Databases Reference
In-Depth Information
TABLEĀ 6.3
Policymaking Process for Data Governance
Policy Standards and Compliance
Organizational data needs
Policy and procedure writing process
Organizational risk assessments
Policy changes
Date governance oversight
The policymaking process within an organization is ultimately the
responsibility of the data governance committee. Largely, the policymak-
ing process is a strategic initiative to provide a layer of control over an
organization's most fundamental asset. An organization's data drives
business decisions, allows the organization to demonstrate regulatory
compliance, and helps key decision makers determine long-term business
viability. Thus, the policymaking process has to be part of the overall stra-
tegic plans and must be meticulous in nature. The policymaking process
in any organization is a cyclical process and has many stages that impact
the final policies and procedures. In TableĀ 6.3, the policymaking process
is divided into its fundamental components. The largest component of
the policymaking process is determining the data needs of an organiza-
tion; this is also the first step in the policymaking process. The second
component is the policy and procedure writing step, which is driven by
organizational data needs. The third component is the risk assessment
step. Organizations, through regulatory requirements, are expected to
conduct regular risk assessments of their operations, which include their
data, systems, assets, and financial viability. Risk assessments often lead to
policy and procedural revisions to mitigate discovered risks and the over-
all protection of organizations' data. Throughout this process, but partic-
ularly after a completed risk assessment, the data governance committee
must provide oversight of the policymaking process, which is the final
component in the process. This component can occur at any time within
the policymaking process. The fourth component deals with instituting
Search WWH ::
Custom Search