The Difference Between Data Governance and IT Governance

Cindy Ng compares and contrasts IT and data governance, which are inextricably connected and vital to an organisation’s operations.

Lately, we’ve been so focused on data governance, extracting the most value from our data and preventing the next big breach, many of us have overlooked IT governance fundamentals, which help us achieve great data governance.

The source of some of the confusion is that data and IT governance have very similar and interdependent goals. Broadly speaking, both processes aim to optimize the organization’s assets to generate greater business value for the organization.

Since IT and data governance are so inextricably connected and vital to an organisation’s operations, how about we compare and contrast the two.

What is IT Governance?

IT governance ensures that the organization’s IT investments support the business objectives, manage the risks, and meet compliance regulations.

Examples of organization’s IT investments: physical and technical security, encryption, servers, software, computer and network devices, database schemas, and backups.

It’s often argued that these investments are considered a cost center rather than a money generator. Here’s some tough talk: organizations wouldn’t be able to operate, optimize or even generate revenue without IT.

In short: no IT, no data, and no business.

But good IT operations require dedicated leadership to ensure that tech investments are maximized.

Stakeholders involved in the success of IT governance include the board of directors, executives in finance, operations, marketing, sales, HR, vendors and, of course, the chief information officer (CIO) as well as other IT management.

The key individual who’s responsible for aligning IT governance to the organization’s business goals is the CIO.

To accomplish their goals, CIOs will often use existing data governance frameworks, created by industry experts. These frameworks also provide implementation guides, case studies and assessments. Here are some frameworks you may have heard of:

COBIT 5: A staple in the industry, this framework helps enterprises with IT governance, business optimization, and growth by leveraging proven practices. This framework is based on five key principles for governance and management of enterprise IT:

  1. Meeting Stakeholder Needs
  2. Covering the Enterprise End-to-End
  3. Applying a Single, Integrated
  4. Enabling a Holistic Approach
  5. Separating Governance From Management

Continue reading this post on the Varonis blog

Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at  

Sign up to the Government News newsletter