Express Computer
Home  »  Guest Blogs  »  Data Governance and Board Responsibility

Data Governance and Board Responsibility

0 264

By Tarun Kher, Partner, Risk Advisory Services, BDO India

Data encompassing input as well as processed output, stored within an organisation, is an
asset for the governing board – much beyond people, devices, and facilities.

What is Data Governance
Data Governance Institute defines data as ‘a system of decision rights and accountabilities
for information-related processes, executed according to agreed-upon models which describe who can take what actions with what information, and when, under what
circumstances, using what methods.’

Data governance includes setting internal standards, policies, and procedures applicable for
data collection, processing, storage/ retention, and disposal thereof. It also helps ensure that the data is secure, reliable, available, and accessible by authorised data owners to drive
business initiatives such as powering digital transformations. Data governance combines
analytics with compliance requirements. With ever-increasing big data volumes from
emerging data sources, such as the Internet of Things (IoT) technologies, organisations
need to continuously monitor and update their data governance procedures to enhance their business acumen.

Data governance has three main components which assist in developing the framework
viz. people, processes, and technology.

People
A data governance team is accountable for the quality of data across all functions in the
corporation, as in the case of the provisions of ‘The Digital Personal Data Protection
(DPDP) Bill, 2022’ (which was granted the Cabinet’s approval on 5 July 2023 and is set
to become an Act in the monsoon session of the parliament).

The following key personnel play a pivotal role in personal data governance and protection:
1. ‘Data Fiduciary’ who alone or in conjunction with other persons determines the
purpose and means of processing personal data
2. ‘Data Principal’ is the individual to whom the personal data relates
3. ‘Data Processor’ is the person who processes personal data on behalf of the Data
Fiduciary
4. ‘Data Protection Officer’ is an individual appointed for the protection of personal data
and assists the Data Principal exercise their rights

Processes
Data governance teams must define processes for collection, transfer, alterations, access,
and securing the data which should be subject to continuous control monitoring
mechanisms, periodic audits, and compliance oversight by the Board.

The draft DPDP Bill covers processing (including collection/ recording, storage, alteration,
dissemination, removal/ deletion, etc.) of personal data, and sets up a compliance
framework, which includes the establishment of a Data Protection Board.

Data governance policies should be designed to ensure compliance with the government
regulations regarding sensitive data and privacy, such as the EU General Data Protection
Regulation (GDPR), the US Health Insurance Portability and Accountability Act (HIPAA), industry requirements such as European Union Agency for Cybersecurity (ENISA) Information Assurance Framework for cloud control and Payment Card Industry Data Security Standards (PCI DSS). Non-compliance with the provisions of defined regulations may entail fines and penal consequences which have been the primary drivers for organisations to adopt data governance tools that safeguard against all types of data breaches.

Technology
Software applications customised for the organisation’s business requirements help data
governance teams to institutionalise and automate the best-in-class governance practices.
To choose the right technological solution, the data governance team should consider the
complete life cycle of sensitive data starting from creation to storage/ retention.

Board Responsibility
Best practices for corporate governance suggest that data governance should be objective
and balanced. Board oversight should focus on governing data to the least extent possible
while laying thrust on digital platforms – which are tech-enabled.

Boards should encourage data governance teams to:
i) Construct a system that supports quality data
ii) Ensure that the data is accurate, timely, and easily comprehendible by
employees as well as external stakeholders
iii) Apply data for effective decision-making
iv) Increase data literacy by using data analysis tools and improve processing
techniques
v) Collect and disseminate metadata associated with enterprise data warehouse
content.
Develop a strategic analytic plan to share with the management team

Aligning the organisation’s strategic planning initiatives and board governance requires
effective communication exchange between the board, management, and the data
governance team.

Data governance teams should align data with corporate governance goals, thus enhancing
the organisation’s data profile and developing data sets for effective allocation of the
organisation’s resources by the Board. The existence of an effective data governance
framework assists in enterprise risk mitigation and helps the Board define the tone at the top.

In case of a data breach incident, the data governance framework acts as a saviour, helping
Boards identify the location and extent of the data compromised and enforcing corrective
actions immediately. Boards are able to mitigate cyber risks and threats with the help of a
robust data governance team.

On the one hand, there are rapid technological advancements, but on the other, there are
increased incidents of external intrusion, wherein sensitive data is being compromised. The
key to a rational approach towards data governance is for the entire organisation to have
complete recognition of 'data as an asset class', thereby creating value for the organisation with constructive board oversight.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image