The Role of Data Governance in an Organization - Data Governance: Creating Value from Information Assets

Databases Reference

In-Depth Information

created the need for enterprises to develop formal data governance strat-

egies and programs. In the financial sector, compliance, data security,

brand and trust protection, and the need for quality data are all elements

critically important to the sector. Technological advances have provided

wider access to data that has been accompanied by widening data security

problems. This dynamic nature of security threats makes a strong corpo-

rate data governance program essential. Data governance is an ongoing

process of monitoring, evaluating, and assessing data, its users, and data-

base activity to better understand and control data risk; and to ensure that

data is being used for the maximum benefit of all stakeholders.

Data governance provides a system of checks and balances. Data gover-

nance comprises the people, processes, and technology necessary for an

entity to properly use and manage data. It uses technology tools and solu-

tions to protect the integrity and security of the data and monitoring and

reporting processes to ensure the data governance policies of the organi-

zation are adhered to.

There are major data risk categories across a variety of data sources.

Data sources could be Web data, such as email, Internet; mobile data, such

as laptops, USB; or core data stored in databases and file servers. Data

risks could comprise confidentiality, integrity, and availability risks for

data. The data governance program puts into practice risk management

across these data sources to meet governance goals at the business level.

The data governance program prioritizes risks and data sources and out-

lines appropriate measures to contain the risks. These measures are based

on the sensitivity of the business data (person-identifiable data, such as

Social Security numbers, private health information), the security of the

stored data (encrypted or unencrypted), the controls around accessing the

data (type of users, data flow, application access), and processes toward

reduction of risks caused by data access (risk mitigation policies enforced,

user access control, firewalls).

INFORMATION GOVERNANCE

AND CLOUD COMPUTING

Reduced transaction costs, increased computational power, and new

communication technologies are shifting many interactions from the

physical realm to the virtual. Cloud computing is a movement that allows

Search WWH ::

Custom Search

Home