In an extensive white paper, Evan Wheeler, FAIR Institute Advisory Board Member and VP of Risk Management at Fintech firm NVDR, makes a strong case for the importance of data quality, integrity, and usability as core tenets of the data governance process and argues for the Risk team to take a leadership role.
Download the white paper: Data Governance Practices for Cyber Risk Management
“Data is the lifeblood of the organization,” Evan writes. “…A good data governance program can shape a firm’s decision-making process, but it isn’t a small undertaking.”
The white paper goes into depth on strategy and tactics of data governance, including:
- Steps to launch a data governance program
- How to create a data catalog
- Setting up controls to ensure data quality
- Special considerations for data quality in FAIR™ quantitative risk analysis.
- Data governance use cases
- How the Risk team can lead by example by exercising good governance over its data sources
Evan also argues for a change in the “crown jewel” mindset toward data that’s been dominant in cybersecurity. “The concepts of need to know and least privilege are foundational principles for most cybersecurity programs,” he writes. “Unfortunately, this leads to a mentality of locking it away in a vault that is very difficult to access… Data needs to be treated as a strategic asset, not a rare diamond…Let’s recognize that data exists to be shared.” He goes on to define some guidelines for minimizing loss exposure while allowing data to flow freely through the organization. Download the white paper: Data Governance Practices for Cyber Risk Management
Related blog post by Evan Wheeler: Why Risk Teams Should Be Champions for Data Governance in Fintech Firms
