This article discusses the integrated implementation approach for data governance.
The first article in this series discussed why organizations may need to reassess their existing frameworks and highlighted what should be done. The second article covered a high-level roadmap to establish a new governance framework or adjust an existing one for (meta)data, AI, and risk management.
This article presents a detailed, integrated implementation approach for core (meta)data management capabilities that are logically interdependent. The example discussed in the article includes several core capabilities: enterprise-wide and capability-specific governance frameworks, metadata management, enterprise architecture (covering business, data, and application aspects), data quality, and security.
Some essential capabilities are not included in this discussion for specific reasons. For example, data and application security are closely tied to IT tool implementation, making security governance IT tool-dependent. Additionally, AI-related capabilities can only be implemented once foundational data management practices are fully operationalized.
Figure 1 illustrates the conceptual integrated implementation plan for core data management capabilities, including governance components and key artifacts.
Figure 1: The High-Level Integrated Plan for Implementing Core DM Capabilities.
Let’s briefly examine each stage of this plan. Those interested in more details can refer to my books, The Data Management Toolkit 2.0 and The ‘Orange’ Data Management Framework.
It is important to note that this plan illustrates the logical dependencies between different capabilities, as the outputs of some will serve as inputs for others. Each stage of the integrated framework corresponds to a specific set of data management capabilities.
Stage 1: Define the Scope of the Governance Framework Architecture
An organization must design a governance framework architecture applicable to metadata, data, AI, and associated risk management. This architecture must be feasible, effective, scalable, and adaptable to new requirements. This task falls under the enterprise-wide governance capability.
The most important considerations include defining the target data architecture type, determining the scope of data and metadata, aligning (meta)data and AI practices, and ensuring compliance with data and AI-related legislative requirements.
The key deliverables of this stage include long-term plans, such as a strategy, strategic progress KPIs, a high-level design of the governance framework, the implementation approach and methodology, and a high-level roadmap.
Stage 2. Establish an Enterprise-Wide Governance Capability.
The second article in this series provided an in-depth discussion of the key deliverables of the enterprise-wide governance capability. These include the operating model and organizational structure, which define the governing bodies and the architecture of data- and AI-related roles. This stage relates to the enterprise-wide governance capability.
Step 3. Define and Prioritize Use Cases.
Defining and prioritizing use cases requires identifying and linking their types. The organization must first determine the most significant business use cases. For example, compliance with personal data protection regulations may be a key business use case. Implementing this use case could lead to the definition and execution of several (meta)data use cases, such as data lineage and data quality. AI systems can further enhance business and (meta)data capabilities by enabling policy alignment and risk mitigation.
The key deliverable of this stage is a list of aligned and feasible use cases. The enterprise-wide governance capability is responsible for ensuring the execution of this stage.
Step 4. Identify Business and Data Domains.
The identified use cases will determine the relevant business domains, forming part of the business architecture. Each business domain is associated with specific data sets defined by the data architecture. At this stage, capability-specific governance oversees developing and implementing business and data architecture artifacts, policies, processes, roles, and tools.
Step 5. Develop Data Models.
Once data domains are identified, they must be further described. The data architecture and modeling capability will define data by developing various types of data models. The capability-specific governance framework will oversee the creation of key artifacts and the development of data architecture and modeling policies, processes, and role assignments.
Step 6. Define Critical Data and Data Chains.
The organization may focus only on critical data and its corresponding data chains to ensure the feasibility of use case implementation. Both enterprise-wide and capability-specific governance frameworks must oversee the definition and prioritization of critical data and data chains through established policies, processes, and roles. Data architecture and modeling will conduct this process using data models as inputs. It is important to note that “criticality” is a metadata attribute that must be defined at a specific level, such as a data set, entity, or attribute.
Step 7. Define Required Metadata.
Metadata management plays a crucial role by enabling both the data lifecycle and the metadata lifecycle. However, its importance is often overlooked. One reason for this is that many so-called “data” management capabilities primarily generate metadata rather than actual data. Data modeling and architecture are prime examples. As a result, organizations tend to focus only on certain types of technical and operational metadata necessary for IT pipeline processing.
A broader perspective reveals that data models, data lineage, and data catalogs are all forms of metadata that require supporting capabilities such as architecture, security, lifecycle management, and quality. The capability-specific governance framework must oversee the development of a metadata metamodel, along with corresponding policies, processes, and roles. Metadata management should identify metadata sources and define the scope of required metadata capabilities.
Step 8. Catalog (Meta)Data and IT Assets.
This stage requires collaboration across multiple capabilities, including metadata management, data and application architecture, and capability-specific governance. The process may also need an enabling IT tool, such as a (meta)data catalog or repository.
The governance capability oversees the development and implementation of data and application architecture policies, processes, and roles. The artifacts from Stage 6 serve as inputs for cataloging (meta)data and IT assets.
Step 9. Establish Security.
Security can be implemented at both the application and data levels. The inputs for this stage come from Stages 5, 7, and 8, which involve data modeling, metadata definition, and cataloging IT and (meta)data assets.
The security capability must develop a security architecture that aligns with both data and application architecture. This stage may also include data classification, where security levels are defined as metadata and recorded in a (meta)data catalog or register.
The capability-specific governance framework must ensure the establishment of required security policies, processes, and roles.
Step 10. Document data lineage.
Data lineage is a complex metadata construct that requires input from multiple capabilities, including data and application architecture, modeling, and metadata management. The artifacts produced in Stages 3, 4, 5, 6, 7, and 8, along with appropriate tooling, are necessary for this stage.
Data lineage can be documented at multiple levels of abstraction, which must be interconnected. The scope of this stage depends on the metamodel of data lineage. Those interested in a deeper exploration of this topic can refer to my book, Data Lineage from a Business Perspective.
The capability-specific governance framework ensures the development of the data lineage metamodel, along with the necessary standards, processes, and roles.
Step 11. Improve (Meta)Data Quality.
An organization can only begin improving data and metadata quality once the previous stages have produced at least some key artifacts. The primary deliverable of this stage is (meta)data that meets the required quality standards.
To achieve this, the data quality capability must define quality requirements, implement checks and controls, validate the delivered data, and perform cleansing when necessary. The capability-specific governance framework ensures the implementation of the required policies, processes, roles, and IT tools.
Step 12. Document Data Management (DM) Knowledge Graph.
Data lineage is often considered synonymous with a knowledge graph. However, in this context, the DM knowledge graph refers to a platform that links artifacts across multiple data management capabilities, including elements beyond data lineage, such as use cases and legislative documentation.
The capability-specific governance framework must ensure that the requirements for the knowledge graph’s metamodel and the corresponding IT tool are agreed upon across different capabilities. It is also responsible for coordinating the implementation.
Conclusion.
An organization must establish a structured governance framework to develop an integrated implementation plan, define and prioritize use cases, align business and data domains, and systematically develop key data management capabilities. The organization can create a scalable, adaptable, and effective approach to managing (meta)data, AI, and associated risks by ensuring logical dependencies, enforcing governance controls, and leveraging the right tools.
