Data Governance refers to an overarching strategy that encompasses the policies, processes (including technologies) and people involved in managing and protecting data. It governs data management efforts that can include self-service business intelligence, operational reporting, data access, security and privacy, master data management, data quality management and so on.
Data governance drives risk assessment, which drives the compliance effort, which in turn develops the governance programme.
The three – governance, risk assessment and compliance – must work hand in hand for effective management and protection of data.
Data governance is a means of creating policies related to data, including how and where it is stored and sent, who has access to it and to what level, and what actions can be performed on the data, by whom, when, using what methods, and under what circumstances.
An effective data governance programme must be both proactive and reactive. It is designed to protect the data and prevent any unauthorised access or exposure, but also contains a response plan that can be put in place quickly if an incident occurs.