A large-scale corporate crisis is taking shape as an important global deadline nears: with less than four months until the May 25 effective date for the European Union’s General Data Protection Regulation (GDPR), a bare 6 percent of enterprises say they are prepared for the upcoming regulation, according to new research from data governance firm erwin, Inc.
While the company’s 2018 State of Data Governance Report does indicate broader awareness and enterprise focus for data governance, challenges remain in terms of understanding, executive support and financing.
Commissioned by erwin through UBM, the report shows that 98 percent of respondents view data governance as either important or very important from a business perspective—however, a disquieting 46 percent don’t have a formal governance strategy in place.
More than one in five (21 percent) are just getting started, meaning they are in the data discovery and inventory phase, and 63 percent either don’t have a budget for data governance or don’t know if they have one. At 40 percent of the organizations surveyed, the IT department continues to foot the bill for data governance expenses.
“The results of the report are validating, but also a bit shocking,” said Mariann McDonagh, CMO for Erwin, in a news release. “The fact that 94 percent of organizations are not prepared for what is arguably one of the most important data privacy and security regulations in recent years—with fines up to four percent of their global revenues—is stunning.”
“However, on the flip side, organizations are now finally recognizing that governing data assets goes well beyond risk management and compliance,” she added. “To fully realize the value of its data, an organization needs the ability to discover, understand, govern and socialize data assets beyond IT’s shadow. To mitigate risks and realize the desired business results, data stakeholders across the enterprise must be empowered to act as data citizens, and that includes IT and the business funding an ongoing process.”
Other key findings:
- Both IT and the business are responsible for data governance at 57 percent of the organizations surveyed. Just 34 percent have put IT solely in charge of data governance.
- The IT department continues to foot the bill for data governance at 40 percent of organizations. Budget for data governance comes from the audit and compliance function at 20 percent of organizations, while the business covers the bill at just 8 percent of the companies surveyed.
- When asked to identity the top three drivers of data governance initiatives, 60 percent of respondents say their biggest driver is the need to comply with regulatory mandates. However, compliance is not the only driver with 49 percent seeing data governance as a way to improve customer satisfaction, and 45 percent use it to support better decision-making. Reputation management and analytics are two other relatively big drivers with 30 percent and 27 percent, respectively.
- Big Data is another big driver with 22 percent of the responding organizations claiming to have more than 10 petabytes of data under management. One-fifth of respondents say Big Data is one of the top reasons for implementing a data governance program.
- 66 percent say that understanding and governing enterprise assets has become more important or very important for their executives. For 64 percent, data assets are somewhat or much more valuable to the organization than physical assets.
- 68 percent point to the CIO as driving the process. At four in 10 (39 percent) say the data architecture lead drives data governance activities—at 32 percent, the CEO is the biggest cheerleader, and at 34 percent the CEO is the one advocating it the most.
- Less than one-third of organizations have a fully implemented data governance program. At 42 percent of the organizations, data governance is a work in progress. Most of the enterprises have completed the data discovery phase and are now developing policies and processes, business rules, data definitions and classifications.
- 27 percent have fully connected the enterprise architecture (EA) and data governance functions.
“The survey presents a cautionary tale about what enterprises need to do in 2018 to move their data governance agendas forward,” added McDonagh. “It shows that while the business is beginning to realize the potential of data governance, it is not entirely clear on how to justify the budget or how to move the ball forward. We suggest starting with clear goals about what you want your program to achieve, building a budget to justify it like any other business initiative, educating and involving all data stakeholders, and absolutely getting ready to meet the requirements for GDPR.”
UBM surveyed North American business technology professionals representing more than 16 sectors, including financial services, government, healthcare, IT and telecommunications, about their attitudes toward data governance. Among the 118 respondents were CIOs, CTOs, data center managers, IT staff and consultants.