February 04, 2014

Forty-four percent of companies don't have a formal data governance policy, and 22% of firms without a data policy have no plans to implement one. That's one of the key findings of a newly released data governance survey conducted by Rand Secure Data, a division of Rand Worldwide.

Rand's 2013 Data Governance Survey included responses from 454 organizations regarding the state of their in-house data governance policies. Survey respondents included representatives from well-known private and public-sector enterprises, including Disney, Motorola, Shell, the City of Los Angeles, and the University of Virginia.

The report makes it clear that data governance, such as a set of enterprise-wide processes for managing data archiving, backup, and e-discovery, isn't new to large organizations. But the number of respondents who said their company lacks a formal data governance policy is surprisingly high.

[ Read: Insurance CIOs Must Bridge Gap on Security: Novarica. ]

Some survey respondents said this lack of planning could have unwanted consequences. "If we don't get a decent data governance strategy and acceptable data governance statutes in place over the next two years, we will face the risk of losing data, losing control and track of data, and lawsuits," one respondent wrote.

The survey showed a vastly different level of involvement in the subregions of data management. For instance, more than 98% of respondents said their organization has a backup program in place, with 95% reporting backups of all data on a regular basis.

But there seems to be considerable less interest in e-discovery and managing stockpiles of data in case of litigation. Just over a third of respondents said their organization couldn't "easily produce" data for discovery, and the same percentage said they couldn't "prove the integrity" of data in the event of ligation.

Read the rest of this article on InformationWeek