The who, what, how, when, where and why of data
By Matthew Simmons
You can have data management without data governance policies (though it's not recommended), but you can't have data governance without data management. All organisations need to plan how they use data so that it is handled consistently throughout the business to support business outcomes.
This means that organisations that successfully do this consider the who, what, how, when, where and why of data to not only ensure security and compliance, but to extract value from all the information collected and stored across the business, therefore improving business performance.
It’s all about how you handle the data collected within your business.
...And don’t forget regulatory compliance.
In 2016, the European Union adopted GDPR which expanded the definition of personal data as any data that can directly or indirectly be used to identify an individual. Suddenly, organisations had to classify a wider range of data assets as sensitive data in need of extra protection. GDPR also stipulates that any personal data belongs to the data subject, rather than the organisation that may collect or use that data.
With GDPR in place, any business with customers in the EU must be able to answer key questions about how it handles data ownership.
Those questions include:
- Where does all personal data exist across the organisation?
- How is data ownership assigned within the organisation?
- Should the ownership of data be single-point or collaborative?
Where to start with managing your data
Check your existing tools
A number of tools exist to help you with compliance, governance and data management, some may already be included in your tech stacks.
For example, if you have an E5 Microsoft Licence, Purview Compliance Manager is included in this licence. Microsoft Purview Compliance Manager is a solution in the Microsoft Purview compliance portal that helps you automatically assess and manage compliance across a multicloud environment.
Some of the key features include:
- Multicloud regulatory assessments
- Continuous control assessment
- Continuous regulatory updates
- Common control mapping
- Compliance score
Dashboard image of a compliance score. Image taken from Microsoft Learn
Research additional tools
Once you've audited your current licensing, you might find add-on tools can be an effective way to bolster your governance. Purview Governance is an extra cost in Azure, providing a unified data governance service.
Data governance with Microsoft Purview
Microsoft Purview offers a comprehensive suite of tools that provide businesses with a centralised platform for managing their data, ensuring information protection, insider risk management, implementing data governance policies, mitigating risks, and ensuring compliance.
You can learn more about Microsoft Purview in our Guide below.
Data Governance
Keeping things as simple as possible, data governance is a set of principles and practices that ensure high quality through the complete lifecycle of your data.
Access your data governance guide
Ready to speak to an expert?
If you have any questions about data governance, management or compliance, or you're ready to start a project then we're here to work with you.
