Building a data governance strategy in 2023

Binary shown in a colourful fashion from blues to reds to yellows

Attitudes towards data governance have shifted in the last 12 months from something that’s nice to have to a must-have, as businesses look to better measure and monetise their data.

Getting it right has never been more important, with disparate data estates growing and risks around regulatory enforcement, private litigation and company reputation becoming more prominent.

With this in mind, Giovanni Cervellati, research manager, European intelligent analytics and data strategies research at IDC Europe, says the majority of organisations are concerned about data loss, compliance breaches and lost opportunities. This has made data governance a priority as businesses look to boost data resilience, ensure continuous compliance and mitigate risks.

“Almost 70% of organisations view data privacy and security as key investment areas and 54% view data sovereignty, privacy and governance as factors to be addressed,” he notes.

Benefits of strong data governance

Good data governance helps organisations of all kinds to achieve their ideal business outcomes, ensure robust audit trails and improve decision-making. Saul Judah, VP analyst at Gartner, highlights a prime example.

“[One organisation] built business support by showing that its data and analytics transformation would enable the rapid calculation of crucial, cross-functional business KPIs,” says Judah. “The COVID-19 crisis showed the wisdom of this approach, and consequently, its data and analytics team was able to pull together crucial data to inform executive decision-making about the crisis in a short time.”

If an organisation isn’t implementing basic principles around data governance, then it’s hard to see how they can run an efficient business model and build and retain customer trust adds David Mason, information and fundraising compliance manager at the Salvation Army.

“If you’re not keeping accurate records, it is hard to see how you can effectively communicate with your customers,” he cautions, adding if you don’t tell people how you’re going to use their personal data, it shouldn’t be a surprise if they no longer want to hear from your organisation. As far as data protection goes, organisations should consider the priorities of the data subject first, and the business second.

“Most data governance is happening behind the scenes; we’ve got a strong framework in place for assessing and managing risk and recording processing activities,” he continues. “Our data protection officer (DPO) acts as the conduit between the business and the data protection regulator. Proof that our supporter-first approach is working can be highlighted by the fact that we receive very few complaints about our direct marketing activities – none about emails sent in 2021/22, and only 30-odd from over four million addressed mail packs in the same period.”

What’s in store for data governance in 2023?

In 2023, data governance strategies will be shaped around the growth of data volumes, cyber security threats, and the need to build digital trust.

Awareness around data governance is heightened

The pandemic accelerated a shift in attitudes, with data governance becoming a boardroom priority. The rise of hybrid working, for example, meant organisations needed to become more aware of data storage, data usage and data processing. This greater awareness is also essential to all businesses undergoing digital transformation projects.

Indeed, a digital or cloud transformation is all underpinned by data, says Waseem Ali, CEO of data recruitment agency Rockborne, and former head of data strategy at Lloyd’s of London. “Companies that don’t draw out the end-to-end flow of data across their systems and understand what’s happening to that data at different stages of its journey will struggle to make informed decisions,” he says.

More of the organisation is involved

According to Forrester’s 2022 data and analytics survey, 75% of organisations are expanding data literacy training, while 36% plan to have an executive in the role of head of data governance. With this in mind, “we predict that we will see more data governance discussions in organisations of all industries and sizes,” says Kim Herrington, a senior analyst at Forrester.

Gartner’s Judah reports seeing several major trends that support the move from data and analytics governance as a centralised, IT-led, asset-centric approach to a multi-style, business context-specific capability. These are adaptive governance, business outcome-focused governance, trust-based decision rights models, collaborative governance teams and platform-enabled governance.

“Allowed to materialise, these trends will enable data and analytics governance to become an effective change agent for transforming the organisation into a market-responsive composable enterprise,” Judah notes.

Keeping a watchful eye on legislation

A range of further legislative changes, meanwhile, are going to continue to add complexity to the governance landscape this year, says Will Richmond-Coggan, a data protection expert at law firm Freeths.

“These changes, together with wider-ranging enforcement activity and an ever-increasing public awareness of the rights individuals enjoy in connection with their data, will all continue to contribute to this taking a central position in the metrics by which a business’s success is judged,” he says.

Pitfalls to avoid in your data governance strategy

It’s important to remember there’s no “one size fits all” when it comes to data governance – an overly complex programme that’s a mismatch of risk and resource simply won’t work.

It’s also crucial to recognise that everyone in the organisation has a role to play and equip them accordingly. The key, though, is remembering this isn’t something that needs to be approached with suspicion or fear.

RELATED RESOURCE

Cost of a data breach report 2022

Discover the factors to help mitigate breach costs

FREE DOWNLOAD

Good governance can lead to all sorts of improvements in terms of efficiency, better visibility of assets and processes, and increased confidence that when risks arise – either internally or externally – the business’s systems and processes are robust enough to withstand them says Richmond-Coggan.

“Approaching governance from that perspective will help to ensure that the work entailed is actually beneficial for the business and results in a governance regime which is living, supportive of the business’s wider strategic goals, and consequently more readily adopted as part of the organisation’s culture,” he concludes.

Keri Allan

Keri Allan is a freelancer with 20 years of experience writing about technology and has written for publications including the Guardian, the Sunday Times, CIO, E&T and Arabian Computer News. She specialises in areas including the cloud, IoT, AI, machine learning and digital transformation.

Read more
An abstract map of the world overlaid with colorful geometric shapes, to represent the fractured regulatory landscape businesses face in 2025.
The fractured regulatory landscape tech companies face in 2025
Digital generated image of data.
Data sovereignty a growing priority for UK enterprises
Data analytics concept image showing data analysis graph on a digitized screen against colorful blocks in background.
A quarter of firms still don’t have a formal data strategy – and it’s hampering AI adoption
UK map concept art showing digitized UK landmass outline in blue.
Four years on, how's UK GDPR holding up?
GRC, Concept of Governance, Risk and Compliance. Company operates efficiently and ethically, complying with applicable regulations and laws.
Governance, risk, and compliance is a major growth opportunity, but how will the market develop?
A supervisor stood in a warehouse speaking to workers in high-vis vests, while holding a tablet displaying stats about the supply chain, to represent supply chain oversight.
Why supply chain oversight is critical for business
Latest in Data Protection
Unlock Profitability with Cove Data Protection
Unlock profitability with Cove Data Protection
C-suite executives in an open plan office space discussing AI strategy plans.
Tech leaders worry AI innovation is outpacing governance
Digital generated image of data.
Data sovereignty a growing priority for UK enterprises
GDPR concept image showing 'GDPR' lettering on a digital interface with padlock icons protruding from the center.
GDPR fines might’ve dipped last year, but don’t get complacent – personal liability risks are rising
UK map concept art showing digitized UK landmass outline in blue.
Four years on, how's UK GDPR holding up?
Cyber security concept image showing a digitized padlock sitting on a blue colored circuit board.
Protecting your data in the age of AI
Latest in Feature
Matt Clifford speaking at Treasury Connect conference in 2023
Who is Matt Clifford?
Open source vulnerabilities concept image showing HTML code on a computer screen.
Open source risks threaten all business users – it’s clear we must get a better understanding of open source software
An abstract CGI image of a large green cuboid being broken in half with yellow, orange, and red cubes to represent ransomware resilience and data encryption.
Building ransomware resilience to avoid paying out
The words "How effective are AI agents?" set against a dark blue background bearing the silhouettes of flowchart rectangles and diamonds to represent the computation and decisions made by AI agents. The words "AI agents" are yellow, while the others are white. The ITPro Podcast logo is in the bottom right-hand corner.
How effective are AI agents?
An illustration showing a mouth with speech bubbles and question marks and a stylized robot alien representing an AI assistant chirping away with symbols and ticks, to represent user annoyance with AI assistants.
On-device AI assistants are meant to be helpful – why do I find them so annoying?
A range of HP devices set on pedestals on the keynote stage at HP Amplify 2025 in Nashville, with a large screen in the background bearing the HP logo against a white background. The devices include AI PCs, laptops, and printers.
HP hones its edge AI ambitions at Amplify 2025