Building a data governance strategy in 2023

Binary shown in a colourful fashion from blues to reds to yellows

Attitudes towards data governance have shifted in the last 12 months from something that’s nice to have to a must-have, as businesses look to better measure and monetise their data.

Getting it right has never been more important, with disparate data estates growing and risks around regulatory enforcement, private litigation and company reputation becoming more prominent.

With this in mind, Giovanni Cervellati, research manager, European intelligent analytics and data strategies research at IDC Europe, says the majority of organisations are concerned about data loss, compliance breaches and lost opportunities. This has made data governance a priority as businesses look to boost data resilience, ensure continuous compliance and mitigate risks.

“Almost 70% of organisations view data privacy and security as key investment areas and 54% view data sovereignty, privacy and governance as factors to be addressed,” he notes.

Benefits of strong data governance

Good data governance helps organisations of all kinds to achieve their ideal business outcomes, ensure robust audit trails and improve decision-making. Saul Judah, VP analyst at Gartner, highlights a prime example.

“[One organisation] built business support by showing that its data and analytics transformation would enable the rapid calculation of crucial, cross-functional business KPIs,” says Judah. “The COVID-19 crisis showed the wisdom of this approach, and consequently, its data and analytics team was able to pull together crucial data to inform executive decision-making about the crisis in a short time.”

If an organisation isn’t implementing basic principles around data governance, then it’s hard to see how they can run an efficient business model and build and retain customer trust adds David Mason, information and fundraising compliance manager at the Salvation Army.

“If you’re not keeping accurate records, it is hard to see how you can effectively communicate with your customers,” he cautions, adding if you don’t tell people how you’re going to use their personal data, it shouldn’t be a surprise if they no longer want to hear from your organisation. As far as data protection goes, organisations should consider the priorities of the data subject first, and the business second.

“Most data governance is happening behind the scenes; we’ve got a strong framework in place for assessing and managing risk and recording processing activities,” he continues. “Our data protection officer (DPO) acts as the conduit between the business and the data protection regulator. Proof that our supporter-first approach is working can be highlighted by the fact that we receive very few complaints about our direct marketing activities – none about emails sent in 2021/22, and only 30-odd from over four million addressed mail packs in the same period.”

What’s in store for data governance in 2023?

In 2023, data governance strategies will be shaped around the growth of data volumes, cyber security threats, and the need to build digital trust.

Awareness around data governance is heightened

The pandemic accelerated a shift in attitudes, with data governance becoming a boardroom priority. The rise of hybrid working, for example, meant organisations needed to become more aware of data storage, data usage and data processing. This greater awareness is also essential to all businesses undergoing digital transformation projects.

Indeed, a digital or cloud transformation is all underpinned by data, says Waseem Ali, CEO of data recruitment agency Rockborne, and former head of data strategy at Lloyd’s of London. “Companies that don’t draw out the end-to-end flow of data across their systems and understand what’s happening to that data at different stages of its journey will struggle to make informed decisions,” he says.

More of the organisation is involved

According to Forrester’s 2022 data and analytics survey, 75% of organisations are expanding data literacy training, while 36% plan to have an executive in the role of head of data governance. With this in mind, “we predict that we will see more data governance discussions in organisations of all industries and sizes,” says Kim Herrington, a senior analyst at Forrester.

Gartner’s Judah reports seeing several major trends that support the move from data and analytics governance as a centralised, IT-led, asset-centric approach to a multi-style, business context-specific capability. These are adaptive governance, business outcome-focused governance, trust-based decision rights models, collaborative governance teams and platform-enabled governance.

“Allowed to materialise, these trends will enable data and analytics governance to become an effective change agent for transforming the organisation into a market-responsive composable enterprise,” Judah notes.

Keeping a watchful eye on legislation

A range of further legislative changes, meanwhile, are going to continue to add complexity to the governance landscape this year, says Will Richmond-Coggan, a data protection expert at law firm Freeths.

“These changes, together with wider-ranging enforcement activity and an ever-increasing public awareness of the rights individuals enjoy in connection with their data, will all continue to contribute to this taking a central position in the metrics by which a business’s success is judged,” he says.

Pitfalls to avoid in your data governance strategy

It’s important to remember there’s no “one size fits all” when it comes to data governance – an overly complex programme that’s a mismatch of risk and resource simply won’t work.

It’s also crucial to recognise that everyone in the organisation has a role to play and equip them accordingly. The key, though, is remembering this isn’t something that needs to be approached with suspicion or fear.


Cost of a data breach report 2022

Discover the factors to help mitigate breach costs


Good governance can lead to all sorts of improvements in terms of efficiency, better visibility of assets and processes, and increased confidence that when risks arise – either internally or externally – the business’s systems and processes are robust enough to withstand them says Richmond-Coggan.

“Approaching governance from that perspective will help to ensure that the work entailed is actually beneficial for the business and results in a governance regime which is living, supportive of the business’s wider strategic goals, and consequently more readily adopted as part of the organisation’s culture,” he concludes.

Keri Allan

Keri Allan is a freelancer with 20 years of experience writing about technology and has written for publications including the Guardian, the Sunday Times, CIO, E&T and Arabian Computer News. She specialises in areas including the cloud, IoT, AI, machine learning and digital transformation.