A sustainable approach for data governance in organizations

Bento, P., Neto, M., & Corte-Real, N. (2022). How data governance frameworks can leverage data-driven decision making: A sustainable approach for data governance in organizations. In A. Rocha, B. Bordel, F. G. Penalvo, & R. Goncalves (Eds.), 2022 17th Iberian Conference on Information Systems and Technologies (CISTI): Proceedings (pp. 1-5). (Iberian Conference on Information Systems and Technologies, CISTI). IEEE Computer Society. https://doi.org/10.23919/CISTI54924.2022.9866895With the technological advances, organizations have experienced an increasing volume and variety of data, as well as the need to explore it to stay competitive. Data governance (DG) importance emerges to support the data flow, to record and manage knowledge derived from data, as well as establishing roles, accountabilities, and strategies, which further results in better decision-making. Through the definition of strategies to manage data in a consistent manner, data governance establishes the path to an enterprise-wide standardization, providing unchallenging access, management, and analysis of data to derive useful insights. Research on data governance frameworks is limited and lacks a key perspective: how can firms ensure sustainability on their programs. Data governance programs can only be continuously valuable if supported by a holistic framework focused on sustainability. To understand this gap, five frameworks are presented, analyzed and evaluated according to an assessment matrix based on eleven critical success factors (CSF) for data governance. As a result of this study, where we offer a more comprehensive assessment tool, both researchers and practitioners can understand the maturity level of each CSF in the reviewed frameworks and identify which areas need further exploration and how to accomplish higher data governance maturity levels.authorsversionpublishe

A Sensemaking Approach to Europe\u27s Data Strategy

The use of data-driven tools provides a plethora of benefits and chal- lenges from a data policy-making perspective. This holds implications at organ- izational, national, and regional levels. At regional level the development of high- quality data-driven tools, among others, involve geo-political implications as they contribute to the region’s competitive advantage. In Europe, the European Commission has made attempts towards the formulation of a regional policy on data, aiming at fostering Europe’s global competitiveness and data sovereignty. Despite its geo-political impact, academic research on data strategy formulation at regional level remains scarce. While existing IS scholars have largely empha- sized on data strategies, the focus of these studies has been mainly at organiza- tional level. This paper motivates the need to go beyond data policies the organ- izational level and deepen our understanding on how data policies are formulated at regional level. Focusing on the case of the European regional area and the Eu- ropean Data Act formulation, the proposed research aims to shed light on how stakeholders make sense of the forthcoming data policy in Europe. The paper reflects on existing literature on data governance and availability and discusses its relevance to data policy formulation at regional level. It proposes sensemaking as a theoretical lens for this research and describes the methodology for the pro- posed research

Analysis and Design of Data Governance at the Financial Services Authority

This research is a case study conducted at the Financial Services Authority on the implementation of a data governance framework based on the model from The Data Management Association in 2017. The purpose of this study is to produce a data governance framework in managing integrated Financial Services Sector data. This study uses a qualitative approach in describing data governance activities. The research instruments were interviews, questionnaires, and content analysis. The results show that data governance frameworks provide guidelines for various parties to act in accordance with the strategies that have been developed. Data governance program at the Financial Services Authority requires further improvements in the form of establishing a data governance charter, assessing the maturity level of data management capabilities, defining the operational framework, adjusting the roadmap, establishing a change management team, creating mechanisms and procedures for handling data problems, and developing tools and techniques which supports the entire data governance program

Information Security Governance Framework in Public Cloud a Case in Low Resource Economies in Uganda

The study aimed at exploring the critical enablers to the development and usage of information security governance frameworks for cloud computing in Uganda. The study was motivated by the continuous information security governance challenges in the Public Cloud. The theoretical frameworks that underpinned this study included; Contingency management theory, the Risk Management framework, the Technological Organisational and Environmental (TOE) model and the Information Security Governance model. This study adopted a quantitative research approach to obtain data through a survey. Five key factors for information security governance were identified: a) Technological factors: flexibility, scalability, availability, agility, data protection governance, trust of cloud, data source, maintenance, data retention and policy. b) Organisation: size and structure of the organisation, top management support. c) Environmental factors: governance and regulation, marketing, vendor, resource availability, obsoleteness. d) Individual: user resistance, attitude, skills, belief and learnability. e) Risk management and control factors: risk assessment, disaster recovery, access and authorisation control, monitoring, auditing, and process risk control. The study contributes to theory and practice in information security. The developed framework and its accompanying model helped to inform public departments, organisational top management and information security strategies to avoid excessive information risks and potential regulatory compliance failures in public cloud. The study was inclined on subjective information security, which alone may not fully address all information security problems in a public cloud. Therefore, it is recommendable that future research studies on objective security in public cloud

Implementasi Satu Data Indonesia: Tantangan dan Critical Success Factors (CSFs)

Satu Data Indonesia (SDI) merupakan upaya untuk menyediakan data yang kredibel, akuntabel, dan mutakhir dengan jalan membangun database pemerintah yang dapat digunakan sebagai acuan dalam setiap pengambilan kebijakan dan implementasinya. Inisiatif tersebut merupakan mandat Presiden yang tertuang dalam Peraturan Presiden No. 39 Tahun 2019. Namun, dalam pelaksanaannya masih dijumpai banyak tantangan dalam perencanaan, pengumpulan, pemeriksaan, dan penyebarluasan data. Dengan pendekatan literature review, tujuan dari studi ini adalah untuk mengidentifikasi tantangan atau permasalahan implementasi SDI dan menentukan Critical Success Factors (CSFs) dalam pelaksanaan SDI dari berbagai CSF Open Government Data. Hasil dari studi ini diharapkan dapat menjadi masukan dalam pelaksanaan SDI dan penyusunan kebijakan turunan dari Peraturan Presiden mengenai SDI

Information Security Governance Framework in Public Cloud a Case in Low Resource Economies in Uganda

The study aimed at exploring the critical enablers to the development and usage of information security governance frameworks for cloud computing in Uganda. The study was motivated by the continuous information security governance challenges in the Public Cloud.  The theoretical frameworks that underpinned this study included; Contingency management theory,  the Risk Management framework, the Technological Organisational and Environmental (TOE) model and the Information Security Governance model.  This study adopted a quantitative research approach to obtain data through a survey. Five key factors for information security governance were identified: a) Technological factors: flexibility, scalability, availability, agility, data protection governance, trust of cloud, data source, maintenance, data retention and policy.  b) Organisation: size and structure of the organisation, top management support. c) Environmental factors: governance and regulation, marketing, vendor, resource availability, obsoleteness.  d) Individual: user resistance, attitude, skills, belief and learnability. e) Risk management and control factors: risk assessment, disaster recovery, access and authorisation control, monitoring, auditing, and process risk control. The study contributes to theory and practice in information security. The developed framework and its accompanying model helped to inform public departments, organisational top management and information security strategies to avoid excessive information risks and potential regulatory compliance failures in public cloud. The study was inclined on subjective information security, which alone may not fully address all information security problems in a public cloud. Therefore, it is recommendable that future research studies on objective security in public clou

A Framework to Identify Data Governance Requirements in Open Data Ecosystems

Open data and open data ecosystems (ODEs) are important for stakeholders from science, businesses, and the broader society. However, concerns about data sharing and data handling are significant adoption barriers of ODEs that reduce stakeholder participation and thus the success of the initiative. Data governance (DG) is proposed as solution, but requirements of the three stakeholder groups combined are not clear and especially how they can be integrated in one DG concept. This paper develops a framework, supporting elicitation of DG requirements in ODEs. The framework builds on a series of stakeholder workshops and literature research resulting in DG requirements and DG mechanisms. The resulting framework includes five main dimensions: (1) data usability, (2) ethical and legal compliance, (3) data lineage, (4) data access and specified data use, and (5) organizational design

A Literature Review of Data Governance and Its Applicability to Smart Cities

Data governance have been relevant for companies for a long time. Yet, in the broad discussion on smart cities, research on data governance in particular is scant, even though data governance plays an essential role in an environment with multiple stakeholders, complex IT structures and heterogeneous processes. Indeed, not only can a city benefit from the existing body of knowledge on data governance, but it can also make the appropriate adjustments for its digital transformation. Therefore, this literature review aims to spark research on urban data governance by providing an initial perspective for future studies. It provides a comprehensive overview of data governance and the relevant facets embedded in this strand of research. Furthermore, it provides a fundamental basis for future research on the development of an urban data governance framework

Plausible Pictures For Data Governance: A Narrative Network Approach

Workaround-centric data activities (WCDA) can impact data integrity/quality. Despite this, one can view WCDA as an enhancement to organisational Data Governance (DG) maturity. However, these WCDA are primarily undocumented and poorly understood. Therefore, we need a means of creating plausible pictures for DG – by modelling WCDA visually. This study draws on the theory of organisational routines to develop WCDA modelling rules. It is the first study to leverage the Narrative Network (NN) approach as a conceptual lens to model WCDA visually. We identify five WCDA modelling rules: 1) a narrative fragment must come from a process actor, 2) a narrative fragment has three attributes: actor, action & resource, 3) all attributes in a narrative fragment establish the action type, 4) a narrative fragment must contain a data activity, and 5) a narrative fragment data activity must follow a standard naming convention. In conclusion, we discuss the advantages of our approach

Governança de dados na gestão organizacional das instituições de ensino superior: uma análise bibliométrica

Organizations consider data as essential assets for their operation; data represents the people, processes and technology that make it up. In other words, data is a necessary input for the business, its organizational management and competitive advantage, which must be aligned with its governance. In this work, a bibliometric analysis is carried out on the relationship that Data Governance has in the Organizational Management of Colombian Higher Education Institutions, since it is essential that researchers interested in this topic have a global vision of the state of the studies carried out in the global context. For the analysis, the review of 407 documents from the Scopus database was taken into account with an observation window of the last 10 years, between 2012 and 2022, using the keywords such as organizational management, data, data governance and its variations.Las organizaciones consideran los datos como activos fundamentales para su funcionamiento; los datos representan a las personas, los procesos y la tecnología que la conforman. Es decir, los datos son un insumo necesario para el negocio, su gestión organizacional y ventaja competitiva, lo que debe estar alineado con la gobernanza de estos. En este trabajo se realiza un análisis bibliométrico sobre la relación existente entre la gobernanza de datos en la gestión organizacional de las Instituciones de Educación Superior (IES), toda vez que es indispensable que los investigadores interesados en este tema tengan una visión global sobre el estado de los estudios realizados en el contexto mundial. Para el análisis se tuvo en cuenta la revisión de 407 documentos de la base de datos Scopus con una ventana de observación de los últimos diez años, entre 2012 y 2022, haciendo uso de las palabras clave como gestión organizacional, dato, gobernanza de datos y sus variaciones.Les données sont considérées comme des actifs fondamentaux pour le fonctionnement des organisations; les données représentent les personnes, les processus et les technologies qui composent l'organisation. En d'autres termes, ils constituent un apport nécessaire à l'entreprise, à sa gestion organisationnelle et à son avantage concurrentiel, qui doivent être alignés sur leur gouvernance. Dans cet article, une analyse bibliométrique de la relation existante entre la gouvernance des données et la gestion organisationnelle dans les établissements d'enseignement supérieur (EES) est réalisée, car il est essentiel pour les chercheurs intéressés par ce sujet d'avoir une vision globale de l'état des études réalisées dans le contexte mondial. L'analyse a pris en compte l'examen de 407 documents de la base de données Scopus avec une fenêtre d'observation des dix dernières années, entre 2012 et 2022, en faisant usage de mots-clés tels que gestion organisationnelle, données, gouvernance des données et ses variations.Os dados são considerados bens fundamentais para o funcionamento das organizações; os dados representam as pessoas, os processos e a tecnologia que compõem a organização. Por outras palavras, são um input necessário para a empresa, a sua gestão organizacional e vantagem competitiva, que deve ser alinhada com a sua governançã. Neste artigo é feita uma análise bibliométrica da relação existente entre a governação de dados e a gestão organizacional nas Instituições de Ensino Superior (IES), pois é essencial que os investigadores interessados neste tópico tenham uma visão global do estado dos estudos realizados no contexto global. A análise teve em conta a revisão de 407 documentos da base de dados Scopus com uma janela de observação dos últimos dez anos, entre 2012 e 2022, fazendo uso de palavras-chave tais como gestão organizacional, dados, governançã de dados e as suas variações