Data

Governance
Deployment
Processes
DSI 322 Data Governance
Term 2/2024

Rachada Kongkachandra
 Definitions and Concepts

The Scope of Data

Governance

Topics Elements of Data Governance

Program

The CSFs for Data

Governance

Process Overview for

deploying DG
CONCEPTS BEHIND DATA GOVERNANCE

EIM Enterprise Information Management

DM Data Management

Data
Governance
 Enterprise Information Management
Scope:
EIM encompasses the strategies, processes, and technologies used to manage
an organization's information assets.
EIM
EIM includes the management of structured data (like databases),
unstructured data (like documents and emails), and semi-structured data
DM
(like XML files).

Data Objective:
Governance The main goal of EIM is to ensure that information is available, reliable,
and usable across the organization.
It aims to support decision-making, compliance, and business process
optimization.

Components:
EIM includes various disciplines such as data management, content
management, business process management, and information security.
Data Management
Scope:
Data Management is a subset of EIM and focuses specifically on the
handling of structured data.
EIM
It involves practices and processes to ensure the quality, availability, and
integrity of data throughout its lifecycle.
DM

Objective:
Data
Governance The primary objective of Data Management is to provide a structured
framework for collecting, storing, accessing, and using data effectively and
efficiently.

Components:
Data Management encompasses data governance, data quality, data
architecture, data modeling, database management, and data warehousing.
Data Governance
Scope:
Data Governance is a component of Data Management and involves the
oversight and control of data management activities.
EIM
It is concerned with establishing policies, standards, and procedures to
ensure the proper management of data.
DM

Objective:
Data
Governance The main goal of Data Governance is to ensure that data is managed as a
valuable asset, with a focus on data quality, security, privacy, and
compliance.

Components:
Data Governance includes defining roles and responsibilities (such as
data stewards and data owners), setting data policies and standards, and
implementing data quality and data privacy measures.
 Case Study: FinServCo
Background:
FinServCo is a financial services company that offers a range of products including loans,
savings accounts, and investment services. The company operates in multiple countries
and deals with a large volume of sensitive financial data.

Challenge:
FinServCo faced challenges with
data inconsistencies across different systems
inefficiencies in data processing
difficulties in regulatory compliance
ineffective information management
practices
 Case Study: FinServCo
Enterprise Information Management (EIM)
Content Management:
Implemented a content management system to manage
unstructured data such as contracts, policies, and
customer communications.
Business Process Management:
Automated key business processes, such as loan
approvals and customer onboarding, to improve
efficiency and reduce errors.
Information Security:
Strengthened information security measures to protect
sensitive data and comply with financial regulations.
 Case Study: FinServCo
Data Management (DM)
Data Integration:
Integrated data from various sources, including customer
databases, transaction systems, and external data
providers, to create a unified data platform.
Data Warehousing:
Established a data warehouse to consolidate and store
data for reporting and analytics purposes.
Master Data Management (MDM):
Implemented an MDM system to ensure consistency
and accuracy of critical data entities, such as customer
and account information.
 Case Study: FinServCo
Data Governance (DG)
Data Governance Framework:
Developed a data governance framework, defining roles
and responsibilities for data stewards, data owners, and
other key stakeholders.
Data Policies and Standards:
Created data policies and standards to ensure data
quality, privacy, and security across the organization.
Data Quality Monitoring:
Implemented data quality monitoring tools and
processes to identify and address data quality issues
proactively.
Case Study: FinServCo Outcome: By implementing EIM, DM, and DG, FinServCo
achieved:

Enhanced data quality and consistency, leading to more

reliable decision-making.
Improved operational efficiency through streamlined
business processes and data management practices.
Stronger compliance with regulatory requirements,
reducing the risk of fines and reputational damage.
Better customer experiences through accurate and timely
EIM information.

EIM provides the overarching strategy for managing all types of

DM
information,
DM focuses on the technical aspects of handling structured
Data
data, and
Governance
DG ensures the proper governance of data to maintain quality,
security, and compliance.
THE SCOPE OF DATA GOVERNANCE is affected by the three factors

1. Business Model
The type of organization, its corporate hierarchy, and its operating environment.

2. Content
The type of content (data, information, documents, etc.), its location, and its
business relevance.

3.Federation
The extent or intensity by which different content is governed.
1. Business Model
2. Content

For example,

A structured type of data, like a transaction, may come and go within a fiscal year,
and governance will tend to focus on the usage of that data within the time period.

An unstructured type of data, like contracts and e-mails, may need to be kept for
decades and may be subject to legal discovery or strict classifications of privacy or
privilege.

Obviously, there will need to be consideration of the details of governing these

different types.
 3.Federation
The federation of a data governance
program
is a definition of where and how
standards will be applied across
various layers and segments of
an organization.

similar data assets can be tightly

governed (in the center or hot zone)
more loosely governed (on the fringe or
the cool zone)
ELEMENTS OF DATA GOVERNANCE PROGRAMS

1. Organization
2. Principles
3. Policies
4. Functions
5. Metrics
6.Technology and Tools
1. Organization

The official designation of accountability

and responsibility are key factors to the
survival of DG.
The key aspect about understanding the
DG organization is that a formal
definition of roles for assigning
responsibility and accountability for
managing information assets.
the DG organization is a virtual
organization made up of business and IT
personnel.
2. Principles

they are general adopted

rules that guide conduct
and application of data
philosophy.
Principles are crucial
elements in DG.
3. Policies

- formally defined processes with strength of support

---codification of a principle
- include standards

4. Functions
- describe the what has to happen in Data Governance
- Perform two roles
-Point out what someone has toactually do.
-Determine which are as whole or individuals would bear accountability
and responsibility.
 Case Study: SecureTech Inc.'s Cybersecurity Program

Background: SecureTech Inc. is a technology firm that specializes in developing

secure communication solutions. Given the sensitive nature of their products and
the data they handle, cybersecurity is a top priority for the company.

Principles
Definition: Principles are the foundational beliefs or guidelines that drive decision-
making and behavior within an organization.
Example in SecureTech Inc.:
Security by Design: SecureTech Inc. adopts the principle that security should be
integrated into products and systems from the earliest stages of development,
rather than being added as an afterthought.
 Case Study: SecureTech Inc.'s Cybersecurity Program

Policies
Definition: Policies are formal statements that provide a framework for decision-
making and actions within an organization. They are derived from principles and
are more specific and actionable.

Example in SecureTech Inc.:

Access Control Policy: Based on the principle of Security by Design, SecureTech
Inc. implements a policy that requires all employees to use multi-factor
authentication to access company systems, ensuring that access is granted only to
authorized individuals.
 Case Study: SecureTech Inc.'s Cybersecurity Program
Functions
Definition: Functions are specific activities or tasks carried out within an organization to
achieve its objectives. They are guided by policies and aligned with principles.

Example in SecureTech Inc.:

Security Audits: As part of the Access Control Policy, SecureTech Inc. conducts regular
security audits to ensure compliance with the policy and to identify any potential
vulnerabilities in their access control mechanisms.

Outcome: By adhering to the principle of Security by Design, implementing clear policies like the
Access Control Policy, and performing functions such as security audits, SecureTech Inc. maintains
a robust cybersecurity program that protects its products and data.
5. Metrics
DG needs metrics to monitor its own effectiveness.
Metrics evolve from simple surveys and counts to true
monitor of activity
Information Management Maturity
DG Stewardship Progress
DG Stewardship Effectiveness
Data Quality
Business Value
6. Technology and tools

Technologies in support DG
SharePoint, Word, Excel
Data Dictionary
Metadata Management tools
Data Catalog
Data Quality Tools
Data Governance Dashboards and Reporting Tools
etc.

A tool exists to improve something you are already doing.

You need a tool to “grease the skids”
The Critical Success Factors for Data Governance

1. Data governance is mandatory for the successful implementation of

any project or initiative that uses information.
2. Data governance has to show value explicitly.
3. Data governance must manage organizational culture change.
4. Data governance must be viewed as an enterprise effort.
🔹 1. Data Governance เป็ นสิ่งจำเป็ นต่อโครงการหรือแผนงานที่ใช้ข้อมูล
💡 ความหมาย:
• การใช้ข้อมูลโดยไม่มีการกำกับดูแล อาจนำไปสู่ข้อมูลที่ไม่ถูกต้อง ความไม่เป็ นระเบียบ และความเสี่ยง
ด้านความปลอดภัย
• DG ต้องเป็ นส่วนหนึ่งของโครงการใดๆ ที่เกี่ยวข้องกับข้อมูล เช่น Data Analytics, AI, หรือ ERP
Implementation

✅ ตัวอย่าง:
🔸 บริษัทประกันภัย (Insurance Co.) ต้องการพัฒนา AI สำหรับวิเคราะห์ความเสี่ยงของลูกค้า
• หากไม่มี Data Governance → AI อาจใช้ข้อมูลที่ไม่ถูกต้อง ทำให้การวิเคราะห์ผิดพลาด
• แนวทางที่ถูกต้อง: ตั้ง Data Governance Framework เพื่อกำหนดมาตรฐานคุณภาพข้อมูล (Data
Quality) ก่อนป้ อนเข้า AI
🔹 2. Data Governance ต้องแสดงคุณค่า (Value) อย่างชัดเจน
💡 ความหมาย:
• องค์กรต้องเห็นว่าการลงทุนใน DG ให้ผลตอบแทนที่จับต้องได้
• ไม่ควรเป็ นแค่โครงการทางเทคนิค แต่ต้องช่วยปรับปรุงประสิทธิภาพ ลดต้นทุน และลดความเสี่ยง

✅ ตัวอย่าง:
🔸 บริษัทค้าปลีก (RetailX) ใช้ DG เพื่อลดต้นทุนการตลาด
• ปั ญหา: ข้อมูลลูกค้าไม่ถูกต้อง ทำให้มีการส่งโปรโมชั่นผิดกลุ่มลูกค้า → สิ้นเปลืองงบประมาณ
• แนวทางแก้ไข: Implement Data Quality Monitoring → ลดข้อผิดพลาดในการส่งอีเมลโปรโม
ชั่น จาก 15% เหลือ 2% → ประหยัดค่าใช้จ่ายได้มากขึ้น
🔹 3. Data Governance ต้องบริหารจัดการการเปลี่ยนแปลงวัฒนธรรมองค์กร
(Manage Organizational Culture Change)

💡 ความหมาย:
• DG ไม่ใช่แค่เรื่องเทคโนโลยี แต่เป็ นเรื่องของ “คน” และ “กระบวนการ”
• ต้องมีการเปลี่ยนแนวคิดของพนักงาน ให้ตระหนักถึง ความสำคัญของข้อมูลที่ถูกต้อง

✅ ตัวอย่าง:
🔸 ธนาคารแห่งหนึ่ง (Bank ABC) ต้องการให้พนักงานใช้ข้อมูลลูกค้าอย่างมีประสิทธิภาพ
• ก่อนมี DG: พนักงานเก็บข้อมูลลูกค้าในรูปแบบไม่เป็ นมาตรฐาน ทำให้ข้อมูลมีข้อผิดพลาด
• แนวทางแก้ไข:
• อบรมพนักงานเรื่อง Data Literacy
• แต่งตั้ง Data Steward ในแต่ละแผนก
• สร้างระบบแจ้งเตือนอัตโนมัติ เมื่อพบข้อมูลที่ไม่สมบูรณ์
🔹 4. Data Governance ต้องถูกมองว่าเป็ นความพยายามระดับองค์กร
(Enterprise Effort)

💡 ความหมาย:
• DG ไม่ใช่แค่เรื่องของ IT แต่ต้องเป็ น ความร่วมมือของทุกแผนกในองค์กร
• การกำกับดูแลข้อมูลต้องครอบคลุม ทุกระดับ ตั้งแต่ผู้บริหารจนถึงผู้ใช้งานปลายทาง

✅ ตัวอย่าง:
🔸 บริษัทโลจิสติกส์ (LogiCo) ต้องการปรับปรุงคุณภาพข้อมูล
• ปั ญหา: แต่ละแผนกมีระบบข้อมูลแยกกัน → ข้อมูลสินค้าคงคลังไม่ตรงกัน
• แนวทางแก้ไข:
• ตั้ง Data Governance Committee โดยมีตัวแทนจากทุกแผนก
• ใช้ Data Integration & Master Data Management (MDM) เพื่อลดปั ญหาข้อมูลซ้ำซ้อน
Process overview for deploying data governance
Example of DG Project Plan
Information Management Maturity (IMM)

The company uses predictive analytics to forecast future staffing needs based on
employee data and business trends.

The company starts tracking key metrics related to employee data, such as data accuracy,
completeness, and timeliness. They use this data to identify areas for improvement and make
data-driven decisions.

The company implements a formal process for managing employee data. They define data standards,
create a central database, and establish clear procedures for data entry, updates, and access. Regular
training is provided to employees on how to follow the new processes.

The company starts using a shared spreadsheet to store employee data. However, there are no clear guidelines
for data entry, and updates are not always communicated effectively. This leads to inconsistencies and errors in
the data.

Employee data is scattered across spreadsheets, emails, and even paper files. There's no single source of truth,
making it difficult to find information or ensure accuracy. When someone needs an employee's start date, they
might have to ask around or search through multiple files.