Transcription
View metadata, citation and similar papers at core.ac.ukbrought to you byCOREprovided by Electronic Journal Widyatama University (UTama) / Jurnal Elektronik Universitas WidyatamaISSN : 2407 - 3911A REVIEW OF DATA GOVERNANCE MATURITY LEVELIN HIGHER EDUCATIONHanung Nindito PrasetyoInformatics Management Departement, School of Applied Science, Telkom UniversityJl. Telekomunikasi Bandung Tekhnoplex Terusan Buah Batu Bandung West Java Indonesia ata governance in organization is unique. Everyorganization has a form of data governance inaccordance with their respective needs. In someliterature most of the industry, build data governanceprogram based on the needs of data quality inachieving the company's goals. Some research haveshown that data quality management is thefoundation of data governance development in theindustry. Although the data quality management is animportant foundation, but in the development of theindustry show the form of data governance that varyaccording to the needs and interests of the company.To see the effectiveness that data governance hasbeen implemented well in an organization, it isneeded a measurement mechanism of maturity level.However, to determine whether the measurementswere carried out in accordance with the organization'sgoals, it will be require a clear base in determiningthe dimensions of the measurement. This researchtried to describe the dimensions of which will be usedduring the activity measurement data governancematurity level within an organization. Themeasurement model used as a reference is the IBMdata governance and DAMA International.Keyword- Data Governance; Maturity Level; DAMA;IBMI. INTRODUCTIONIn general, the concept of data governance refersto the overall management of data availability,usability, integrity, quality, and security of data.Besides that data governance is a program to assignresponsibility for the data, which is organizing theprogram for the organization staff together andcontinue to improve data quality through systematicmechanisms and enforcement of policies, roles,responsibilities, and procedures. Data governanceprogram including in this case the organization orboard, which has been defined including the divisionof authority, collection of procedures definition, andplans to carry out the procedure. The board alsohandles issues around ownership, share, access, use,and security of data as it is integrated and is adoptedby the organization based on agreed business rules.Thus the explanation shows that data governance inthe organization is unique. Each company has a formof data governance in accordance with theirrespective needs. In some literature most of theindustry, build its data governance program based onthe needs of data quality in achieving the company'sgoals. As statements (Begg and Caira, 2012)Datagovernanceformedfromaconvergence of several well-established areasconcerned with data such as data qualitymanagement, data management systems, datasecurity, and data administration.They research the implementation of datagovernance in the industry in the medium and smalllevel. While In the context of the enterprise, based ona survey by Rossom obtained graphically as Figure 1.Figure 1 are based on 394 respondents in industry.The graph illustrates that the main requirement is thequality of data in large-scale industry. This showsthat the management of data quality is the foundationdata governance development in the industry.Although the data quality management is animportant foundation, but in the development of theindustry show the form of data governance that varyaccording to the needs and interests of the company(Russom, 2008):Hanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 15 Desember 20161
ISSN : 2407 - 3911". The leadership and organizationalstructures and processes that ensure thatthe IT organization to support andexpand the organization's strategies andobjectives." (IT Governance Institute,2010)Figure 1. Survey Results Relating to Data Management(Russom, 2008)In principle, any organization that usesinformation technology has doing data management.To see the effectiveness that data governance hasbeen implemented well in an organization, it isneeded a measurement mechanism of maturity level.However, to determine whether the measurementswere carried out in accordance with the organization'sgoals, it will be require a clear base in determiningthe dimensions of the measurement. This researchtried to describe the dimensions of which will be usedduring the activity measurement data governancematurity level within an organization. Themeasurement model used as a reference is the IBMdata governance and DAMA InternationalII.II.1LITERATURE REVIEWInformation Technology GovernanceOriginally the term IT Governance or informationtechnology governance emerged in 1993 as aderivative of the main corporate governance andrelationships with strategic objectives and ITmanagement of an organization. informationtechnology governance emphasizes the importance ofthe relationship between the IT organization andstates that strategic IT decisions should be thought ofCouncil rather than the CIO or other IT managers.It is described by Weill and Ross (2004) that it isnecessary to determine who is entitled to takedecisions and make the accountability framework inorder to produce the desired use of IT. ITGI addingbasic mechanism as follows:On the basis that the governance of informationtechnology (IT) aims to maximize the potential ofexisting resources, and avoid overlapping allocationof time, cost and human resources, as well asreducing the risk of the development of IT in order toensure IT investments can provide optimal results. Asin the previous explanation that IT governance is anintegral part of corporate governance (GCG) whichconsists of the leadership (leadership), organizationalstructures, and processes that ensure that the ITorganization to support and expand the organization'sstrategies and objectives. The main objective of ITgovernance is to:a. Ensure that the investments in IT generatebusiness value, andb. Reduce the risk associated with IT.Within a decade, information technology governanceframework continues to evolve constantly. Prior to2008, yet there is an IT governance framework iscomplete, but at that time there have been severalframeworks available and can be used as a startingpoint in developing a model of IT governance.II.2Data GovernanceData governance is different from governance ofinformation technology (IT). IT governance makesdecisions about IT investments, IT applicationportfolio, and the portfolio of IT projects. Datagovernance strategies and aligning IT objectives withenterprise strategies and objectives. CobiT (ControlObjectives for Information and Related Technology)provides IT governance standards, but only a fractionof the CobiT framework which deals with themanagement of the information on DS11. Datagovernance is specifically designed for themanagement of data assets. Data governance is at theheart of asset management data. This approach is inline with the concept of data governance MicrosoftCorporation who explained that the data do notreplace the IT governance, but as a complement [5].IT governance focuses on defining the IT investmentportfolio, performance settings, and evaluate andmanage risks to the IT infrastructure.Hanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20162
ISSN : 2407 - 3911This ensures alignment of IT investments with theorganization's mission and business objectives. Datagovernance, on the other hand, focuses on creating acontext that enables organizations to align datamanagement efforts with business goals, supportregulatory compliance, and manage the risksassociated with a particular data element in this caseis the desire of the organization in protectingintellectual property, confidential trading, marketdata, including personal information. Figure 2illustrates how the concept of IT governance, datagovernance, and compliance related to each other.unified process by vendors such as IBM Softwareproviders (Soares, 2011).II.4Data Governance DAMA InternationalDAMA Association issued a reference frameworkand management of data standards known asDMBOK (Data Management Body of Knowledge) in2009. DAMA International Association or now oftenreferred to as DAMA International is a non-profitorganization in the data management across the worldfounded in 1988 in Los Angeles. DAMA has morethan 7500 members worldwide are composed ofmanagers and data analysts. DAMA internationalgrouping data governance function into 10 (ten) areaas Figure 3.Figure 2. Concept of IT governance, data governance, andcompliance related to each other in the approach MicrosoftCorporation (Salido & Voon, 2010).There is some understanding of data governance anddata governance. Here are some definitions of datagovernance:a. Data governance is decision-making and authorityfor matters relating to the data. Data governance isa system of decision rights and accountability forprocess-related information, is carried out inaccordance with the model and describe who cantake what actions with what information, when,under what circumstances, using what methods(The Data Governance Institute, 2010).b. Data governance is defined as the processes,policies, standards, organization, and technologiesrequired to manage and ensure the availability,accessibility, quality, consistency, auditabilitasand data security within the enterprise orinstitution (Soares, 2011).II.3Data Governance FrameworkMany ways are offered to solve the problems ofdata such as data governance framework by DAMAInternational. And the latest is a data governanceFigure 3. Data Governance Framework of DAMA Int.(Mosley, 2009)In Figure 3, the model shows that the function ofdata governance is the important core. Datagovernance functions interact and affect otherfunctions that surround it. Data governance regard tothe authority and control (planning, monitoring,implementation) of the data assets. To supportingframework data governance function, DAMA set of 6(six) focus areas of data management: Data Governance Data Development Database Operations Management Data Security Management Reference and Master Data Management Document and content management.Hanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20163
ISSN : 2407 - 3911The Focus-function downgraded to a datamanagement function. As for the ten (10) in the datamanagement function DAMA International (Mosley,2009)1. Data governance that includes planning,supervision and control over the managementand use of data.2. Management data architecture is an integratedpart of the enterprise architecture.3. Data Development which include analysis,design, development and testing, distribution andmaintenance.4. Database Operational management supports thephysical structure defines the data asset recoveryand performance needs for data and assist theservice level in this area.5. Data security Management, guarantee of privacy,trust and permissions.6. The reference and Master Data Management.Managing major version and a replica of data,overseeing the manufacture, modification anddeletion of code values and other reference data,define master data management needs,identification of master data management issues.7. Data warehouse Management and businessintelligence in providing open access to data forsupport the decision in terms of reporting andanalysis.8. Document and content management that includesstorage, protection, and access rights index tofind unstructured data.9. Meta Data Management integrating, controllingand distributing metadata.10. Data quality management define, supervise andimprovise the data quality.Then DAMA create the matrix as a column thatshould be done in data governance. The matrix isconstructed as table 1.Table 1 shows that the DAMA is more focused onachieving technical data management.Table 1. Data Governance DAMA MatrixModel (Mosley, 2009)ElemenData ManagementFunctionsPGADRRTOT OCData GovernanceData ArchitectureManagementData DevelopmentDatabase OperationalManagementData SecurityManagementReference & Master DataManagementData Warehouse &Business intelligenceManagementContent & DocumentManagementMeta Data ManagementData QualityManagementPG : Principle & Goals; A : Activity; D : Distribution;RR : Role & Responsibility; T : Technology;OT : Organizing Technical; OC : Organization & CultureII.5Data Governance Unified Process IBMInternational Business Machines (IBM) set up adata governance board as a leadership forum in 2004for practitioners as the leader of data governance,leaders of information governance, leadership dataservices, the architect of an organization's data, thehead of information security, the head of riskmanagement, the head of compliance, and accessrights and privacy leadership. The Council is focuseddiscuss new issues related to the functioning of theorganization that can effectively manage the data asan asset of the organization. Council focuses on therelationship between information, and businessprocesses, optimize information for the organization.There are various problems in the governance of thedata at the time of the beginning of the emergence ofa governance board, such as (Adler, 2007): data governance inconsistencies can cause theloss of relationship between business goals andIT programs. data governance policies that are not related tothe need-structured and reporting.Hanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20164
ISSN : 2407 - 3911 risks are not addressed from the perspective ofthe life cycle of data, policies, standards, andprocessing.metadata and business glossaries are not used tobridge the semantics related to differences vernance across different data domains andorganizational boundaries difficult to implement.data governance has elements of strategic andtactical, which is not always clear.In fact, every organization will implement a datagovernance differently, mainly because of differencesin business purposes. Some organizations focus ondata quality, while others on the customer, and theother to ensure the privacy of data customer. Apartfrom this, every organization should in principleundertake certain steps to organize the data. IBMframework focus on the real problems associatedwith the data that is faced by the organization. DataGovernance framework IBM can be gradual andcontinuous development cycle so clearly visible. Inthis case the data governance framework are built isnot just a 'artifacts' but built gradually andstrategically. Figure 4 illustrates the mapping of datagovernance IBM fourteen (14) step phase consistingof 10 (ten) steps required and four (4) additionaloptional steps (Soares, 2011). Ooutcames Domain: DatariskManagement Creating value, Function Domain OrganizationStructure&Awardness Data Stewardship Policy Core Domain DataQualityManagement Information Life CycleManagement Privacy & SecurityManagement Support Domain Data Architecture Classification&Metadata Management Information Audit &ReportingFigure 5. Domains Of Data Governance IBM(Soares, 2011)II.6Capability Maturity Model Integration(CMMI)CMMI is a process improvement approach thatprovides the essential elements of effective processesfor the organization. Mechanisms using aquestionnaire. Questionnaires maturity level hereusing the standard approach adopted from CapabilityMaturity Model (CMM) of the Software EngineeringInstitute (SEI). Presentation of CMMI can be dividedinto multilevel models (staged model) and continuousmodel. Differences in these models due to differencesin the way to concentrate on process improvement.Selection of the model can be based on the approachto the region's ability or maturity of organizationalprocesses. The viewpoint of regional capacitybuilding process which concentrates the starting pointand measure any improvement in each and regionsone by one. As for the level of maturity in thegovernance of the data is as follows (SEI, 1986).Maturity level 0(Non-Existent) – a stage where Managementprocesses do not existMaturity level 1Figure 4. The Data Governance Framework IBM(Soares, 2011)The focus of IBM data governance can be seenfrom the effective elements defined by IBM within11 (eleven) category. 11 (eleven) are grouped intofour categories, namely domain (Soares, 2011):(Initial)- a stage where the process is going onnormally ad hoc and unstable environments. Thesuccess that occurred more reflects individualcompetencies within the organization, rather thanthrough the implementation of the agreed process orprocedure.Hanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20165
ISSN : 2407 - 3911Maturity level 2(Managed) – the stage where the organization hasa pattern for managing the associated process isbased on the success of repeated experiences but donot have a standard patternMaturity level 3(Defined)- The stage where the Organization isgoverned through a standardized process and used toestablish consistency across the organization.Standards, process descriptions, and procedures onwork customized organization, arranged according toa standard process in a particular project ororganizational unit.Maturity level 4(Quantitatively managed) – The organization hasset a target for quality and maintenance processes.Part of the selected process has significantlycontributed to the overall performance and theprocess is controlled using statistical and otherquantitative techniques.Maturity Level 5(Optimizing) – The entire process is capable ofpromoting the objective of the organization well andcontinuously, then constantly revised as a guidewhenever there are changes in business objectivesand used as criteria in managing processimprovement.III. REVIEW OF MODEL & MATURITYLEVEL DATA GOVERNANCEIII.1 Morphology of Data GovernanceIn principle, morphological data governanceconsists of 2 (two) approaches, which approaches thestructure and approach to the goals and objectives.This is as shown in Figure 5.Figure 6. Morphology of Data Governance (Otto, 2011)Figure 4 shows that to establish a data governanceis based on two forms, namely: Based on the objectives / outcomes expected indata governance Based on the technical structure of DataGovernanceBased on the shape, it appears that the datagovernance of DAMA International is based onfulfilling the function of data management structure.While IBM data governance more inclined to formdata governance by objectives to be achieved. It canbe shown in the phase formation of IBM dataHanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20166
ISSN : 2407 - 3911governance program begins with the identification ofproblems that occur in institutions, assess the level ofmaturity that is until eventually build roadmap ofdata governance based on the problems faced and themeasurement results of existing data governanceTo strengthen it would have taken two datagovernance framework that is most widely used as areference, namely the IBM Data Governance andDAMA International. The following table 3 showsthe relative position of the focus of both IBM DataGovernance and DAMA International.fulfillment of the technical structure of datagovernance. Therefore, based on the relative positionand focus the process can be described that theprocess of integrated IBM data governance canbecome an 'umbrella' and fully supported by the'artifacts' DAMA International. This can beillustrated in Figure 6.Table 2. Focus Of Relativity Positioning DataGovernance IBM Dan DAMA InternationalNoFocus IBMFocus DAMA1Data RiskManagementCreating valueStruktur Organisasidan kepatuhanData Stewardship-23456789101112PolicyData QualityManagementInformation LifeCycle MsnagementOperational DatabaseManagementData GovernanceData Quality Management Data Development Reference & Master DataManagement Content & DocumentManagementPrivacy & Information Data Security ManagementSecurityData ArchitectureData ArchitectureManagementClassification &Metadata ManagementMetadataInformation Audit &ReportingData Warehouse & BusinessInteligence ManagementSource : (Prasetyo, 2013)Table 3 shows that the focus of IBM datagovernance wider in scope than the DAMAInternational. But of these two models there are four(4) similarity of focus that is related policies, dataquality, data security and data architecture. Thisshows that IBM has a scope broader DataGovernance which includes risk management of data,creation and alignment of values, organizationalstructure and compliance, as well as policies whileDAMA appears to be more focused in terms of datamanagement or technical data management. IBMData Governance in the focus seems oriented goals /achievements while DAMA International is theFigure 7. Relativity Positioning of IBM & DAMAData Governance (Prasetyo, 2013)III.2 Relationship between model & maturityLevel of Data GovernanceModel or framework that is used will determinethe measuring instrument data governance maturitylevel. Organizations that want to build datagovernance with the fulfillment of the technicalaspects of data management and technical datagovernance that can be used are elements of datagovernance DAMA. However, if you want tomeasure the targets to be achieved, the IBM approachthat can be used. This research also recommends thatif the data is not running on the management of theorganization, can use DAMA International whereas ifit has started can be measured with IBM models. Oreven can combine between them according to theneeds of the organization.III.3 The Test Measurement Data GovernanceMaturity levelTo gain an overview of the use of measurementdata governance maturity level in this study,conducted case studies at the University of X. In thiscase study, measurement of data governance maturitylevel at the college to get the value of datagovernance maturity. The measurement approachuses two models namely the model DAMAInternational and IBM Unified Process Model. Thestudy was conducted using survey techniques andHanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20167
ISSN : 2407 - 3911conducted simultaneously at the university and thenthe results of a questionnaire prepared for laterconcluded. The survey respondents are subjectsrelated to policy formulation, decision making, datamanagement in the respective faculties and universitylevel, such as the leadership ranks of university X,faculty leaders and their respective relevant field datamanagement university as an academic unit and theunit manager of information systems. Table 4 showsthe respondents of survey.respondents have filled the accumulated tallyconducted using both the average value on eachelement and overall value.The formula for calculating the average value of eachelement is as follows: .[1]Table 3. Respondent Of Survei University XRespondentLeaders of UniversityLeaders of FacultyAcademic & Information System UnitTotalAmount29920As for the formula for the overall average value is asfollows:[2]Source : researcher observationIII. MEASUREMENT RESULT DATAGOVERNANCE MATURITY LEVELA. Survey MethodsIn this case study, the measurement datagovernance maturity level is done in colleges. Themethod used in this research is by using aquestionnaire survey. The questionnaire usedconsisted of two types, the first questionnaire usingthe IBM approach and a second questionnaireapproach DAMA International. The survey wasconducted among respondents same but in a differenttime and carried out simultaneously at the institution.then the results of the questionnaire prepared for laterconcluded.Figure 8. Quesioner ModelNoElement1Element 1a.b.Element 2a.b.Etc.23Maturity Level ofData Governance0 1 2 3 4 5The two questionnaires, using the same calculationformula. The elements in the questionnaire based onthe maturity level IBM:1.2.3.4.5.6.7.8.9.10.11.Term Of Risk ManagementCreating valuePolicyOrganization Structure and AwardnessData StewardshipData Quality ManagementInformation Life Cycle ManagementPrivacy and SecurityData ArchitektureClasification and metadataInformation Audit and reportingWhile the level of maturity with DAMAapproach is based on element:1.2.3.4.5.6.7.Data GovernanceData Architecture ManagementData DevelopmentOperational Database ManagementDataq Security ManagementReference & Master Data ManagementData warehouse & Business InteligenceManagement8. Content & Document Management9. Metadata Management10. Data Quality ManagementB. Survey Result IBM ModelRespondents were asked to provide ceklish mark ( )on the questionnaire that has been provided. After allThe following analysis of the results ofrecapitulation calculation described questionnaireHanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20168
ISSN : 2407 - 3911data governance maturity level and gap analysis atthe University X.Table 4. Recapitulation Maturity Level DataGovernace In University X With IbmNoDimention1Term Of Risk Management2Creating value3Policy4Organization Structure and Awardness5Data Stewardship6Data Quality Management7Information Life Cycle Management8Privacy and Security9Data Architekture10Clasification and metadata11Information Audit and ,872,072,112,301,812,422,14Source: (Prasetyo, 2013)As the description above table, terms of riskmanagement, creation, and alignment of values,organizational structure and awardness, Datastewardship, security and privacy, data architectureauditing and reporting information of university X atthe level 2 - where the level Managed.C. Survey Result With DAMA InternationalModelBased survey data governance maturity levels incollege obtained the results of the calculation asTable 6.Table 5. Recapitulation Maturity Level DataGovernance In University X With DamaNoDimention123456Data GovernanceData Architecture ManagementData DevelopmentOperational Database ManagementDataq Security ManagementReference&MasterDataManagement7Data warehouse & BusinessInteligence Management8Content & Document Management9Metadata Management10Data Quality 2,411,652,521,532,182,21Source : (Tridalestari, 2014)Both of table shows that data governance maturitylevel at university have an average rating of 2.14based on IBM and the average value of 2.21 basedDAMA or can be inferred by the results obtained bythe two approaches are at level 2 (which means thatthe level of maturity of governance at stage ofmanaged), where the organization has a pattern formanaging the associated process is based on thesuccessful experience recurrent but not a standardpattern. Quite apart from these results, it can beshown that in Table 5, the dimensions of datagovernance at DAMA has a value of 2.13 or closerelevance to the average value of data governancematurity level IBM by 2.14. This means that thedimensions of the DAMA data governance canrepresent measurement data governance maturitylevel but it is not known variable aspects ofderivatives or less detail. In addition, the IBMapproach shows more of 'governance' in comparisonwith the approach of DAMA gically both, goals and structure, datagovernance in Telkom University is still in thecategory of managed.IV. CONCLUSIONThis research concluded that if organizations wantto measure the maturity level of data governance isbased on the fulfillment of the governance structureof the data can use DAMA International approach fora more technical nature. However, if organizationwant to measure the targets to be achieved, the IBMdata governance approach that can be used. Researchis once again recommends that if the data is notrunning on the management of the organization, canuse DAMA International whereas if it has started canbe measured with IBM models.REFERENCESCarolyn E. Begg dan Tom Caira. (2012). Exploringthe SME quandary: Data Governance inpractice in small to medium-sizedenterprise sector. The Electronic journalInformation System Evaluation, gration”. Business Inteligence Journal.Weill, P., & Ross, J. W. (2004). IT governance: Howtop performers manage IT decision rightsfor superior results. Harvard BusinessPress.Salido J., Voon P. (2010). A Guide to DataGovernance Privacy, Confidentiality andCompliance. Microsoft Corporation.Adler, Steve.(2007). The IBM Data GovernanceHanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi TerapanVolume III, No.1, 1 Desember 20169
ISSN : 2407 - 3911Maturity Model: Building a Roadmap forEffective Data Governance. Whitepaper ofIBM Corporation.Soares, Sunil. (2011). The IBM Data GovernanceUnified Process; Driving Business Valuewith IBM Software and Best Practices.USA Ketchum : MC PRESS.Mosley M., Brackett M., Earley S., HendersonD.,(2009). The DAMA Guide to The DataManagement Body of Knowledge (DAMADMBOK Guide). USA : TechnicsPublications, LLC.Software Engineering Institute (SEI), (1986).Capability Maturity Methode. USADefence Departement. Carnegie MellonUniversity: Pittsburgh.Prasetyo, Hanung N., (2015). Pengukuran MaturityLevel tata kelola data di Universitas Xdengan menggunakan Standar IBM,Proseeding SESINDO 2015 ITS Surabaya.Otto, Boris. (2011). A morphology of theorganisation of data governance. In ECIS,vol. 20, no. 1, p. 1.Prasetyo, Hanung Nindito. (2013). Designing ofData Governance Model In ung InstituteofTechnology, Not Published.Tridalestari, Ferra Arik. (2014). Identification ofData Governance funtion with DAMAInternational framework in highereduation.BandungInstituteofTechnology. Not published.Hanung Nindito PrasetyoJurnal Ilmiah Teknologi Informasi Terap
during the activity measurement data governance maturity level within an organization. The measurement model used as a reference is the IBM data governance and DAMA International. Keyword- Data Governance; Maturity Level; DAMA; IBM quality of data in large I. INTRODUCTION In general, the concept of data governance refers
