Optimize management with permanent control
In previous articles, we’ve discussed the fact that it’s essential to put management rules in place, and to review theinternal organization in order to implement them.
We have also discussed the cost of data governance to the company.
Given these different parameters, it is important to establish internal controls to ensure that all rules are respected.
What to check
When it comes to data, to avoid getting caught, it is important to control everything from the beginning to the end of the data life cycle:
- Collection method ;
- Storage ;
- Monitoring and updates ;
- Sharing and transmitting;
- Deletion.
How do you set up an effective control system?
Set up access control
Not every employee in the company can do as he or she pleases.
Entering, modifying or deleting data must therefore be subject to certain authorizations in order to keep an eye on what’s going on in the database.
The CDO (Chief Data Officer) must therefore determine levels of responsibility for employees.
Each profile then has its own data management authorizations.
Using metadata
Using metadata is an excellent way of obtaining information about the data itself.
In fact, metadata can be defined as information about information.
For example, for a photo, metadata could be the location, the date the photo was taken, the weight of the image, the size of the image, the type of camera used… In the context of data governance, it could be information such as how the information was retrieved, on what date, by whom, when it was updated… This peripheral information can be of great value to the company if it can be exploited and controlled.
Indeed, in addition to basic information, metadata provides the company with a complete cartography for understanding data and the associated processing methods.
To achieve this, metadata must answer the 5 W’s + How’s, or QQOQCCP, i.e. :
- Who entered this information?
Who uses it?
Who owns it?
Who processes and maintains it? - What is the business definition?
What are the business rules?
How secure is it?
What are its standard names in databases? - Where does this data come from?
Where is it stored?
Where is it used, shared? - When was this data created?
When was it updated?
When should it be deleted? - How is this data formatted?
How was this data collected? - How many databases or sources does this information appear in?
- Why is this data stored?
What are its uses and purposes?
Controlling database management is of vital importance to any company.
If you don’t, you run the risk of being out of compliance, which could have serious consequences.
From a security point of view, it’s also a source of risk.
These risks are the subject of the next part of our series on data governance.
