Data Governance Is Risk Number One

  • Post author:

By Russ Banham


The integrity of a building rests on its foundation, which holds the structure upright and keeps it from collapsing. In many companies today, data is the foundation of their digital transformations, supporting ways to generate innovations, streamline operations, reduce costs and assist in better business decisions. If this foundation is weak, the digital transformation may collapse.

Inaccurate, insufficient or out-of-date information assets in a data-driven organization increase the risk of making regrettable decisions, resulting in lost business opportunities, unadvisable acquisitions, poor capital investments and declines in workforce morale and reputation—to just scratch the surface.

“If the data is not reliable or of poor quality, less-than-optimal business decisions are likely,” said Bill Tomazin, Managing Partner, West Region and National Audit Solutions, at KPMG LLP U.S.

The solution is a robust data governance framework designed to enhance the accuracy, integration, access, security and management of data across the organization. The key word is “governance,” a set of guidelines focused on the integrity of data and how these assets are acquired, used and protected to help drive decisions that culminate in maximum competitive advantage.

The difficulty is that no two data governance frameworks are exactly alike, given the diverse strategic goals and myriad of business and market challenges confronting different types of organizations. In this regard, audit professionals should strongly encourage companies to build a governance framework that provides greater data transparency, accountability and stewardship. 

“Digital data, complemented by intelligent technologies like predictive analytics, RPA (robotics process automation) and machine learning are profound ways to sharpen insights into business opportunities and risks,” said Tomazin. “These are the same tools that today’s digitally savvy `next-gen auditors’ are leveraging themselves to drive sustained improvements in audit quality.”

Audit teams also are in a unique position to understand the complexities of clients’ strategic goals and operations, as well as their market, competitive and regulatory environments. And they’re cognizant of the governance challenges that can emerge when multiple parties are involved in the exchange of data on a shared platform, the case with manufacturing and health care supply chains.

A recent report by the American Institute of Certified Public Accountants, An Overview of Data Managementaffirmed that audit teams “already are familiar with applying many (data governance) principles to the financial data that they work with on a regular basis. (They) can play a key role in enabling data governance, and ensuring it is aligned with an organization’s overall corporate governance processes.”

Data-Driven Decision-Making

No business leader would disagree that digital data and intelligent technologies are enablers of more-insightful decisions. However, many CEOs and other senior executives distrust the accuracy of their data, according to Guardians of Trusta KPMG International report that captured the viewpoints of 2,200 business leaders who led strategic data initiatives.

Commissioned by KPMG and undertaken by Forrester Consulting, the survey found that only 35 percent of C-level leaders have a high level of trust in their organization’s use of data and analytics, with 92 percent stating concerns about the reputational impact of machine-based decisions. “Businesses want the benefits that digital and automation can deliver, but they don’t always trust the underlying analytics that power those machines,” the report stated.

One of the report’s key takeaways is the need for companies to create effective governance frameworks and controls to build trust in data and analytics. In this regard, organizations must establish rules governing the harvesting, integration and use of both structured and unstructured data, and ensure the integrity of the algorithms designed to obtain insights from the data repository, the study maintained.

Tomazin concurred: “Without a governance framework, something will go wrong at some point and expose the organization to unexpected business ramifications,” he explained. “Consequently, the first step in managing this risk is a candid assessment of the trustworthiness of the data to be digitized, stored and shared. The next step is to create a management and workforce culture that appreciates the importance of data integrity and that is well aware of its business value.”

An example of this value is customer data, which can generate improvements in customer service, driving revenue generation through repeat sales and positive word of mouth. Once this information is gathered, it needs to be digitized, classified and validated against the organization’s governance rules. Questions abound: Is the data relevant to our strategic sales, marketing and customer service plans? Will this data be useful to corporate decision-making? Will it bring about regulatory compliance issues?

However, the rapidly growing volumes of data inundating all organizations make it challenging to make these determinations. Audit teams can help companies ensure superior data governance by evaluating the data governance framework as part of their assessment of the organization’s internal controls.

“When you boil it down, what audit teams do in its simplest form is risk assessment and response,” Tomazin said. “Through our evaluation of (a company’s) internal controls and the substantive test work we perform, our job is to independently corroborate management’s assertions and identify material misstatements that that may exist in the financial statements and underlying data.”

This task increasingly entails the use of intelligent technologies like RPA and machine learning to visualize the meaning of data. “Today’s next-gen accountants and auditors are using everything from simple automation tools that assess large data sets to make fairly binary decisions, to cognitive technologies that can evaluate complex forms of structured and unstructured data to ferret out correlations and anomalies” he explained.

Tomazin pointed to KPMG’s partnership with IBM Watson in the use of the latter company’s cognitive technology solutions to enhance the firm’s advanced audit capabilities. “Using the Watson tool, audit teams are able to analyze extremely large volumes of data at rapid speeds, using natural language processing to understand and evaluate this information,” he said.

Given the increasingly sophisticated technologies designed to draw insights from data, management and audit teams that stay in the know will put themselves in strong positions to produce outcomes for their clients and themselves. 

Russ Banham is a Pulitzer-nominated financial journalist and best-selling author.

Leave a Reply