Data Governance
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Difficulty
Intermediate
Video Transcription
00:00
>> Hi there and welcome to our next lesson, data governance.
00:00
In this lesson we'll
00:00
talk a little bit about what data governance is,
00:00
some issues around data management,
00:00
data quality and as an auditor,
00:00
what you need to look out for.
00:00
Let's begin. Data governance,
00:00
basically, the data environments
00:00
become really complicated.
00:00
Organizations live and die
00:00
basically on the data that they store, maintain,
00:00
its a company asset,
00:00
it is value to the data just
00:00
like any other physical asset.
00:00
Data also exists in many locations.
00:00
Gone are the days of data being
00:00
stored in a single server room in a single building.
00:00
Most contemporary organizations will
00:00
have data stretched across multiple locations,
00:00
multiple countries, even in the Cloud,
00:00
and wherever they make
00:00
sense for them from business perspective.
00:00
Data will also come in many forms.
00:00
Too numerous to really go into or mention.
00:00
But it is essentially anything that can be
00:00
recorded in a one or a zero that will drive the business.
00:00
What data governance does,
00:00
it ensures that stakeholder's needs
00:00
are met first and foremost.
00:00
The data drives the business and so the business needs
00:00
have to be met by the data governance activity.
00:00
Data information management capabilities
00:00
it's a feature that needs to be
00:00
maintained as well as perform to
00:00
compliance of these resources.
00:00
In other words, basically,
00:00
data governance ensures that the data is looked after,
00:00
what's the data stored on a managed by
00:00
is maintained and kept up to date.
00:00
Data management is a component of data architecture,
00:00
which is just one key component
00:00
of enterprise architecture.
00:00
It's a way of looking at
00:00
the enterprise architecture from
00:00
a data-centric point of view,
00:00
which can be important,
00:00
particularly in a complex environment.
00:00
The planning execution,
00:00
policies practice and projects that acquire control,
00:00
protect, deliver, and enhance
00:00
the value of data and information assets.
00:00
That's basically a definition
00:00
from the data management body of
00:00
knowledge that defines exactly what data management is.
00:00
Just like any other asset,
00:00
data needs a life cycle
00:00
like data quality needs a life cycle.
00:00
If we're talking from an organization perspective,
00:00
we need to plan exactly what data
00:00
we need to drive the business,
00:00
we need to design a methodology or a container
00:00
or services that we'll actually use that data,
00:00
we need to build and acquire those services,
00:00
we need to use and apply them,
00:00
we need to monitor to make sure that they're
00:00
running efficiently and effectively
00:00
to support the business,
00:00
and we also need to dispose off that data.
00:00
A good example with data life-cycle,
00:00
particularly in recent years with GDPR and a number of
00:00
other privacy legislations
00:00
coming into different organizations.
00:00
Organizations have had to think
00:00
about the life-cycle of the data,
00:00
particularly when it comes to privacy data.
00:00
If they don't need to keep the data,
00:00
then that's an overhead that they need
00:00
to follow from a compliance and legislation perspective.
00:00
They look at their data and determine what they need,
00:00
when they need it and how they need it.
00:00
If they don't need it at all,
00:00
then that's part of the life cycle.
00:00
As an auditor, what are the issues you need to look for?
00:00
First and foremost, meeting strategic objectives,
00:00
so is the data governance and
00:00
data management actually achieving
00:00
what the business needs to achieve?
00:00
Also need to capture and process to required standards.
00:00
Some data is covered by
00:00
legislation as we just spoke about, such as privacy.
00:00
Configuration of database infrastructure is
00:00
organized to support the strategic objectives.
00:00
For very large organizations,
00:00
database infrastructure can be quite massive and complex,
00:00
and it needs to be organized in such a way that
00:00
comes back to those original business objectives.
00:00
Of course, archive retention and destruction policy.
00:00
Managing the life-cycle of the data needs to
00:00
be evidenced by those types of policies.
00:00
That's basically our lesson.
00:00
We've looked about data governance, what it is,
00:00
we've have looked about data management along
00:00
with the definition of what data management is,
00:00
issues around data quality,
00:00
and also issues that you as
00:00
an auditor needs to be mindful of
00:00
when examining these issues.
00:00
I hope you enjoyed the lesson
00:00
and I will see you in the next one.
Up Next
IS Architecture and Software
Operating Systems
Access Control Software
Additional Software Considerations
Problem and Incident Management
