The Duality of Data Governance

I remember walking into a business stakeholder meeting thinking, “this is going to be tough.” I needed to persuade them on the importance of Data Governance… and if that wasn’t hard enough, ask for money from their already tight budget for a resource.

It felt like punching them in the face and then asking, “got spare change for coffee?”

For them, governance and data risk were nothing but a handbrake on their primary objective — growing the business and the bottom line.

I know you've been in my shoes too. 

Those early days felt like an uphill battle. 

A few people saw the “greater good,” but most couldn’t see how this helped with their KPIs.

Back to 2019

Many of us were influenced (scarred?) by APRA’s push for data governance across the Big Four banks — what insiders call the 100 CRDE program.

The goal was to identify the most critical data and apply a high standard of data governance to comply with APRA's CPG 235.

That experience primed our default mindset toward compliance: rigour, due diligence, ‘measure twice, cut once’.

Fast-forward to today

From around 2022 onwards (for me it really clicked with the release of ChatGPT 3), the conversation shifted.

Organisations scrambled to understand what data they had and how to make it easily consumable across the business.

The old cliché — “data is the new oil” — suddenly felt real. The fire had been lit, and every exec with “Data” in their LinkedIn title was scrambling to turn that cliché into action.

And with this shift, Data Governance has evolved.

It still matters in its compliance roots. But now it’s finding relevance in the faster-paced world of data products and data exchange, where data trains AI models and powers “360-degree customer views.” The greater the volume of high-quality data, the better your models and the sharper your insights.

Data Governance is no longer just a defensive capability. It’s also an offensive one — helping organisations create a new source of competitive advantage: their data.

The impact of this duality

Leading organisations recognise this duality and are changing to take advantage.

• Group strategy documents are littered with “Data” and “AI”.

• Data and AI execs increasingly report directly to the CEO — no longer buried under CIOs or COOs.

• Data strategies strike a balance between keeping data compliant/safe and enabling greater usage for business growth.

• Governance expertise is moving out of large, centralised teams and into agile, business-facing squads.

The damage of the traditional data governance approach

 Failing to recognise this duality and not evolving is damaging. Due to the rapid pace of change, a lost ‘year or two’ can result in unrecoverable ground to your competitors.

• Compliance heavy data policies and standards that straitjacket business teams and do not enable guardrails to safely use data beyond silo’ed use cases.

• Fragmented policy areas that are disjointed and require multiple approval gates (e.g. Privacy, Cyber, Data Management, AI..)

• Data governance tooling that doesn’t enable easy data compliance or data discoverability.

Finely calibrated data governance

In this new world, Data Governance reminds me of the finely tuned brakes on an F1 car.

No brakes, and you’ll crash at the first corner.

Too much braking, and you’ll get lapped by competitors who started behind you.

The trick is balance. Knowing when and how to apply the brakes.

Having powerfully calibrated brakes gives you the confidence to go faster, knowing you can rely on them when the time comes.

And always remembering: these are brakes, not a handbrake.

That business stakeholder meeting would have been very different if I knew then what I know now.

// Hugh