committee as the interdisciplinary nature of the committee may be lost

and true oversight may cease to exist. Data governance oversight should

exist in an interdisciplinary and accountable setting and provide orga-

nizations with the guidance and oversight needed to ensure regulatory

compliance. In Figure 6.4 , you will find a model for data governance and

compliance oversight where each member works as a team and the leader

varies based on the type of data addressed. The committee membership

reflects the scenarios depicted in Table 6.2 .

PROCESS MANAGEMENT: DEFINING DATA

GOVERNANCE THROUGH IMPLEMENTING POLICY

STANDARDS AND APPROPRIATE STRATEGIES TO

ACHIEVE PRIVACY, SECURITY, AND COMPLIANCE

Within each organization there is a body of authorized users or key stake-

holders who are responsible for ensuring the successful implementation of

policies and procedures needed to govern data. This governance commit-

tee has institutional responsibility for the data integrity and as such will

be responsible for implementing policies and standards to ensure orga-

nizational adherence to regulations and standard operating procedures.

While the committee will face many challenges related to data governance,

Search WWH ::

Custom Search

Home