Data Governance survey reveals lack of confidence in boards

Despite a number of high-profile data breaches and continuing concerns around cyber-security, nearly two thirds of organisations don’t believe their board has sufficient understanding of current data governance challenges, according to a report released by the Governance Institute of Australia. Data Governance in Australia found a majority of respondents surveyed were not positive about how their organisation manages and protects important data, with 57% describing it as ‘average’ and 4% as ‘poor’.

It also found that more than half of organisations do not have a data governance framework, mostly due to lack of capacity or resources.​

Governance Institute Chair, Pauline Vamos said data is an increasingly valuable asset that boards and senior managers across all sectors need to prioritise as a matter of urgency.​

“It is critical that organisations design, introduce and implement an effective data governance framework to maximise customer service and the commercial value of data while also minimising risk - particularly reputational risk,” Ms Vamos said.

Ms Vamos said the results revealed a number of important insights into the challenges of keeping pace with technological advances, reporting to the board, protecting assets and maintaining the trust of stakeholders.  

“Just under three quarters of organisations link data governance to the overall governance/ risk management strategy,” Ms Vamos said.

“Less than half report data governance to the board, and if they do, the variation on the frequency of reporting is significant.”

The report is the result of a key strategic research partnership between the Governance Institute and Macquarie University’s DataX Research Centre, together with a panel of experts to provide contextual analysis.​

The report’s findings are based on a survey of 345 CEOs/C-suite executives, non-executive directors, and senior governance and risk professionals.

Key findings include:

- Almost 60% say the board does not have an understanding of the organisation’s current data governance challenges.

- The standout risk around data governance is cyber-attacks, followed by emergent technologies and AI.

- Siloed data holdings, underestimating the value of data and not having proper data governance frameworks are key issues for organisations in 2023.

- A third of organisations don’t have data governance on the risk register.

- Just under a third of organisations regularly purge data, mostly on an annual basis.