Standing up a data governance framework is a critical step for any organization. According to reporting from Gartner and Immuta, it topped the list of leaders’ priorities – beating out initiatives related to AI and analytics.
But as technology evolves, so does the process of implementing an effective, future-proof data governance program. Defining success metrics, involving the right people, and understanding the milestones to be met, all vary depending on your individual organization (and sometimes, your specific domain within that organization). With years of experience guiding customers through this process, we understand the complexities and challenges that often accompany a data governance implementation – and how to navigate them in a way that keeps all of your stakeholders engaged and productive.
In this blog, we’ll explain the milestones and stages of the data governance implementation lifecycle that we are seeing with enterprises of all sizes and industries. Whether you’re just beginning to explore data governance or are looking to refine your existing framework for future scalability, here’s what to expect throughout the journey.
The initial phase of data governance implementation is the proof of concept (POC). This step focuses on ensuring that the platform(s) you’re evaluating have the right features and functionality to support the business value and initiatives your organization is trying to achieve. This should be done prior to signing a contract with a data governance platform provider, so that you’re confident that all of your stakeholders’ needs will be met.
Typically, you will first outline the features and functionality that are must-haves for your organization. For instance, do you need a solution that will connect with your cloud storage and compute platforms? Will a tool that requires SQL expertise work with your long-term growth goals?
Next, you will be provisioned access to a test environment where you can try out the product’s features to ensure they work as expected in a variety of generic use cases. When the POC has concluded, you will meet with your support team from the platform provider to assess goal achievement and determine whether the platform will be a viable option for your tech stack.
There are a few risks to our success in this phase:
Undefined success criteria allows for scope creep, moving goal posts, and a lack of control on the project’s timing – meaning that it will take you longer to see results and make a decision about whether to adopt a platform. Additionally, we’ve seen that misalignment between the individuals or teams who will be working hands-on with the product and those who will benefit from it – a scenario that’s common in highly matrixed organizations – often sets companies up for frustration, confusion, or worst of all, failure to implement effectively.
In order to mitigate these risks, it is important to clearly define the POC’s scope and success criteria with your decision-making stakeholders in order to simplify the evaluation and transition to the next steps. The most successful organizations, in our experience, also document their goals, understand who the stakeholders are throughout the company, and define the long-term business problems they want to solve. This documentation approach helps hold everyone accountable for what needs to be achieved and what the goal line is in order to progress.
The next phase in the data governance implementation process, which takes place after you’ve signed the contract for your platform, is the technical implementation or deployment. This phase focuses on designing the architecture to fit your new tool into your data ecosystem, including integrating it with the existing technologies in your tech stack, such as IAMs, data storage, processing, or analytics platforms, catalogs, and log aggregators.
To effectively implement your data governance solution, it’s key to have a strong vision of where you want to get to. It’s easy to want to pursue a fully integrated, end-to-end platform at this stage, but you should focus instead on integrating the technologies that are absolutely necessary to execute a minimum viable product (MVP), which we’ll cover in the next section.
During this phase, it’s a good idea to sit down with your organization’s decision-maker(s) and stakeholders, as well as the support team from the platform you’re integrating, to align on the vision, roadmap, and strategy for rolling out the platform. This helps ensure teams on both sides agree on how to successfully deploy a product like Immuta in terms of instance sizing, integration selection and design, resource planning, and workstream prioritization. Having these discussions up front will lay the foundation and context for how you work with the platform team on your implementation and deployment.
In this phase, the potential risks are both technical and communication-based. To deploy successfully and quickly, and accelerate adoption, focus on avoiding the following:
If you feel that you lack a vision for the platform or a roadmap for implementation, you may not have the right individuals involved in the planning process. Vision and roadmaps are table stakes for deploying enterprise solutions – they help answer questions, maintain accountability, and enable effective communication. To avoid putting your deployment at risk, be sure to gather your key stakeholders – including executive sponsors – so that you can ensure everyone is on the same page moving forward.
The exit criteria for this phase may vary based on your roadmap and the requirements needed to effectively execute on the following phase, the MVP. With Immuta, for example, the exit criteria results in Immuta being integrated into an IAM, catalog, and data platform so that we can design and validate the people and processes that will be part of the solution during the MVP.
The MVP phase is the most pivotal point in the customer life cycle. It’s where you begin to design and validate the people and processes involved in fully deploying and driving adoption of your data governance platform.
The MVP will highlight any gaps in preparedness or commitment to seeing your project through to its desired end state. Your team, as well as your platform support team, must share a strong understanding of how data owners, stewards, governors, engineers, and users will interact with data and with each other.
For example, when a data engineer creates a new table, how does that table get ingested into your governance platform and tagged appropriately by the catalog – while also meeting the policy requirements to ensure the data is authorized to the right users in downstream systems? Or, when a data access request is made in another system such as a data marketplace, how is the correct metadata associated with the requestor to ensure they receive the entitlements in the requested data platform? Have you crafted a policy design that will allow your organization to scale through business units and divisions? Who will be responsible for new and existing policies going forward?
There is a significant amount of work and design to consider in this phase, but it will set you up to be successful long term. Before moving to the next phase, you should have:
At large enterprises, this is often the point at which the data marketplace, mesh, or fabric concept is woven into the solution to ensure it is fully integrated into the organization’s data strategy. Completing this phase means leveraging the newly established processes to go live with data users in production, then evaluating and optimizing deployment over the coming phases of adoption.
Spending time on the factors above is a worthwhile team effort. It furthers collaboration and cross-functional alignment, but also helps avoid the common risks in this stage, such as:
Without a plan for how to integrate, maintain, and dedicate appropriate resources to supporting your data governance platform and framework, the future of the data governance implementation will be in jeopardy. This phase is critical because it determines whether the organization has a strong enough strategy, is prepared to scale across business units and divisions, and can navigate obstacles that may arise in the following phases.
Another potential risk at this point is use case pipelining, which occurs when you have not fully defined the next steps following your MVP or first onboarded use case. Instead of trying to shop around for new use cases, make sure you are aligned with executive and strategic initiatives – this is the best way to guide what you do next on your data governance implementation journey.
In an ideal scenario, you will avoid use case pipelining and go straight to the strategy and adoption phase directly after the MVP. This is when you will work with your governance platform support team to look at your MVP in retrospect, refine processes, close any gaps in your adoption strategy – and then put it all to work.
As we accelerate out of strategy development, it’s now time to execute on that strategy and drive adoption across the organization. At Immuta, we support our customers at this stage (beyond regular check-ins) by running training sessions or policy workshops. This helps ramp up your stakeholders’ awareness of and familiarity with the product, so they can begin to take ownership in their part of the solution and speed up how quickly you’ll start to see an impact.
Another best practice at this stage is to develop a Center of Excellence (CoE) that creates support lanes for various stakeholder groups in order to avoid bottlenecks as you scale. Your platform support team should help with this process, which includes identifying CoE leaders, training processes, and communication strategies for each business unit. While it may seem like a nice-to-have, this approach builds a strong foundation for successful adoption.
When your focus shifts to driving adoption, you’ll naturally start to think more long term. This includes diligent demand planning to understand which users will adopt the product, when, and whether that aligns with your product licensing. By focusing your stakeholders’ and executives’ attention on demand planning, you’ll ensure that you have a clear plan for how your platform will be used in the near term, as well as a predictive plan for how the rest of your organization will adopt and begin to realize ROI.
If you’ve made it to this point – congratulations! The most significant and common risks are likely behind you. But that’s not to say the strategy and adoption phase is free of potential barriers. In this phase of the data governance implementation process, risks include:
A change in your executive sponsor is a significant risk in any phase, but especially this one. This person has typically seen the implementation’s progress, understands the product’s potential, and can advocate for it in front of the rest of the executive team. If your executive sponsor does change, it’s important to brief their replacement on progress to date and introduce them to your product support team as early as possible, so as to avoid halting momentum.
Additionally, it is important to identify and address any gaps in the operationalization of your data governance platform. These gaps may be related to process documentation – including compatibility between new and existing processes – architecture, or integrations. Taking time to focus on this step will help avoid delays as you expand adoption to other business units.
Lastly, resource sprawl may take a variety of forms when adoption expands rapidly and/or if there are lingering technical tasks (like a SaaS migration) that are being addressed while you drive adoption. In any case, ensuring your core team has a strong handle on the new platform and is well enabled to support it – via a CoE, for example – is critical.
How long does a data governance implementation typically take? In our experience, that depends on you, the customer. To gauge how long of a commitment you might be looking at, consider the following questions:
The more cohesive your team is with your new platform’s support team, the better you’ll be able to plan effectively and move through these phases efficiently. In addition to the meetings and trainings previously mentioned, work with your support team to schedule quarterly planning workshops and business reviews (QBRs), and Program Incremental (PI) Planning exercises. This will set you up for long-term success by ensuring your team is aligned in understanding the roadmap and execution strategy – so you can put your data to work and start seeing results faster and confidently.
Your step-by-step guide to seamlessly implementing data governance and security.
