How to Create a Culture of Governance
Mention the word “governance” to business people and they flee. They don’t want to attend long, drawn-out meetings and hash out data policies, processes, and standards. Most don’t think the policies will be implemented or followed. And they don’t want to be associated with another IT-driven attempt to dictate standards.
Yet, governance is key to data productivity. It provides a common vocabulary for communicating with data. Without it, organizations descend into a morass of confusion in which everyone talks, but no one communicates.
So what’s an IT team to do? How do you get the business to define and adhere to data standards? How do you create a culture of governance in which adhering to standards becomes the normal way of doing business? How do you get business to love data governance?
It’s important to recognize that governance never takes root if the business does not want it. IT can never impose governance; the business must initiate it. The business must believe that governance is key to its success, not a burden to endure. So how do you get the business to embrace governance? How do you get the business to own it?
Here are three techniques:
1. Attach governance to strategic projects
Top-down governance projects only works if the executives face fines or imprisonment if they don’t comply with regulations, such as Sarbanes Oxley. Without the threat of the noose, the best way to proceed is to embed data governance within highly visible, strategic projects in which the company is investing large sums of money, such as a new digital strategy or customer relationship management system.
It’s usually not too hard to make the case that the project team should spend time defining terms before baking definitions into a new system. This is a short-term project with a fixed goal and finite endpoint. The project leaders need to minimize risks and maximize chances of success because their careers are on the line. They are usually motivated to tackle governance issues quickly and efficiently. And they embrace people who volunteer to help facilitate and document the process.
The governance process focuses only on what the project needs to succeed. It doesn’t attempt to address broader enterprise governance issues. Nonetheless, it creates a foundation upon which other governance initiatives can build. The next strategic project can use and extend the prior work or it can be adopted by forward thinking departments that see the value of an enterprise glossary.
2. Apply Watermarks to Reports and Data Sets
Watermarks are quickly gaining popularity as a way to standardize reports and data sets. Business users submit a report or data set through an agile governance process so they can be reviewed for conformance with established standards. The process should take less than a week for new submissions and a day or two for minor changes. A data owner signs off on data definitions and calculations, while an IT team reviews reports for layouts, data flows, data quality, performance, and scalability.
Like a Good Housekeeping seal, a watermark indicates that a report or data set has been vetted and is safe to use for decision-making. It indicates which data is trustworthy to use and which is not. As one BI director says, “Our watermark has really changed behavior in our organization. When executives open a Tableau report, they first look for the watermark in the bottom right corner. If it’s not there, they ask why not and question the data.”
The watermark enables business users to distinguish between official reports with certified data and ad hoc reports that may contain non-certified data and metrics. The lack of a watermark indicates a “buyer beware” environment. This doesn’t mean ad hoc reports are bad; they enable the business to answer new or unanticipated questions using data that isn’t in the data warehouse. If ad hoc reports or data sets become popular, they should be fed into the governance process for broader distribution.
Watermarks are typically applied to enterprise reports shared across functional boundaries. But individual departments, such as finance or sales, can set up their own governance processes to distinguish between official and ad hoc reports. In some cases, a data container—such as an application or data warehouse—serves as the watermark. People know that anything from that container has been vetted. Some organizations now have data stewards certify data sets within data catalogs and set permissions that control which analysts can view and download the data set.
3. Certification Tests
Many business users want self-service data access and reporting, but some aren’t qualified to use the tools without creating inaccurate or inconsistent results. However, if IT administrators deny these users access to analytic tools and data, they often do an end-run around IT and purchase their own tools. They then gain access to the data without IT’s knowledge or support (at least until they get in over their heads).
To reverse this lose-lose dynamic, IT leaders need to proactively provide self-service tools to business users and configure the tools to access governed sources of data. They should give an analytic tool to any business person with one caveat: the business person needs to pass a certification test. And their score determines their level of data access.
For instance, a score of 75 out of 100 gives a business user a basic tool license with access to standard reports. A score of 85 might gives them permission to extend existing reports using report metadata, while a score of 95 gives them permission to create reports from scratch, integrate external data, and share the reports with others.
Certification tests put the onus on business users to prove they have the skills to use tools in an appropriate manner. More importantly, they remove the IT team as an obstacle that stands between business users and data. The tests also establish the perception that self-service data access is a privilege earned through merit and skill rather than an unconditional right that comes from having a certain title. In fact, testing can create friendly competition among business users to elevate their status within the organization.
There are many techniques—some subtle, some obvious—that can help create a culture of governance. This article examines just three. The key is to find levers within the organization that change the dynamics between IT and business. The goal is to move from a push (IT to business) to a pull (business to IT) relationship. Rather than IT imposing its will, a pull relationship provides incentives that impel business to embrace governance.
For more ideas on how to create a culture of governance, see, “PsyOps Part 1: How To Turn the Tide of Analytics Adoption” and “PsyOps Part 2: Winning the Hearts and Minds of Business Users”.