Koncept zavedení Data Governance / Data governance implementation concept

Ullrichová, Jana

January 2016

This master´s thesis discusses concept of implementation for data governance. The theoretical part of this thesis is about data governance. It explains why data are important for company, describes definitoons of data governance, its history, its components, its principles and processes and fitting in company. Theoretical part is amended with examples of data governance failures and banking specifics. The main goal of this thesis is to create a concept for implementing data governance and its implementation in real company. That is what practical part consists of.

Reference Model with a Lean Approach of Master Data Management in the Peruvian Microfinance Sector

Gamero, Alex, Garcia, Jose, Raymundo, Carlos

09 May 2019

El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado. / Microfinance has undergone a great growth in the last years, bringing consequently the significant increase of the data of the transactions and daily operations, manual processes of cleaning, complexity in IT projects and, in comparison with the traditional bank, a less amount of resources. For this reason, the model must allow the master data to have maintenance processes that reduce manual cleaning activities and contribute to the implementation of technology projects in an agile manner. On the other hand, the research seeks to combine a basic pillar such as Master Data Management (MDM) for the analysis of information with the lean approach, already used in the industry for the operational cost and additionally an evaluation measure prior to this process obtaining the state of the capabilities in the organization. In this way, the result will be that the organization can be previously evaluated and quickly identify which points should be improved to achieve the implementation of MDM initiatives. Likewise, within the research it is concluded that the Peruvian microfinance sector is prepared for the implementation of master data management with a 'proactive' maturity level of 3.46 points.

data governance

finance

lean

master data

master data management

MDM

microfinance

Information architecture model for the successful data governance initiative in the peruvian higher education sector

Castillo, Luis Felipe, Raymundo, Carlos, Mateos, Francisco Dominguez

20 October 2017

El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado. / The research revealed the need to design an information architecture model for Data Governance initiative that can serve as an intercom between current IT / IS management trends: Information technology (IT) management and information management. A model is needed that strikes a balance between the need to invest in technology and the ability to manage the information that originates from the use of those technologies, as well as to measure with greater precision the generation of IT value through the use of quality information and user satisfaction, using the technologies that make it possible for the information to reach them to be used in their daily work.

Generating IT value

Information Management Data governance

Information Quality

IT Management

The Governance of Personal Data Sovereignty in the Banking Sector

Otieno, Christine

January 2022

Concerns related to the control of personal “digital data” have resulted in initiatives being taken globally to safeguard the individuals’ control over their own data. The EU’s General Data Protection Regulation (GDPR) being a significant example in this connection. Specifically, two protective rights regarding respectively the right for data to be forgotten and their portability have been brought in to enhance individuals’ control over their data. As a consequence, data governance which signifies the “power relations between all the actors affected by, or having an effect on, the way data is accessed, controlled, shared and used, the various socio-technical arrangements set in place to generate value from data, and how such value is redistributed between actors” (Micheli et al., 2020, p. 3) has become a crucial endeavour for governments and businesses around the world. A scrutiny of different models of data governance highlighted the notion of personal data sovereignty (PDS) which indicates enhanced empowerment of data subjects through self-determination. PDS, additionally, entails an appropriate combination of empowerment, economic development, enhanced knowledge and profit to participating private organisations. Further, data subjects, in PDS, have the power to access, regulate, share and investigate their information at all times. In this regard, the present study investigated the manner in which banks in Sweden manage the sustainability of the sovereignty of their data. Based on the problem statement, the research question of the study was formulated as follows: “How do banks govern personal data sovereignty?” The research strategy used for the present study was an exploratory survey design with a quantitative approach to obtain data from executives in Swedish banks. The present study used a survey strategy. Survey strategies employing questionnaires are widespread since they permit standardised data to be obtained from a large population in a very economical manner. Further, the data collected can be easily compared. Moreover, the survey strategy is viewed as reliable, in general, by people and it is also relatively straightforward both for the researcher to explain and for the participants to understand. A custom questionnaire was designed for the study based on insights obtained from existing academic and business research. Sections in the questionnaire were designed to obtain data related to areas such as, data governance in Sweden, personal data, usage of personal data, and PDS. The study’s findings reveal that banks in Sweden take different measures to help their customers maintain their PDS. As a result, bank employees seem to robustly understand personal data, how their banks utilize the personal data of customers, and the extent to which customers are aware of banks’ use of their personal data. It could also be concluded that banks were using measures which were in line with existing Swedish and EU data protection standards and laws. The study’s findings contribute to further research concerning data sovereignty and use of personal data in the banking sector. Further, it can aid banks to manage their global customers’ data. The study was constrained chiefly by the limited empirical literature associated with the study’s topic and the restricted time available for the study

data governance

personal data sovereignty

Swedish banks

Computer Sciences

Datavetenskap (datalogi)

Towards Data Governance for International Dementia Care Mapping (DCM). A Study Proposing DCM Data Management through a Data Warehousing Approach.

Khalid, Shehla

January 2010

Information Technology (IT) plays a vital role in improving health care systems by enhancing the quality, efficiency, safety, security, collaboration and informing decision making. Dementia, a decline in mental ability which affects memory, concentration and perception, is a key issue in health and social care, given the current context of an aging population. The quality of dementia care is noted as an international area of concern. Dementia Care Mapping (DCM) is a systematic observational framework for assessing and improving dementia care quality. DCM has been used as both a research and practice development tool internationally. However, despite the success of DCM and the annual generation of a huge amount of data on dementia care quality, it lacks a governance framework, based on modern IT solutions for data management, such a framework would provide the organisations using DCM a systematic way of storing, retrieving and comparing data over time, to monitor progress or trends in care quality. Data Governance (DG) refers to the implications of policies and accountabilities to data management in an organisation. The data management procedure includes availability, usability, quality, integrity, and security of the organisation data according to their users and requirements. This novel multidisciplinary study proposes a comprehensive solution for governing the DCM data by introducing a data management framework based on a data warehousing approach. Original contributions have been made through the design and development of a data management framework, describing the DCM international database design and DCM data warehouse architecture. These data repositories will provide the acquisition and storage solutions for DCM data. The designed DCM data warehouse facilitates various analytical applications to be applied for multidimensional analysis. Different queries are applied to demonstrate the DCM data warehouse functionality. A case study is also presented to explain the clustering technique applied to the DCM data. The performance of the DCM data governance framework is demonstrated in this case study related to data clustering results. Results are encouraging and open up discussion for further analysis.

Dementia Care Mapping (DCM)

Data governance

Data management

Data warehousing

Health care systems

Compliance to GDPR Data Protection and Privacy in Artificial Intelligence Technology: Legal and Ethical Ramifications in Malaysia

Kamaruddin, S., Mohammad, A.M., Mohd Saufi, N.N., Wan Rosli, Wan R., Othman, M.B., Hamin, Z.

25 September 2023

No / AI is becoming increasingly important in cybersecurity. AI-based products detect risks and secure systems and data. Cybercriminals can use technology to launch more sophisticated attacks. AI-based security is in demand due to cyberattacks. With the adoption of AI technology, GDPR requires most countries to have legal measures to protect their citizens' data and privacy. Data protection and privacy issues arise when using AI technology. AI use must comply with GDPR, including obtaining consent for data processing, ensuring data accuracy, and giving individuals the right to access, correct, or delete their data. Organisations must also be transparent about how their AI makes decisions and not discriminate against individuals or groups. This study examines Malaysia's GDPR compliance on AI usage, data protection, and privacy in light of current concerns. This study analyses primary and secondary sources using doctrinal research. In 2022, Malaysia's banking, healthcare, and telecommunications sectors were hit by data breaches, indicating that AI is increasing data breaches. Thus, the government must examine citizen data protection and privacy concerns and re-examine its governance, including legal and regulatory mechanisms, to see if it conforms to international norms and consider reforms. / This research was supported by the Ministry of Education (MOE) through the Fundamental Research Grant Scheme (FRGS/1/2020/SSI0/UPSI/02/12).

Computer crime

Data governance

Law

Legislation

Data protection

GDPR

Artificial intelligence

Privacy

Malaysia

Master Data Management-studie om nästa entiteto och leverantör för Scania / Master Data Management study about the next entity and suppier for Scania

Oldelius, David, Pham, Douglas

January 2018

Stora företag har olika avdelningar där informationen från dessa måste hanteras. Master Data Management(MDM) är ett informationshanteringssystem för att hantera information från olika källor. En MDM-implementation sker med en entitet i taget. Arbetets problemställning är att rekommendera nästa entitet att inkludera i MDM-implementationen hos Scania samt vilken leverantör som passar till implementationen. En rekommendation av entitet framställs av material från Scania och intervjuer med anställda på Scania. Rekommendationen av leverantör framställs från material från leverantörer och intervjuer med leverantörerna. Entiteten som rekommenderas är produkt som individ för att informationen i området har behov av förbättrad hantering och entiteten är nära kärnverksamheten. Orchestra Networks är leverantören som rekommenderas för att de ligger i framkant inom MDM, de är nischade mot området och är starka inom produktinformation. / Enterprises has different departments and the information from them needs management. Master Data Management(MDM) is an information handling system for handling information from different sources.  One entity at the time is implemented to MDM. The work's problem is to recommend the next entity to include in the MDM implementation at Scania as well as which provider fits the implementation. A recommendation of entity is prepared from materials provided by Scania and interviews with employees at Scania. A recommendation of provider is prepared from materials from the providers and interviews with the providers. The recommended entity is product as individual because information in the area needs improved management. Orchestra Networks is the recommended supplier because they are a leader among the MDM providers, they are specialised in the area and they are strong in the product information area.

Data governance

master data

Master Data Management

domain

multidomain

data quality

MDM

information management

Data governance

masterdata

Master Data Management

domän

multidomän

datakvalité

MDM

informationshantering

Information Systems

Governança da informação: viabilizadores e inibidores para adoção organizacional. / Information governance: enablers and inhibitors for orgazational adoption.

Assis, Celia Barbosa

02 April 2018

A Governança da Informação (GI) é uma nova abordagem para a governança dos ativos informacionais nas organizações, resultando de desafios como o crescimento exponencial de dados, novas e mais complexas regras do negócio e de um contexto competitivo mais regulado e litigioso. O objetivo principal da pesquisa foi investigar como fatores organizacionais, relacionais e de Tecnologia da Informação (TI) podem atuar como viabilizadores, inibidores ou componentes da adoção da Governança da Informação em instituições. Alicerçada na revisão de literatura, foi feita uma pesquisa qualitativa descritiva e exploratória, baseada em vinte e um estudos de caso de empresas brasileiras escolhidas por apresentarem alta intensidade de utilização de informações em seus processos, produtos e serviços. A pesquisa apresenta como contribuições teóricas a proposta de dois modelos: uma Matriz para Comparação entre Governanças Institucionais, usada para diferenciar aspectos das Governanças Corporativa, da Informação, de TI e de Dados; e uma Matriz de Fatores Viabilizadores e Inibidores, com fatores derivados da teoria e das observações dos estudos de caso. As contribuições práticas compreendem: diferentes visões sobre o impacto dos fatores previstos em teoria, principalmente considerando-se a atuação dos entrevistados, a segmentação econômica e os portes das empresas; e fatores não previstos na teoria, como a falta de alinhamento entre TI e áreas de negócios, a cultura da empresa, os avanços da tecnologia e a gestão de mudanças. A comparação entre teoria e prática sugere maior polarização em fatores como: cultura de acumulação de dados; práticas e políticas organizacionais; comunicação entre áreas; e, educação dos usuários. Como conclusão destaca-se que a GI é entendida nas empresas como uma disciplina específica dos negócios, fundamental para atribuir sentido aos estudos empresariais e para suportar projetos e processos coerentes e eficazes. / Information Governance (IG) is a new approach to the governance of the organizational information assets, resulting from challenges such as exponential data growth, new and more complex business rules and a more regulated and litigious competitive context. The main objective of the research was to investigate how organizational, relational and Information Technology (IT) factors can act as enablers, inhibitors or components for IG adoption in companies. Supported by a literature review, an exploratory-descriptive qualitative research was carried conducted, based on 21 case studies from Brazilian companies selected by information high intensity usage in processes, products and services. The theoretical contributions of the research are two proposed models: a Matrix for Institutional Governance Comparison, to be used for differentiating Corporate, Information, IT and Data governance; and an Enablers and Inhibitors Matrix, with factors derived from theory and case studies. Practical contributions are different views from theory, especially related to the interviewee\'s professional area, industry and company size; unpredicted factors such as lack of alignment between IT and business areas, institutional culture, technology advancements and change management. The comparison between theory and practice suggests greater polarization in factors such as data accumulation mentality, organizational practices and policies, communication between areas and users education. The research concludes that IG is a business-specific discipline, fundamental to sensemaking for company studies and support to coherent and effective organizational projects and processes.

Case study

Corporate governance

Data governance

Governança corporativa

Information governance

Information technology

Information technology governance

Tecnologia da informação

Incorporating Data Governance Frameworks in the Financial Industry

Randhawa, Tarlochan Singh

01 January 2019

Data governance frameworks are critical to reducing operational costs and risks in the financial industry. Corporate data managers face challenges when implementing data governance frameworks. The purpose of this multiple case study was to explore the strategies that successful corporate data managers in some banks in the United States used to implement data governance frameworks to reduce operational costs and risks. The participants were 7 corporate data managers from 3 banks in North Carolina and New York. Servant leadership theory provided the conceptual framework for the study. Methodological triangulation involved assessment of nonconfidential bank documentation on the data governance framework, Basel Committee on Banking Supervision's standard 239 compliance documents, and semistructured interview transcripts. Data were analyzed using Yin's 5-step thematic data analysis technique. Five major themes emerged: leadership role in data governance frameworks to reduce risk and cost, data governance strategies and procedures, accuracy and security of data, establishment of a data office, and leadership commitment at the organizational level. The results of the study may lead to positive social change by supporting approaches to help banks maintain reliable and accurate data as well as reduce data breaches and misuse of consumer data. The availability of accurate data may enable corporate bank managers to make informed lending decisions to benefit consumers.

Basel Committee on Banking Supervision

BCBS 239

Data governance frameworks

Operational costs and risks

Business

Databases and Information Systems

Finance and Financial Management

Governança da informação: viabilizadores e inibidores para adoção organizacional. / Information governance: enablers and inhibitors for orgazational adoption.

Celia Barbosa Assis

02 April 2018

A Governança da Informação (GI) é uma nova abordagem para a governança dos ativos informacionais nas organizações, resultando de desafios como o crescimento exponencial de dados, novas e mais complexas regras do negócio e de um contexto competitivo mais regulado e litigioso. O objetivo principal da pesquisa foi investigar como fatores organizacionais, relacionais e de Tecnologia da Informação (TI) podem atuar como viabilizadores, inibidores ou componentes da adoção da Governança da Informação em instituições. Alicerçada na revisão de literatura, foi feita uma pesquisa qualitativa descritiva e exploratória, baseada em vinte e um estudos de caso de empresas brasileiras escolhidas por apresentarem alta intensidade de utilização de informações em seus processos, produtos e serviços. A pesquisa apresenta como contribuições teóricas a proposta de dois modelos: uma Matriz para Comparação entre Governanças Institucionais, usada para diferenciar aspectos das Governanças Corporativa, da Informação, de TI e de Dados; e uma Matriz de Fatores Viabilizadores e Inibidores, com fatores derivados da teoria e das observações dos estudos de caso. As contribuições práticas compreendem: diferentes visões sobre o impacto dos fatores previstos em teoria, principalmente considerando-se a atuação dos entrevistados, a segmentação econômica e os portes das empresas; e fatores não previstos na teoria, como a falta de alinhamento entre TI e áreas de negócios, a cultura da empresa, os avanços da tecnologia e a gestão de mudanças. A comparação entre teoria e prática sugere maior polarização em fatores como: cultura de acumulação de dados; práticas e políticas organizacionais; comunicação entre áreas; e, educação dos usuários. Como conclusão destaca-se que a GI é entendida nas empresas como uma disciplina específica dos negócios, fundamental para atribuir sentido aos estudos empresariais e para suportar projetos e processos coerentes e eficazes. / Information Governance (IG) is a new approach to the governance of the organizational information assets, resulting from challenges such as exponential data growth, new and more complex business rules and a more regulated and litigious competitive context. The main objective of the research was to investigate how organizational, relational and Information Technology (IT) factors can act as enablers, inhibitors or components for IG adoption in companies. Supported by a literature review, an exploratory-descriptive qualitative research was carried conducted, based on 21 case studies from Brazilian companies selected by information high intensity usage in processes, products and services. The theoretical contributions of the research are two proposed models: a Matrix for Institutional Governance Comparison, to be used for differentiating Corporate, Information, IT and Data governance; and an Enablers and Inhibitors Matrix, with factors derived from theory and case studies. Practical contributions are different views from theory, especially related to the interviewee\'s professional area, industry and company size; unpredicted factors such as lack of alignment between IT and business areas, institutional culture, technology advancements and change management. The comparison between theory and practice suggests greater polarization in factors such as data accumulation mentality, organizational practices and policies, communication between areas and users education. The research concludes that IG is a business-specific discipline, fundamental to sensemaking for company studies and support to coherent and effective organizational projects and processes.

Governança corporativa

Tecnologia da informação

Case study

Corporate governance

Data governance

Information governance

Information technology

Information technology governance