Access my space
Our members are recruiting
Data governance: the pillars of organizational transformation
"I'm not a data specialist, it's not my problem," "There are so many tools, I don't know where to find my customer data," "Trust is one of our company's values, we don't need a complicated authorization system." Often heard in companies, these phrases reflect a reality: data is widely discussed, but its management often remains scattered. We therefore decided, together with our partner Citwell, to dedicate a webinar to this topic , as it can be costly for a company. Here is a summary of this live event, which will help you understand the pillars of this essential business organization through real-life examples and numerous expert recommendations.
Roles and responsibilities
Who is responsible for what?
During this webinar, Saâd Kadioui, Partner/Head of IS Transformation at Citwell, emphasized thatthe business is primarily responsible for data quality. He warns organizations that dilute this responsibility by entrusting it to a data entry department that adds no value: "The real impact of this type of organization is that itdilutes responsibility for data quality. The business doesn't feel responsible because it's not the one entering the data, and the department that enters the data isn't responsible either because it's not the one providing the data."
To structure governance, he introduced key roles: the Data Owner, a business person responsible for the content and quality of data, and the Data Steward, who oversees the creation and modification processes. The whole process is orchestrated by a Chief Data Officer.
The role of data owner can be combined with other functions, which is the case in most companies.
Illustration of an organization structured around data
Olivier Weiss, S&OP Business Development Manager at Renault, illustrated this point with the example of vehicle coding at Renault Trucks, where the coexistence of old and new codes can lead to errors if the business does not ensure reliability. "In the current 7-digit coding system, each digit is meaningful and allows us to identify the type of silhouette, the type of engine, the type of emission standard, etc. However, some old model codes still exist, and if we use the new coding system with these old model codes, we end up with incorrect data." Responsibility or proximity to the business is essential here because it is the business that will be able to say , "Watch out, we have a potential discrepancy here."
Establish close collaboration between the business and its Data Steward: the customs code (product ID used to cross borders) is strategic data linked to 375 regulations that are subject to change (the World Customs Code is amended every five years): "Imagine the amount of data that needs to be managed and that is associated with this customs code. If I don't have the support of a data steward to update this data, it becomes very complicated for me," concludes Delphine Cuvellier , Customs Manager France at Alstom.
Data mapping
Where can the data be found and who owns it?
Given the multitude of tools available (ERP, PLM, etc.),there is a clear need for a"data GPS ." Saad explained that there is no such thing as a universal ideal urbanization (data mapping) solution, but rather one that is tailored to the context and uses of each company. The key is to define where data should be created, modified, and stored, following a strict master-slave relationship (a single master for modification, multiple slaves for consultation) in order to guarantee integrity.
Remember that in urbanization, you first need to think about uses and the complexity of use. "For example, if I am in a company that produces standard machined parts, with little documentation and extremely slow product life cycles, then I may not need PLM (Product Lifestyle Management), and perhaps an ERP workflow would suffice for the new products I create."
Always evaluate the benefit/cost ratio of obtaining data: "Some data is very easily accessible, while other data can sometimes be extremely costly to obtain. This may be due to the history of the systems we have worked with, or to the poor quality or incompleteness of the data entered at the time. So you always have to ask yourself what the ultimate business value is."
Data security
What is the level of confidentiality of my data and how can I protect it?
The speakers addressed the need to secure access to data. Saad advocated finding a pragmatic balance in access management so as not to create an overly complex system, while highlighting the immense risks (data leaks, loss of integrity, GDPR non-compliance) of lax management, particularly during project go-lives. "What will really push us to be pragmatic here is the level of maintainability and confidentiality."
Olivier shared an example in which cross-referencing a chassis number with geolocation data borders on the concept of personal data: "All vehicles are connected, we receive information on journeys and registrations, it's an important source of business. Couldn't I identify the driver? Sensitive data can be hidden at levels we don't necessarily suspect."
The advent of BI and AI (LLMs) has significantly increased exposure to risk. "We all know the value of data, there are many hackers looking for this data, and there are even greater capabilities to disseminate it. So we need a robust, well-designed model for restricting access to data." To this end, Delphine recommends using a RACI matrix to clarify responsibilities and access rights.
Data management process
Which data is mandatory versus optional?
To counter the use of parallel Excel files due to a lack of confidence in the systems, it is crucial to manage the data lifecycle (creation, life, death) through robust and documented processes. Saad emphasized "frugality": structuring and maintaining only those data whose value to the business exceeds the cost of management.
To do this, it introduced a distinction between a priori controls (blocking, to guarantee quality) and a posteriori controls (non-blocking, for fluidity). The application of these controls depends on the criticality of the data, which is classified into four groups: critical data, operational performance data, reporting data, and strategic management data.
Data quality must be orchestrated; it is closely linked to the process and the involvement of managers and facilitators, particularly for cross-functional master data (customer items, suppliers, etc.). Therefore, "to increase the robustness and quality of data, it must be controlled during creation and modification, without compromising operational efficiency, with cycle times that are too long between the need for creation and the availability of data in the system."
Anticipating data and knowing when it is critical and strategic is the most important factor in streamlining a supply chain.
What about performance?
Monitoring and ensuring data governance performance revolves around two main areas:
On the one hand, the initiative aims to guarantee the quality, speed of availability, and accuracy of data from the moment it is first produced. The associated key performance indicators (KPIs) are time to data (the average time between the request and the availability of data) and first shot accuracy (the rate of data that is correct from the first version), reflecting the efficiency of processes and their ability to avoid subsequent corrections.
On the other hand, content responsibility is based on five essential dimensions, managed by data owners:integrity (consistency and existence of values), completeness (exhaustiveness of records), relevance (adequacy of values to business rules), freshness (regular updating of data), anduniqueness (absence of duplicates). These dimensions ensure that data is reliable and usable.
Q&A with the Audience
The last part is devoted to questions from participants, which focus on very concrete implementation issues.
To ensure governance is accepted without slowing down processes, Saad emphasizes that this is an organizational transformation driven at the highest level (COMEX), not just a simple initiative. This involves adapting job descriptions with the help of HR and defining clear objectives.
One participant notes that this role is often deprioritized. Saad confirms that this is a real risk. The solution lies in integrating data quality into performance objectives and the evaluation of the person concerned.
The questions confirm the need for official recognition of the roles of Data Owner and Data Steward in job descriptions so that the mission is taken seriously. Delphine adds that it is often easier to train a data user in the profession (customs, for example) than to find a data scientist who is an expert in the field.
In the event of an incident, the response must be proportionate to the level of risk and the sensitivity of the leaked data. Olivier emphasizes the importance of regularly reviewing access rights and revoking them when individuals change jobs, a practice that is often overlooked.
To justify the time spent on data quality, Olivier suggests starting by evaluating the time saved by avoiding manual consolidation. Saad adds that ROI can also be measured in terms of risks avoided (non-compliance, operational errors) and, above all,missed opportunities: no major technological shift (AI, advanced analytics) is possible without high-quality data.
