Data Architecture & Governance
Data Governance is an overarching framework of processes, roles, policies, standards, and metrics that ensure the effective and efficient use of information, enabling an organization to achieve its data-driven goals while respecting compliance and privacy demands.
Why does Data Architecture & Governance matter?
To coordinate internally, maintain data privacy, comply with regulatory needs, and take advantage of industry best practices and knowledge, companies need a forum for sharing knowledge about data and creating and enforcing standards. Once policies and standards are in place, they must be translated to technology. Data Architecture translates governance and business requirements to data schemas and technology designs.
Defined framework for documenting, communicating, and enforcing data governance across the organization.
My organization has comprehensive business, data, application and technology architecture documents.
Data architecture maps how data flows through its systems and provides a blueprint for managing data. The goal is to ensure that data is managed properly and meets business needs for information.
Outlining how data flows through the organization to inform strategy for managing and governing data.
My organization has a clear definition of which application components will serve as the system of record or reference for enterprise master data.
A system of record (SOR) is a data management term for an information storage system that is the authoritative data source for a given data element or piece of information.
My organization can clearly articulate how data entities are utilized by business functions, processes, and services
An entity is any singular, identifiable and separate object(s). It refers to individuals, organizations, systems, bits of data or even distinct system components that are considered significant and used within your business systems.
My organization can discuss and has documented the level and complexity of data transformations between applications.
Data transformation is the process of converting data from one format to another, typically from the format of a source system into the required format of a destination system.
Fundamental policies, tools, and documents needed to manage and govern data in a modern, data-centric organization.
My organization has documented and communicated data governance policies, procedures and responsibilities.
Data governance requires (1) a policy framework designed by stakeholders to outline how data will be treated, (2) an actionable implementation plan defining tools and technology and assigning responsibility to data stakeholders and (3) commitment to ongoing assessment of policies & plan against business objectives.
My organization has employees that routinely apply data governance policies and procedures when working with data.
Data governance requires collective effort for successful implementation. Buy-in and direction from the leaders of an organization is critical to ensure alignment with business objectives and strategy.
Processes that define how data is stored, managed, collected, and secured.
My organization has a comprehensive information security framework, including administrative, physical, technical and risk assessment procedures for data security.
Data security refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle.
My organization manages compliance that addresses the quality, relevance and completeness of data.
Data quality is a measure of the condition of data based on factors such as accuracy, completeness, consistency, reliability and timeliness.
My organization has policies and procedures in place to ensure that all data managed preserves privacy.
Data privacy, sometimes also referred to as information privacy, is an area of data protection that concerns the proper handling of sensitive data including, notably, personal data but also other confidential data, such as certain financial data and intellectual property data.
My organization has a detailed, up-to-date inventory of all data elements including a classification of sensitive or PII data
Data Inventory is a comprehensive catalog of data assets held by an organization; which should include information on elements that can uniquely identify an individual (person) or other sensitive data.
My organization has defined guidelines and processes that adhere to GDPR or CCPA regulations, allowing individuals to request their personally identifiable information be removed from all of the organization's systems.
GDPR and CCPA have regulations that provide data subjects an ability to control how their data is used, including requesting a complete erasure of their data. Companies that handle personal data must have procedures in-place to handle these types of requests.