Audit professionals are concerned about data governance. Source: Shutterstock

Audit professionals are concerned about data governance. Source: Shutterstock

Gartner says companies need better data governance in 2020

DATA PROTECTION is a top priority for most organizations, and going into 2020, more business leaders — including audit professionals — are looking into how the business captures, stores, and uses data.

Neglecting to protect data is no longer an option as the consequences, which range from regulatory fines to damages to the company’s reputation, could be potentially catastrophic.

According to a recent Gartner survey of senior audit professionals, data governance has risen to the top spot of chief audit executives’ (CAEs)audit concerns, up from second place last year. In fact, compared to cybersecurity preparedness, data governance is a bigger concern.

“Increased regulatory scrutiny has pushed governance risks, along with related data management challenges such as third-party ecosystems, cyber vulnerabilities, and data privacy, as major concerns for audit departments,” read the analyst firm’s note to the media.

Gartner Audit Practice VP Malcolm Murray believes that despite the strategic importance of data, organizations have been slow to adopt data governance frameworks, putting them at risk of large fines, of poor strategic decision making and of misallocation of critical resources.

“Data management failures have drawn regulatory and public scrutiny, leading to increased regulatory burdens and pressure on organizations and their use of data,” said the Gartner VP.

Organizations preparing for 2020, according to the analysts, must think about wrapping their head around data governance and setting up a strong framework to ensure the customers and stakeholders are well protected.

Gartner’s survey revealed that nearly 80 percent of executives agree that companies will lose competitive advantage if they do not effectively utilize data, and 49 percent say data can be used to decrease expenses and create new avenues for innovation.

Data is obviously going to drive the digital transformation agenda in the coming year and help businesses climb the digital maturity curve. As a result, businesses must be more responsible with how they capture, store, and use data — proactively.

More than half of organizations today told Gartner that they lacked a formal data governance framework and a dedicated budget. Moving into 2020, that will no longer be acceptable.

As CAEs audit their data management practices, audit teams should pay special attention to security controls around data assets, data migration plans, and backups for critical data assets.

To ensure compliance with varying regulations — in the EU, the US, and Asia — organizations must also review their controls and rules around collection and retention, and ensure deletion policies exist.

Overall, Gartner’s survey makes it clear that data protection and governance is on the auditor’s agenda.

Companies that take action now to demonstrate that they’re able to protect data will also be able to better leverage that data to delight customers and optimize operations.

Failure to establish a data governance framework might not immediately impact a business, but will definitely hamper trust, transparency, and reliability when it comes to delivering on customer and stakeholder expectations.