Lisa Morgan, Freelance WriterDecember 20, 20249 Min ReadRancz Andrei via Alamy StockData governance isnt where it needs to be in many organizations, despite the widespread use of AI and analytics. This is risky on several levels such as cybersecurity and compliance, not to mention the potential impacts to various stakeholders. In short, data governance is becoming more necessary as organizations rely more heavily on data, not less.Steve Willis, principal research director, data, analytics, enterprise architecture and AI at Info-Tech Research Group offers a sobering statistic: Some 50% to 75% of data governance initiatives fail.Even in highly regulated industries where the acceptance and understanding of the concept and value of governance more broadly are ingrained into the corporate culture, most data governance programs have progressed very little past an expensive [check] boxing exercise, one that has kept regulatory queries to a minimum but returned very little additional business value on the investment, says Willis in an email interview.Most data professionals cite things like lack of business understanding and/or executive engagement, limited funding, the complexity of the data landscape or general organizational change resistance as the root-cause or causes as barriers to data governance implementation and the reason(s) why most data governance initiatives fail, though Willis disagrees.Related:A lack of a deep connection between the tangible outcomes business stakeholders care about and the activities and initiatives undertaken in the name of data governance is the primary cause of failure, says Willis. The few who have successfully implemented data governance can easily point to the value that data governance initiatives have delivered. [They are] able to provide a direct line of sight not only to tactical wins but to deep contributions to an organization achieving its strategic goals and objectives.Where the Problems LieMany data teams, particularly data governance teams, lack the proper relationships with business stakeholders, so the business has no visibility into how data governance works.Data governance teams should be rigorously focused on understanding how improvements in [data use] will tangibly make life easier for those managing and using data, be it removing critical pain points or creating new opportunities to add value, says Info-Techs Willis. By not focusing on their customers needs, many data governance professionals are over-focused on adding workload to those they are purporting to help in return for providing little measurable value.Related:Steve Willis, Info-Tech Research GroupWhy the disconnect? Data teams dont feel they can spend time understanding stakeholders or even challenging business stakeholder needs. Though executive support is critical, data governance professionals are not making the most out of that support. One often unacknowledged problem is culture.Unfortunately, in many organizations, the predominant attitude towards governance and risk management is that [they are] a burden of bureaucracy that slows innovation, says Willis. Data governance teams too frequently perpetuate that mindset, over-rotating on data controls and processes where the effort to execute is misaligned to the value they release.One way to begin improving the effectiveness of data governance is to reassess the organizations objectives and approach.Embed data governance activities, small step by small step into your current business operations, make managing data part of a business process owners day to day responsibilities rather than making the governance and management of data a separate thing, saysWillis. This abstraction of data governance and management away from business operations is a key reason why nominated data stewards, who are typically business process owners, dont understand what they are being asked to do. As a data governance team, you need to contextualize data management activities into the language the business understands and make it a part of what they do.Related:Common Mistakes and How to Avoid ThemBusinesses are struggling to make data accessible for users and protect it from misuse or breaches. This often results in either too much bureaucracy or insufficient control, leaving organizations vulnerable to inefficiencies and regulatory fines.The solution is to start small, focus on delivering results, and build from there. Begin with high-priority areas, like fixing compliance gaps or cleaning up critical datasets, to show quick wins, says Arunkumar Thirunagalingam, senior manager, data and technical operations at healthcare company McKesson, in an email interview. These early successes help build momentum and demonstrate the value of governance across the organization.He says the biggest mistakes companies make include trying to fix everything at once, relying too much on technology without setting up proper processes and ignoring the needs of end users.Overly restrictive governance often leads to workarounds that create even more problems, while waiting until a crisis forces action leaves companies in a reactive and vulnerable position, says Thirunagalingam. [W]hen done right, data governance is much more than a defense mechanism -- its an enabler of innovation and efficiency.Stephen Christiansen, principal security consultant at cybersecurity consulting firm Stratascale,says the shortage of data professionals, exploding data growth, and ever-increasing requirements for AI and data security are causing organizations to take a more conservative approach.Companies need to be continually investing in data technologies that help them manage, secure, and integrate data across their enterprise systems, says Christiansen in an email interview. Internally, companies need to [build] a data-driven culture, so employees better understand the importance of data governance and how it benefits them.David Curtis, chief technology officer at global fintech RobobAI, says the average amount of data is growing 63% monthly. The speed and velocity of this growth is overwhelming, and companies are struggling to manage the storage, protection, quality, and consistency of this data.Data is often collected in multiple different ERPs across an organization. This often means that data is disparate in format and incomplete. Eighty percent of companies estimate that 50% to 90% of their data is unstructured, says Curtis in an email interview. Unstructured data creates challenges for large organizations due to its lack of standardization, making it difficult to store, analyze, and extract actionable insights, while increasing costs, compliance risks and inefficiencies.Companies need to start with a data governance strategy. As part of that, they need to review relevant business goals, define data ownership, identify reference data sources, and align the data governance strategy KPIs. For ongoing success, they need to establish an iterative process of continuous improvement by developing data processes and committing to a master data governance framework.For every dollar you invest in AI you should invest five dollars in data quality. In my experience, the most common data challenges are due to a lack of clear objectives and measurable success metrics around master data management initiatives, says Curtis. Often insufficient or poor-quality data, often at scale, and limited integration with existing systems and workflows, prevents scalability and real-world application. Evolving regulations are also adding fuel to the fire.Organizations are continually challenged with complying with the constant stream of regulations from various jurisdictions, such as GDPR, HIPAA, and CCPA. These regulations keep evolving, and just when IT leaders think theyve addressed one set of compliance requirements, a new one emerges with slight nuances, necessitating continuous adjustments to data governance programs, says Kurt Manske, information assurance andcybersecurity leader at professional services firm Cherry Bekaert. The reality is that companies cant simply pause their operations to align with these ever-changing regulations. Consequently, developing, deploying and managing a data governance program and system is a lot like changing tires on the car as it goes down the highway. [Its] an undeniably daunting task.This underscores the need to establish a resilient culture versus a reactive one.Leading companies see regulatory compliance as a differentiator for their brand and products, says Manske in an email interview. [One] key reason data governance programs and system deployment projects fail is that organizations try to take on too much at once. Big bang deployment strategies sound impressive but they often encounter numerous technical and cultural problems when put into practice. Instead, a metered or scaled deployment approach across the enterprise allows the team, vendor and governance leadership to continuously evaluate, correct and improve.The Sobering TruthOrganizations that lack strong governance are drowning in data, unable to harness its value, and leaving themselves vulnerable to growing cyber threats. According to Klaus Jck, partner at management consulting firm Horvth USA, incidents like the recent CrowdStrike breach are stark reminders of whats at stake. Data quality issues, silos, unclear ownership and a lack of standardization are just the tip of the iceberg.Klaus Jck, Horvth USAThe root cause of these struggles is simple: Data is everywhere. Thanks to new sensor technologies, process mining and advanced supervisory systems, data is produced at every step of every business process, says Jck in an email interview. The drive to monetize this data has only accelerated its growth. Unfortunately, many organizations are simply not equipped to manage this deluge.A truly effective strategy must go beyond policies and frameworks; it must include clear metrics to measure how data is used and how much value it creates. Assigning ownership is also key -- data stewards can help create a control environment sensitive to the nuances of modern data sources, including unstructured data.Failing to connect governance to business goals or neglecting executive sponsorship are major mistakes, says Jck. Poor communication and training also derail efforts. If employees dont understand governance policies or dont see their value, progress will stall. Similarly, treating governance as a one-time project rather than an ongoing process ensures failure.Dimitri Sirota, CEO and co-founder at security, privacy, compliance, and AI data management company BigID, says the root cause of data governance challenges often stem from poor data quality and insufficient governance frameworks.Inconsistent data collection practices, lack of standardized formats for key data elements such as dates and numeric values, and failure to monitor data quality over time exacerbate the problem, says Sirota in an email interview. Additionally, organizational silos and outdated systems can perpetuate inconsistencies, as different teams may define or manage data differently. Without a rigorous framework to identify, fix and monitor data issues, organizations face an uphill battle in maintaining reliable, high-quality data.Ultimately, the absence of a centralized governance strategy makes it difficult to enforce standards, creating noise and clutter in data environments.Marc Rubbinaccio, head of compliance at security compliance provider Secureframe, points to a related issue, which is understanding where sensitive data resides and how it flows within organizations.[T]he rush to adopt and implement AI within organizations and software products has introduced new risks, says Rubbinaccio in an email interview. While the efficiency gains from AI are widely recognized, the vulnerabilities it may introduce often go unaddressed due to a lack of thorough risk evaluation. Many organizations are bypassing detailed AI risk assessments in their eagerness to stay ahead, potentially exposing themselves to long-term consequences.About the AuthorLisa MorganFreelance WriterLisa Morgan is a freelance writer who covers business and IT strategy and emergingtechnology for InformationWeek. She has contributed articles, reports, and other types of content to many technology, business, and mainstream publications and sites including tech pubs, The Washington Post and The Economist Intelligence Unit. Frequent areas of coverage include AI, analytics, cloud, cybersecurity, mobility, software development, and emerging cultural issues affecting the C-suite.See more from Lisa MorganNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports