Why is governance such a confusing word?
It is interesting how many different definitions I have heard for the word “governance” when used in the context of governing Master Data.
It is not that any of the definitions are inappropriate but they may be incomplete. When a discussion refers to governance at so many different levels, most frequently as a synonym for maintenance or maintenance controls, I believe it is missing out on other key components of “governing” the Master Data.
While I can accept that “in-process controls” (some say “active governance”) are part of governance, they are not the sum total of governance, unless there is yet another word people are using to encompass the whole set of processes that are discussed below.
Let us consider for a moment the common stop light and the codes in it that regulate how often the light changes as a metaphor for a piece of data that needs governance. For the sake of this metaphor, let us say those settings are like the "allowed values" in a drop-down in SAP.
For some, governance only means setting the code (or the data allowed value) in the light’s controls that regulate the light so that the light can regulate the flow of traffic. These companies consider the coded rule to be the complete rule. For them, setting up the initial “Master Data” is all that governance entails. The maintenance (or governance) is once and done for this point of view and no debate over the appropriateness of the code ever is needed. .
However, is this really what is meant by data governance?
If data governance simply means correctly setting the code then what do you call the hierarchy of policies, regulations, and enforcement needed in order to keep the use of lights consistent (i.e., red, not purple or tan always and only means stop)?
Someone is setting the initial code for the light (maintaining the “data”). They need to determine should it be on a timer. Or a photo switch? Perhaps a load button will meet the requirements better or maybe some combination? Is the light synchronized with other lights on the street? Is managing these requirements in the context of setting the correct coding for the light a part of governance? Maybe, but there is so much more than simply coordinating a group of lights or selecting the correct code value in a specific situation.
Should we consider the police officer who enforces compliance being included under governance? When is it that officer part of governance from the perspective of the stoplight? He’s not part of the data maintenance organization (he does not code the light) but while he surely enforces compliance with the regulated flow of traffic as dictated by said stop light, I suggest that is not governing the data. However, he is also the person to report when the coding in the light is not properly regulating the flow of traffic with changing traffic patterns. Should checking appropriateness of the data be part of governance?
Moving up the government ladder is the City Council who requests the stoplight. They probably determine the method by which the light will operate within the guidelines of the Department of Transportation (DOT). Is requesting a new control part of governance? At your company when a new field of Master Data comes into scope, is the process to review whether new field will be in keeping with company policies and objectives part of governance? Should setting those rules and regulations and negotiating them across multiple jurisdictions also be a part of governance?
The City Council may provide funding but they do not determine the rules and regulations that govern the proper placement and configuration for the stoplight (i.e., are the load buttons allowed on a stoplight used in a certain way). The DOT has the accountability for setting the code standards. They are given their authority and funding from higher up and so forth all the way up to Congress who provides the authority and policies to the DOT to set rules within the guidelines and so forth delegating authority back to the city council. Even this organizational structure and how its authority is organized is really just another attribute of governance from a Master Data Governance perspective.
Finally, every so often, there will be a situation, even with stoplights, where the needs and realities of use are in conflict with the laws, rules and regulations. This may be a case where the stoplight borders jurisdictional lines or when new technology sets up a change in the rules to implement (e.g. LED lights). When these cases create conflict, a mediation is needed. The court system which has its own escalation hierarchy ending with the Supreme Court is the government escalation system and even conflicts over traffic regulations occasionally find their way there. In a Master Data Governance context this is the conflict escalation policy and process from the local operations and Stewards up to the Operational Council (or committee) and then to the Data Steering Committee in extreme cases.
These rules and regulations are all well documented. In the case of governments, winding your way through the maze of regulations may be difficult requiring the use of specialized resources (suspending editorial comments here), but managing the documentation that all of the above layers utilize to keep all the country’s stoplights uniform to the correct degree is critical.
Are not all of the above parts of governance?
So let us start applying this example to governing master data.
Let us say the stoplight is the material master field for “availability check”. Governing that field begins at the very top with setting the policies for inventory management and defining the scope for when that field is to be used. This function may be filled by the Steering Committee for Data Governance, as it is the top layer of Master Data Governance in an enterprise excluding the executive sponsor. Once it is determined that availability check will be used, setting the detailed parameters is done by the operational committees or perhaps by a Central Governance Group. This will be the specifications for the configuration of the allowed codes to be used in the field (not unlike the role of the DOT); a And on down the line to include any localization performed by the local data stewards that will be needed to appropriately apply the new rules within the policies and rules for any specific availability check at a specific location.
In-process controls will prevent disallowed values and may even suggest the best initial value for the field. While these may not provide for the best correct value, at least you know you are not using an illegal one.
Monitoring is still needed to ensure compliance and optimum application of the best value as new technology drives (or changing business needs dictate) new regulations or just better values in circumstances under the existing rules. Wholesale monitoring of the data for the best values for all locations based on the inventory policies of the enterprise helps to ensure no records for any location or material types are out of compliance or set less than optimum for the situation.
Rules management is critical in all of this as the policies, rules, allowed values and background for proper use must be uniformly presented and easily discover-able.
Escalation provides for all things being taken in balance across all jurisdictions. Some locations or product types may need more finely-tuned availability checks that are not allowed. Therefore, an escalation process that is well understood and mediated is the final way to make sure the needs of the business are met for the enterprise as well as for the location. Escalation of conflict resolution is by no means maintenance, but surely, it is key to governance.
So what does “Master Data Governance” include?
Governance includes the enterprise level groups that make sure that data is operating to benefit the enterprise as well as the local locations. This function envisions the strategy;
Governance includes the operational management structure that looks after both local compliance as well as ensuring that the rules in place continue to make sense. This function implements the strategy
Governance includes managing / maintaining the enterprise and local policies and rules in a single transparent, easily searchable way;
Governance includes managing the controls applied during new record creations;
Governance includes managing the controls used for monitoring the data to make sure all values encoded in all fields continue to meet the reasons for their population;
Governance includes managing all the processes for maintaining Master Data, checking the quality of Master Data, managing the rules and policies and conflicts etc. at every level;
Master Data Governance must include setting the life-cycle policies for retiring records, rendering them inactive and finally archiving them.
Lastly, governance must include the conflict escalation that manages changes to policy that is driven by local needs. Responsible governance cannot only be a top down mandate, but must strive to meet the needs of the business as the stop light must meet the needs of the community where it resides.
What am I missing in the above list?
For practical reasons many of these “groups” may have overlapping personnel in an enterprise while in government they have more separation, but the work still must be performed.
If your definition of “governance” is maintenance focused, that is fine, but what are you calling the remainder of the critical layers?
I welcome all comments.
Richard A. King