By John Culkin, Director of Information Management, Crown Records Management.
Here are five key steps to ensuring good data governance – and to putting in place a framework that will answer the ultimate question: who should be responsible for data in your business?
1. Undertake a data audit
The first step to designing a new data governance structure – or to improving current procedures – is to undertake an audit of all information in the business. How much information being kept should be kept? How much is just "data noise" in an overflowing database that slows down reports? Understanding your assets is the first step to planning how to both mine and protect them.
2. Have a really clear policy in place to help staff identify what is a record
The very basis of a good data and information policy lies in knowing whether a document should be designated as a record.
This one decision, often made at the coal face and out of the sight of the CEO, sets the tone for everything that follows.
Having clear and consistent guidelines to help staff classify a record is crucial. Classifying every bit of information as a record would be expensive and unnecessary.
3. Train staff at all levels
Training staff at every level in how to avoid data breaches – and understanding the threats – leads to good data governance. It is estimated 80 per cent of data breaches stem from human error. There will be soon be fines of up to five per cent of global turnover for breaching data regulations – and strict guidelines on reporting breaches quickly. Who will be in charge of reporting in your business?
Training in how to classify and value data is vital too; and not only for senior management. It could be somebody very junior who touches information first.
Have clear procedures in place for structured records (those stored in a database) and unstructured (information stored locally).
4. Embrace the principle of data ownership
Don't be afraid to assign ownership of data to individual senior managers in departments that handle records and information; building a strategy and structure for data governance in which responsibilities are clear is vital. There may be too much data in your business for one person to handle every type of information.
5. Keep policies and systems up-to-date
Old data policies were often written when there was no social media and when legislation lagged behind technology, so they need to be updated regularly. As data regulation evolves it is vital people in the business take responsibility for keeping pace with it. Staying ahead of the game protects companies from breaches and turns records into assets.
The bottom line is that the data world is changing fast. Information that used to be confined to the backroom has not only reached the boardroom but threatens to overwhelm it. So new ideas are required to manage it efficiently.
Being responsible for data will not be a one-person job in future, even for the most talented CEO or CIO. Putting in place a modern data structure – and assigning ownership for each type of data - is ultimately the key to harnessing the power of your company's corporate memory. The time to assign responsibility for data – and to finally treat information as an asset – has now arrived.