Remember that bad joke only old-school computer programmers understood? "When it comes to the binary language, there are 10 types of people: those who can read it and those who can't."
I'll wait while you all groan.
But I have a point here: Not all people think the same way. Just like some are comfortable translating the world into ones and zeros (and others are not), some people prefer to think in images supplemented by text. This column (or at least the graphic) is for those people.
I’m constantly asked about the relationship between data governance and compliance. "Isn't there a huge overlap, at least operationally?" practitioners ask. Yes; I agree with them.
Awhile back I created a rough conceptual model showing that relationship. It steps through data governance, showing that it helps business management, data management, and technology management to achieve intended outcomes (and avoid unintended ones) through decisions that result in governance mechanisms such as policies, principles, standards, controls, and rules. These decisions are made by data governance authorities, employing agreed-upon decision rights and accountabilities.
There's more to it, of course, but that's the essence of data governance: decisions, decision rights, rules, controls, and accountabilities. So, how about compliance?
Compliance is, at its essence, a status. You're either in compliance or you aren’t. In compliance with what? Ah … that depends. Compliance requirements may stem from laws, regulations, contracts, or other agreements. And how do you achieve and maintain compliance? Through controls, including data controls. And which controls are they, and when and how do you implement them? Ah … that requires decisions, lots of them, made by those who have the authority to make them.
But enough talking. Take a look at the conceptual model of data governance and data compliance. A picture is worth a thousand words …