Data governance can be dismissed as ‘applied common sense’, or balked at as an impossible endeavour which once embarked upon, will never end. The fact that one end of the data governance spectrum can seem a bit frightening means many organisations tend towards the other, and wind up doing the absolute minimum in order to get by …
Oooo. Sticky topic.
More so when you consider that in almost every case IT is looked at as a terrible burden. It's a cost center with little to no value in most organisations, excepting that it makes regulatory overhead slightly less burdensome. When regulatory burdens start creeping into IT, driving the costs up once more...
...yeah, lots of businesses just won't comply. The smaller your business, the more this regulatory burden will prove to be a barrier to entry into any market, yet the larger the business the more this regulatory burden is absolutely required.
One extra accountant, systems administrator or consultant for AT&T is less than a rounding error on the payroll. One extra accountant, systems administrator, or contractor for a 50 employee organisation can be the difference between profit and loss. The hell of it being that it’s the AT&Ts for whom these rules need to exist; while smaller enterprises make mistakes in data governance, the impacts of such are practically insignificant.
Plus, after making those mistakes, that small company isn’t around anymore. The AT&Ts of the world can do whatever they feel like, and nothing seems able to touch them.
So how to deal with this from an IT perspective? Formalise your operations and procedures so much that you end up requiring additional staff? Run your existing wetware harder until it burns out? Get an outside consultant who might or might not be trustworthy, but will most assuredly be expensive?
I am unsure there is a single “right answer.” The approach needs to vary with the details and culture of each organisation…but there comes a point where the regulatory burden on SMEs will be so much that many of them will simply be forced to close.
I wonder if maybe that’s The New Corporate Strategy for large enterprises. Cause such a ruckus that new regulations must be enacted. Then cause a ruckus to force the application of those regulations as broadly as possible so as to disproportionately burden smaller competitors.