New Study Reveals Only 6% of Enterprises Are Prepared for GDPR, with Less Than Four Months Until the Data Privacy and Security Regulation Goes into Effect

erwin’s 2018 State of Data Governance Report shows organizations recognize the importance of data governance but lack understanding, executive support and budget

Melville, N.Y., Feb. 12, 2018 – With less than four months until the May 25 effective date for the European Union’s General Data Protection Regulation (GDPR), a bare 6% of enterprises say they are prepared for the upcoming regulation, reveals a new research report issued today from erwin, Inc. The company’s 2018 State of Data Governance Report does indicate broader awareness and enterprise focus for data governance, yet challenges remain in terms of understanding, executive support and financing.

Commissioned by erwin through UBM, the reports shows that 98% of respondents view data governance as either important or very important from a business perspective; however, a disquieting 46% don’t have a formal governance strategy in place. More than one in five (21%) are just getting started, meaning they are in the data discovery and inventory phase, and 63% either don’t have a budget for data governance or don’t know if they have one. At 40% of the organizations surveyed, the IT department continues to foot the bill for data governance expenses.

UBM surveyed North American business technology professionals representing more than 16 sectors, including financial services, government, healthcare, IT and telecommunications, about their attitudes toward data governance. Among the 118 respondents were CIOs, CTOs, data center managers, IT staff and consultants.

“The results of the State of Data Governance Report are validating but also a bit shocking,” explains Mariann McDonagh, CMO for erwin. “The fact that 94% of organizations are not prepared for what is arguably one of the most important data privacy and security regulations in recent years – with fines up to four percent of their global revenues – is stunning. However, on the flip side, organizations are now finally recognizing that governing data assets goes well beyond risk management and compliance. To fully realize the value of its data, an organization needs the ability to discover, understand, govern and socialize data assets beyond IT’s shadow. To mitigate risks and realize the desired business results, data stakeholders across the enterprise must be empowered to act as data citizens, and that includes IT and the business funding an ongoing process.”

Other key findings:

  • Both IT and the business are responsible for data governance at 57% of the organizations surveyed. Just 34% have put IT solely in charge of data governance.
  • The IT department continues to foot the bill for data governance at 40% of organizations. Budget for data governance comes from the audit and compliance function at 20% of organizations, while the business covers the bill at just 8% of the companies surveyed.
  • When asked to identity the top three drivers of data governance initiatives, 60% of respondents say their biggest driver is the need to comply with regulatory mandates. However, compliance is not the only driver with 49% seeing data governance as a way to improve customer satisfaction, and 45% use it to support better decision-making. Reputation management and analytics are two other relatively big drivers with 30% and 27%, respectively.
  • Big Data is another big driver with 22% of the responding organizations claiming to have more than 10 petabytes of data under management. One-fifth of respondents say Big Data is one of the top reasons for implementing a data governance program.
  • 66% percent say that understanding and governing enterprise assets has become more important or very important for their executives. For 64%, data assets are somewhat or much more valuable to the organization than physical assets.
  • 68% point to the CIO as driving the process. At four in 10 – or 39% – the data architecture lead drives data governance activities, at 32% the CEO is the biggest cheerleader, and at 34% the CEO is the one advocating it the most.
  • Less than one-third of organizations have a fully implemented data governance program. At 42% of the organizations, data governance is a work in progress. Most of the enterprises have completed the data discovery phase and are now developing policies and processes, business rules, data definitions and classifications.
  • 27% have fully connected the enterprise architecture (EA) and data governance functions.

“The survey presents a cautionary tale about what enterprises need to do in 2018 to move their data governance agendas forward,” adds McDonagh. “It shows that while the business is beginning to realize the potential of data governance, it is not entirely clear on how to justify the budget or how to move the ball forward. We suggest starting with clear goals about what you want your program to achieve, building a budget to justify it like any other business initiative, educating and involving all data stakeholders, and absolutely getting ready to meet the requirements for GDPR.”

Learn More:


Back to News