Management is Not Enough: A Consolidated, Enterprise-Level Data Governance Framework

Data Governance and Data Stewardship have never been more important – and potentially more confusing! Companies must achieve and maintain compliance for multiple laws and regulations: Sarbanes-Oxley, HIPAA, Basel II, and others – all of which require enterprise-level Data Governance. Each part of the company champions a different compliance framework: COSO, COSO-ERM, COBIT, ITIL, ISO 17799, and ITSM, which use different terminology for similar activities. IT departments also need to implement Data Access and Data Privacy programs, Electronic Security efforts, and Disaster Recovery Plans – but all of these efforts require boundary-spanning decision-making, new checks-and-balances, and a mix of theory and practical techniques. And all of these efforts are on top of day-to-day efforts to build and maintain company databases, marts, and data warehouses.

Decision-making has become too complicated. Management is not enough anymore. The choice now is whether to implement a dozen disparate Data Governance efforts or a single consolidated enterprise-level Data Governance program. This session describes a universal framework that can be applied to all of these efforts to meet Data Governance and Compliance needs. It outlines organizational structures, decision-making patterns, communication and information collection, processes, and other components needed to move from the 90's paradigm of "Just Do It!" to the post-compliance paradigm of "Do it, Control it, Document it, and Prove it!"