Top Five critical Questions To Improve Big Data Governance

Modern businesses spend a great deal of resources developing big data inititives that involves implementing data management solutions and refining the necessary integration processes.  Data governance is the process of creating and agreeing to standards and requirements for the collection, identification, storage and use of data. Believe it or not it is sometimes left out initial planning. There should be no cutting corners, with Big Data, since it still needs to be governed. Big data has been predicted to become the key cornerstone of competition, underpinning new waves of productivity growth, innovation, and consumer surplus, according to research by MGI and McKinsey’s Business Technology Office. Lisa Arthur writing for forbes defines it as:

a collection of data from traditional and digital sources inside and outside your company that represents a source for ongoing discovery and analysis.

It has also been dubbed “the new oil” by the World Economic Forum, improving decision making, reduce time to market and increase profits. But it can also raise significant risk, ranging from disastrous data breaches to privacy and compliance concerns. To help enterprises retain control of their massive and fast-changing information, ISACA has issued new guidance available freely at www.isaca.org/privacy-and-big-data. Privacy and Big Data:  An ISACA White Paper outlines critical governance and assurance considerations as well as key questions that must be answered. Founded in 1969, the nonprofit, independent ISACA is an advocate for professionals involved in information security, assurance, risk management and governance.

“CIOs are often under pressure from the board and senior leadership to implement big data before proper risk management and controls are in place, in order to compete in the marketplace,” said Richard Chew, CISA, CISM, CGEIT, a developer of the ISACA paper and senior information security analyst at Emerald Management Group. “Big data provides an important opportunity to deliver value from information, but an enterprise will be more successful in the long run if policies and frameworks such as COBIT are put into place first.”

According to Privacy and Big Data, enterprises must ask and answer 16 important questions, including these key five, which—if ignored—expose the enterprise to greater risk and damage:

1. Can we trust our sources of big data?
2. What information are we collecting without exposing the enterprise to legal and regulatory battles?
3. How will we protect our sources, our processes and our decisions from theft and corruption?
4. What policies are in place to ensure that employees keep stakeholder information confidential during and after employment?
5. What actions are we taking that create trends that can be exploited by our rivals?

As big data grows, enterprises need a robust data privacy solution to help prevent breaches and enforce security in a complex IT environment. “To streamline the governance, risk management and effective delivery of big data implementation projects, many enterprises are implementing COBIT, a customisable framework developed by global subject matter experts,” said Yves LeRoux, CISM, CISSP, chair of ISACA’s Data Privacy Task Force and technology strategist at CA Technologies.

“By using COBIT, enterprises can more easily identify sensitive data, ensure that the data are secured, demonstrate compliance with applicable laws and regulations, proactively monitor the data, and react and respond faster to data or privacy breaches.”

The COBIT 5 framework can be downloaded free of charge at www.isaca.org/cobit. Privacy and Big Data is available freely at www.isaca.org/privacy-and-big-data. Additional privacy and big data discussions, links and resources can be found in ISACA’s Knowledge Center in the Privacy/Data Protection and Big Data communities.