Data Governance Maturity Models

Any parent of a teenager can tell you that maturity is a difficult thing to measure. It doesn’t happen all at once, or on an even increase; there are leaps forward, steps backward, long pauses. In a data-driven business, though, you need a fairly precise way to measure maturity. How does that work when every organization and every data governance body, much like every teenager, is unique?

That’s where data governance maturity models come in. A maturity model is a tool for guiding strategy that incorporates a rating scale that measures how well a data governance program is operating. As it evolves and grows and becomes embedded in company culture, the program moves up through the levels, which are determined using sets of specific indicators (more on those in a moment). These levels are discrete and provide a good understanding of the situation but give little visibility into the continuous progress made to move to the next level. They are performance indicators that tell you how far the program has progressed and what it can do next to improve.

The data governance maturity model you choose will be part of the program’s implementation from the beginning and will shape its evolution through the years.

Though the models differ, they use similar methodologies and indicators to observe, assess, and measure performance, processes, and practices and recommend improvements. These indicators vary: staged models tend to be broad in scope, with macro-level ratings of the entire program, while continuous models operate at a smaller scale, measuring process capabilities in specific areas of data management and governance. They are used simultaneously, with the continuous model guiding maturation within each stage until the company “moves” to the next stage.

These two models correlate with two modes of thinking, both of which you’ll need to master: strategy and tactics. Strategy, the big-picture plan, works from the top down: you define what your process areas are, what processes they contain, and what practices should be incorporated in them. Tactics deals with the logistical side of things. It starts at the bottom and works upward, looking at the tasks that make up each practice, prioritizing them, and using metrics to assess them. The staged method of assessing maturity correlates with strategy, and the continuous method with tactics.

Assessing Your Maturity Level

Now that you understand the basics of data governance maturity models, we can turn toward the first step in this data-driven journey of change: assessing your enterprise’s maturity level.

I must emphasize the importance of not skipping this step. Nearly every time I’ve seen a data governance implementation fail, it was in a company that overlooked the initial maturity assessment. Before your journey starts, after all, you need to know in which direction to go, and to know that, you need to figure out where you are right now.

If you don’t have a formal data governance program in place, don’t automatically assume that your business is at Level 1 (initial). It may have reached some level of data governance maturity simply by practicing common-sense processes. For example, a well-organized company with clearly defined business processes and appropriate audits might well find that it is at Level 3 (defined), but also that it needs metrics to improve its monitoring efforts and reinforce its treatment of data as an asset. Note, too, that there is no Level 0 in the staged scale; all organizations have some degree of data governance, however unconscious or disorganized.

Each maturity model includes an assessment questionnaire and guides you through the assessment process.

Increasing Your Maturity Level

Once you discover, through the assessment process, where your starting point is, you can begin to think about how to take your organization’s maturity to the next level.

This is a complicated process. I cannot tell you how to increase your organization’s data governance maturity level. No one can. I will offer some general advice for each maturity level, but only you know your organization’s culture, the resources available, or how urgently maturation is needed (to name a few of many factors). But the most important thing I can tell you about increasing your data governance maturity level is this: never stop.

Here’s what I mean: it’s tempting to think of increasing your data governance maturity level as a project. You propose a plan and a budget, the board of directors approves it, you start the project at a certain date and end it on the prescribed ending date, and then you’re done. This is dangerous. Don’t give in to that temptation.

Instead, you should think of maturing your data governance program as an ongoing effort. Everything you have learned in this report has emphasized embedding data governance into your organization at every level. Shifting your culture, training your people, organizing your roles—all of this serves to weave data governance into the fabric of the organization until you couldn’t remove it if you tried. That isn’t a project; it’s a way of life.

Now, let’s back up for a moment and compare the staged and continuous scales shown in Figure 3-1. The staged scale rates organizations from Level 1 to Level 5, whereas the continuous scale goes from 0 to 3. The first three maturity levels are the necessary steps to get your organization to the point where all projects, business units, and associated processes follow the data governance principles by implementing all practices. In other words, if your organization’s current maturity level is Level 4, quantitatively managed, on the staged scale, all processes will need to be operating at Level 3, defined, on the continuous scale (or higher) before the organization can level up. Any new processes added will likely start at Level 0.

Figure 3-1. Comparing the staged and continuous scales of data governance maturity

Of course, that’s not all you need to do. Raising the maturity level generally requires defining and implementing new processes (and, rarely, new process areas) to harmonize the overall implementation and ensure sustainability. (This makes sense when you recall that the goal of a data governance program is to create a data culture that spans across process areas, through the entire organization.) You’ll need to concentrate on critical business processes, building knowledge about how the organization really functions, using data to fill in the gaps. All the while, you’ll be reporting processes as they are, defining metrics to measure them, monitoring their performance, and identifying opportunities to share knowledge.

Level 3 of the continuous scale, which rates a process as “defined,” represents the highest level of maturity that a process can reach. But, as an organization, you can go higher. Once you get to Levels 4 (quantitatively managed) and 5 (optimizing), your data governance program is no longer operating process by process. By this point, it’s operating as an umbrella organization, sitting above and overseeing all of the processes. At Level 3, the data governance program begins to really produce data about how the organization runs; at Level 4, the organization is leveraging this information and introducing new processes to make projections and anticipate problems. It’s important to point out that these new processes need to be sustainable—if they’re tedious and time consuming, they will fail. Nor can you simply throw some AI into the mix and hope for miraculous insights. You must design these processes to be intuitive and weave them carefully into the existing business processes.¹

Once you reach the top—that is, Level 5 (optimizing)—your goal is to stay there. Sharp-eyed readers will have noticed that this level’s name, unlike the others, uses a present-tense verb. This is because optimizing is always ongoing. For companies with the very best data governance programs, much like Olympic athletes with the very best speed and reflexes, maintaining peak performance takes continuous effort.

Summary

This report is accompanied by many references, and I encourage you to read through them and build your knowledge. As you learn, you’ll begin to form a vision of how data governance could look in your organization. From there, you can assess your maturity level and make a plan to improve it.

Many people think of data governance as a boring, bureaucratic task, a trap of endless implementation that forces them to cross off every box on the compliance checklist. Indeed, it can be easy to fall into this misunderstanding, with business units viewing governance teams as working at cross purposes or slowing them down.

Properly implemented, however, the right data governance program speeds things up. Good data governance, as you saw in Chapter 2, reduces the time it takes to become aware of problems and market changes, the time it takes to bring products to market, and the time it takes to realize value from data. It builds trust among the individuals whose data you hold, the businesses you share data with, your employees, your vendors, the regulatory bodies that oversee your business, and—crucially—the public, safeguarding and polishing your brand image even as other companies’ scandals erode their willingness to trust. It suffuses your company culture and guides everyone’s thinking. It transforms your data from commodity into asset, from cost sink to moneymaker. It makes your business data driven—and that changes everything.