Data Governance and Compliance: Evolving to Our Current High Stakes Environment
By Rupa Mahanti
()
About this ebook
The first in a three-volume series on data governance, this book does not assume any prior or specialist knowledge in data governance and will be highly beneficial for IT, management and law students, academics, information management and business professionals, and researchers to enhancetheir knowledge and get guidance in managing their own data governance projects from a governance and compliance perspective.
Rupa Mahanti
Dr. Rupa Mahanti is a Business and Information Management consultant with has extensive and diversified consulting experience in different technologies, solution environments, business areas, industry sectors, and geographies.
Read more from Rupa Mahanti
Data Governance and Data Management: Contextualizing Data Governance Drivers, Technologies, and Tools Rating: 0 out of 5 stars0 ratingsData Quality: Dimensions, Measurement, Strategy, Management, and Governance Rating: 0 out of 5 stars0 ratings
Related to Data Governance and Compliance
Related ebooks
Data Governance and Data Management: Contextualizing Data Governance Drivers, Technologies, and Tools Rating: 0 out of 5 stars0 ratingsModern Data Strategy Rating: 0 out of 5 stars0 ratingsData Governance: Building a Foundation for Data Excellence Rating: 0 out of 5 stars0 ratingsA Government Librarian’s Guide to Information Governance and Data Privacy Rating: 0 out of 5 stars0 ratingsA Corporate Librarian’s Guide to Information Governance and Data Privacy Rating: 0 out of 5 stars0 ratingsThe Data Governance Imperative Rating: 0 out of 5 stars0 ratingsThe IBM Data Governance Unified Process: Driving Business Value with IBM Software and Best Practices Rating: 4 out of 5 stars4/5Data Governance: How to Design, Deploy and Sustain an Effective Data Governance Program Rating: 4 out of 5 stars4/5Data Risk Management Rating: 0 out of 5 stars0 ratingsDatabase Management for Beginners: A Beginner's Guide to Managing and Manipulating Data Rating: 0 out of 5 stars0 ratingsyt’s Data Protection Governance Framework Volume 1 of 2 Rating: 0 out of 5 stars0 ratingsData Lake: Unleashing the Power of Data. Exploring the Depths of the Data Lake Rating: 0 out of 5 stars0 ratingsData Analytics with Python: Data Analytics in Python Using Pandas Rating: 3 out of 5 stars3/5Selling Information Governance to the Business: Best Practices by Industry and Job Function Rating: 0 out of 5 stars0 ratingsData-Driven Business Strategies: Understanding and Harnessing the Power of Big Data Rating: 0 out of 5 stars0 ratingsOptimizing Data-to-Learning-to-Action: The Modern Approach to Continuous Performance Improvement for Businesses Rating: 0 out of 5 stars0 ratingsData Stewardship: An Actionable Guide to Effective Data Management and Data Governance Rating: 4 out of 5 stars4/5Data Protection and Compliance: Second edition Rating: 0 out of 5 stars0 ratingsEnterprise DevOps Framework: Transforming IT Operations Rating: 0 out of 5 stars0 ratingsData as a Product: Leveraging Data as a Marketable Product Rating: 0 out of 5 stars0 ratingsThe Case for the Chief Data Officer: Recasting the C-Suite to Leverage Your Most Valuable Asset Rating: 4 out of 5 stars4/5The Data and Analytics Playbook: Proven Methods for Governed Data and Analytic Quality Rating: 5 out of 5 stars5/5Data Analytics And Knowledge Management Rating: 0 out of 5 stars0 ratingsData Virtualization: The Power of Unified Data. Harnessing the Benefits of Data Virtualization Rating: 0 out of 5 stars0 ratingsData Mesh: Transforming Data Architecture for Decentralized and Scalable Insights Rating: 0 out of 5 stars0 ratingsData Science and Analytics: Transforming Raw Data into Actionable Insights: A Comprehensive Guide Rating: 0 out of 5 stars0 ratingsData-Driven Decisions: Leveraging Analytics for Success Rating: 0 out of 5 stars0 ratingsImplementation of a Central Electronic Mail & Filing Structure Rating: 0 out of 5 stars0 ratingsSecure Your Business: Insights to Governance, Risk, Compliance & Information Security Rating: 0 out of 5 stars0 ratings
Business For You
Crucial Conversations Tools for Talking When Stakes Are High, Second Edition Rating: 4 out of 5 stars4/5Crucial Conversations: Tools for Talking When Stakes are High, Third Edition Rating: 4 out of 5 stars4/5Becoming Bulletproof: Protect Yourself, Read People, Influence Situations, and Live Fearlessly Rating: 4 out of 5 stars4/5Law of Connection: Lesson 10 from The 21 Irrefutable Laws of Leadership Rating: 4 out of 5 stars4/5Summary of J.L. Collins's The Simple Path to Wealth Rating: 5 out of 5 stars5/5Collaborating with the Enemy: How to Work with People You Don't Agree with or Like or Trust Rating: 4 out of 5 stars4/5Your Next Five Moves: Master the Art of Business Strategy Rating: 5 out of 5 stars5/5Set for Life: An All-Out Approach to Early Financial Freedom Rating: 4 out of 5 stars4/5The Richest Man in Babylon: The most inspiring book on wealth ever written Rating: 5 out of 5 stars5/5The Intelligent Investor, Rev. Ed: The Definitive Book on Value Investing Rating: 4 out of 5 stars4/5Confessions of an Economic Hit Man, 3rd Edition Rating: 5 out of 5 stars5/5The Five Dysfunctions of a Team: A Leadership Fable, 20th Anniversary Edition Rating: 4 out of 5 stars4/5Capitalism and Freedom Rating: 4 out of 5 stars4/5Tools Of Titans: The Tactics, Routines, and Habits of Billionaires, Icons, and World-Class Performers Rating: 4 out of 5 stars4/5Nickel and Dimed: On (Not) Getting By in America Rating: 4 out of 5 stars4/5Lying Rating: 4 out of 5 stars4/5The Everything Guide To Being A Paralegal: Winning Secrets to a Successful Career! Rating: 5 out of 5 stars5/5The Catalyst: How to Change Anyone's Mind Rating: 4 out of 5 stars4/5Just Listen: Discover the Secret to Getting Through to Absolutely Anyone Rating: 4 out of 5 stars4/5Robert's Rules of Order: The Original Manual for Assembly Rules, Business Etiquette, and Conduct Rating: 4 out of 5 stars4/5How to Get Ideas Rating: 5 out of 5 stars5/5Carol Dweck's Mindset The New Psychology of Success: Summary and Analysis Rating: 4 out of 5 stars4/5Red Notice: A True Story of High Finance, Murder, and One Man's Fight for Justice Rating: 4 out of 5 stars4/5Limited Liability Companies For Dummies Rating: 5 out of 5 stars5/5The 12 Week Year (Review and Analysis of Moran and Lennington's Book) Rating: 5 out of 5 stars5/5
Related categories
Reviews for Data Governance and Compliance
0 ratings0 reviews
Book preview
Data Governance and Compliance - Rupa Mahanti
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021
R. MahantiData Governance and Compliancehttps://doi.org/10.1007/978-981-33-6877-4_1
1. Introduction to Governance, Corporate Governance, and Compliance
Rupa Mahanti¹
(1)
Strathfield, NSW, Australia
Rupa Mahanti
Email: rupa.mahanti0@gmail.com
It is clear that good corporate governance makes good sense. The name of the game for a company in the 21st Century will be conform while it performs.
—Mervyn King (Chairman: King Report).
Abstract
This chapter introduces the readers to the concept of governance, corporate governance, the impact of the digital age and data on governance, compliance and performance, and discusses in detail the difference between management and governance.
1.1 Introduction
An entity is an organization, country, or business. At the core of any entity’s success is good governance, which needs to be entrenched in its cultural fabric. Governance is the exercise of authority and control to ensure accountability and promote transparency. While good governance can lead to an entity’s success, poor governance can result in its decline or failure.
Governance is often confused with management. The first section of this chapter discusses the differences between governance and management. The next sections introduce the readers to the concept of corporate governance, the impact of the digital age and data on governance, compliance, and performance.
1.2 Governance Versus Management
Governance and management are not the same. There is a thin line between governance and management, with both having leadership roles that need to be executed differently. Management focuses on people. In general, it concerns drive, commitment, allegiance, and politics. Governance focuses on power. It concerns policies, rules, regulations, the distribution of authority and responsibities, and the boundaries, exercise, and abuse of authority. Governance deals with What,
that is, determining the mission and vision, setting policies and strategic plans, selection of the chief executive, managing the governance process, providing insight, wisdom, and judgement, and verify, and audit performance.
Management focuses on operations and performance. In general, it concerns work done by people or machines and grouped into tasks, functions, or processes. Management deals with How;
that is, implementing policies, strategic plans, and board decisions, supporting governance processes, establishing operating procedures, measuring performance, and delivering services (Community Southwark).
Bird (2001) states that while executives and managers administer, develop, implement and monitor business strategies on a day-to-day basis, boards and other governance structures deal with overall organization policy, culture, and direction. He goes on to state that, Executives…manage organizations by the authority delegated to them by those who govern
(Bird 2001), thus making a strong distinction between the different elements of corporate governance and management (Webb et al. 2006). This distinction is based on the difference in the activities performed by the governance body, structures, and operational management.
However, the line between governance and management is not hard and fast and there are some overlap areas. The common overlap areas are ensuring that the strategic plan objectives are met, performance issues, and constant assessment of risk.
The distinction between governance and management differs from one organization to another organization and, from time to time, within the same organization, too (Mitchell 2010). The organizational maturity, size, and culture have an effect on the extent of separation between the governance and management structures.
Less mature organizations may take time to establish formal governance mechanisms. In the case of smaller organizations with limited employees or members, there might not be enough individuals to play distinct roles, and staff or members may perform multiple roles and may be entrusted with overlapping responsibilities of both governance and management. However, as an organization evolves and expands, the distinction becomes more and more important as delineating governance and management endorses accountability at all levels, and also provides a mechanism for good enterprise governance that emphasizes on stakeholder value by balancing performance and conformance (CommunityNet Aotearoa; Ball 2010; IEG World Bank 2007). Though a clean delineation is rarely possible, the ‘right’ balance between governance and management is necessary to avoid conflicts (Ball 2010).
The analogy of steering versus rowing is often used to describe the delineation of roles of governance versus management, and the delineation supports good decision making and outcomes driven activities. In the words of Robert Tricker , If management is about running the business, governance is about seeing that it is run properly.
While governance is about doing the right thing,
management is about "doing things right (Tricker 1998; IEG World Bank 2007)".
The governing body , such as a committee or board (comprised of directors), is responsible for governance and provides direction, leadership, control, and an enabling framework for collective decision making. At the same time, the management or executive team, led by the chief executive and his/her staff and volunteers, is responsible for the management and implementing decisions made by the governing body. The governing body’s role is to oversee management and not to manage directly. It must be satisfied that the management team is doing its job under the stated policy and available resources (CommunityNet Aotearoa).
Every board is dissimilar in terms of how they carry out their governance role, and there should be clarity and consensus regarding the governance approach. According to Demb and Neubauer (1992), there are three main classic ways for boards to implement their governance role (Ball 2010);
the watchdog,
the trustee, and
the pilot mode.
In a ‘watchdog’ role, the board provides complete oversight and has no obvious involvement in the organization’s activities. In the ‘trustee’ role, the board conducts itself like a custodian of assets and is accountable to shareholders and society for those assets. In a ‘pilot’ role, the board takes an active role in supervising the business of the organization (Demb and Neubauer 1992; Ball 2010).
As highlighted by John A. Zachman, Author of The Framework for Enterprise Architecture
(The Zachman Framework
), Zachman International, in his interview statement,—the definition of
Management historically included: 1. Plan 2. Organize 3. Staff 4. Direct, and 5. Control.
Governance also includes almost all of these elements but with a different perspective. Governance systems include the management processes designed to deliver on performance objectives while considering stakeholder interests (ASQ).
1.3 Corporate Governance and Its Subdisciplines—in a Nutshell
Corporate governance is the system of policies, rules, mechanisms, practices, authorities, and processes used to direct, manage, and control a corporation. There are several subdisciplines under the corporate governance umbrella as shown in Fig. 1.1:
../images/494555_1_En_1_Chapter/494555_1_En_1_Fig1_HTML.pngFig. 1.1
Subdisciplines of corporate governance
Operational governance
Financial governance
HR governance
Risk governance
Security governance
IT governance
Data governance
IT governance and data governance are relatively new fields of governance as compared to the other corporate governance subdisciplines.
All the subdisciplines of coporate governance have been discussed in detail in Chap. 3.
1.4 Corporate Governance, the Digital Age, Data and Compliance
We are governed by information and our belief in and acceptance of that information. Transparent, verified information and knowledge bridges are the most important tools available to us today.
― Heather Marsh, The Creation of Me, Them and Us
Corporations have evolved over centuries, and so has the governance of corporations. Also, economic disasters, corporate scandals, and cases of fraud have weakened the world economy and influenced the evolution of governance. These have led to new laws and regulations to prevent recurrence of such incidents, events, or situations, which in turn have led to tighter controls, well-defined accountabilities, and enforcements to ensure compliance.
Effective governance needs facts , and good quality data represents facts. Before the advent of information technology, important facts were recorded on paper, kept under lock and key, and these served as inputs to the other disciplines of corporate governance.
The advancement of information technology, decreased cost of hardware and storage, and increased storage capacity has led us into the digital age. The digital age is characterized by organizations collecting large amounts of and different varieties of data electronically in shorter periods. In the digital age, data itself is an asset that needs to be effectively governed to ensure compliance and high-quality data. Compliance is one of the biggest drivers of data governance.
Data used in business processes has a direct or indirect impact on business performance. Faulty business processes often generate bad data, which adversely impacts business processes, which in turn adversely impacts business performance, as shown in Fig. 1.2.
../images/494555_1_En_1_Chapter/494555_1_En_1_Fig2_HTML.pngFig. 1.2
Data, business processes, and business performance
Compliance is about following rules and regulations. These rules and regulations came into existence because of wrong actions, such as fraud and security breaches, as well as operational failures, corporate failures, and financial scandals that have been the result of poor performance or ethical issues. While fulfilling compliance obligations, organizations should look at improving business processes which will have a positive impact on performance, instead of only focusing on avoiding wrong actions. Where compliance hinders performance, the focus should be to achieve compliance by balancing performance .
Corporate failures, operational failures, security breaches, ethical issues and financial scandals beget rules and regulations which in turn beget governance, which begets improved performance and compliance, which in turn prevent corporate failures, operational failures, fraud, security breaches, ethical issues, and financial scandals as shown in Fig. 1.3.
../images/494555_1_En_1_Chapter/494555_1_En_1_Fig3_HTML.pngFig. 1.3
Cycle of compliance and performance
1.5 What’s Ahead?
In this book, we introduce the readers to the concept of governance, corporate governance, its history and evolution across different geographies in the face of scandals and financial disasters, which triggered the need for laws and regulations that organizations need to comply with, the different subdisciplines of corporate governance, and how the different subdisciplines of corporate governance tie together. We also will introduce the concept of data, data governance, the lack of standard definition of data governance, the distinction between IT governance and data governance, and finally, how data governance helps in attaining compliance.
References
ASQ. What is organizational or Corporate Governance, Quality Resources. https://asq.org/quality-resources/governance Accessed 20 Feb 2020
Ball D (2010) November 3, 2010, Management versus governance—it’s not that easy, better boards. https://betterboards.net/governance/management-vs-governance/. Accessed 20 Feb 2020
Bird F (2001) Good governance: a philosophical discussion of the responsibilities and practices of organizational governors. Canadian J Admin Stud 298–312
CommunityNet Aotearoa. Governance and Management, NZ Navigator Trust. https://community.net.nz/resources/community-resource-kit/4-2-governance-governance-and-management/ Accessed 20 Feb 2020
Community Southwark (2018) Governance or Management: Knowing the difference. https://communitysouthwark.org/sites/default/files/images/Governance%20or%20Management.pdf. Accessed 20 Feb 2020
Demb A, Neubauer F (1992) The corporate board: confronting the paradoxes. Oxford University Press, New York
Independent Evaluation Group IEG World Bank (2007) Sourcebook for Evaluating Global and Regional Partnership Programs Indicative Principles and Standards. http://www.oecd.org/development/evaluation/dcdndep/37981082.pdf. Accessed 20 Feb 2020
Mitchell R (2010) The crucial difference between governance and management. AKT LTP. https://www.inphilanthropy.org/sites/default/files/resources/Crucial%20Difference%20Between%20Governance%20%26%20Management-AKT%20LLP-2011.pdf. Accessed 20 Feb 2020
Tricker R (1998) The role of management is to run the enterprise and that of the board is to see that it is being run well and in the right direction. In: Robert IT (ed) Pocket Director, p 8
Webb P, Pollard C, Ridley G (2006) Attempting to define IT governance: wisdom or folly? Proc Ann Hawaii Int Conf Syst Sci 8:194a–194a. https://doi.org/10.1109/HICSS.2006.68Crossref
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021
R. MahantiData Governance and Compliancehttps://doi.org/10.1007/978-981-33-6877-4_2
2. Governance Evolution and Basic Concepts
Rupa Mahanti¹
(1)
Strathfield, NSW, Australia
Rupa Mahanti
Email: rupa.mahanti0@gmail.com
Necessity is the mother of invention.—Plato
The only constant in life is change.— Heraclitus of Ephesus
Abstract
The concept of governance is the exercise of authority and control to ensure accountability and promote transparency. It has been around in some form since ancient times and has evolved with the requirements of the respective periods. This chapter explains governance and corporate governance followed by the evolution of corporate governance in the different geographies across the world.
2.1 Introduction
The concept of governance is the exercise of authority and control to ensure accountability and promote transparency. It has been around in some form since ancient times and has evolved with the requirements of the respective periods. In ancient times, governance centered around ruling tribes and kingdoms. Over time, corporations evolved, and a similar structure of governance was required. As corporations grew in size, and businesses, infrastructure, and technologies evolved, different subcategories of governance, such as operational governance, finance governance, risk governance, HR governance, security governance, IT governance, and data governance also evolved under the corporate governance umbrella to handle these changes and to ensure that organizations continued to run