It refers to the involvement f various processes and controls in order to ensure that data and

information gathered are unique, true, and accurate and can meet the prescribed standards and
business rules in a system. This is done by data cleansing or data scrubbing, which strips out inaccurate,
corrupted, and duplicated data in order to eliminate the amount of redundancy.

Data governance is simply making sure your company's data is accurate, reliable, and used correctly.

- A bank: Data governance ensures customer data is accurate and secure, complying with privacy
regulations (like GDPR). Poor data governance could lead to incorrect loan approvals or identity theft.

DG ensures that formal management controls are implemented to improve the quality of data and to
avoid the critical effects of poor data.

Data governance encompasses the ff elements:

People: It is the most basic and influential part of DG who will be responsible for a business
organization’s data assets. This team needs to be carefully chosen and responsible for ensuring data
quality and supporting data governance initiatives. They must make sure data rules align with the
company's needs and that everyone who needs it can easily access the data.

Process: Clear, well-defined processes are essential for how data is handled throughout its lifecycle.
This includes how data is stored, modified, accessed, moved, and secured. The company must ensure
that all its data control, auditing, and monitoring processes comply with relevant industry regulations.

Technology: While technology is important, it's not enough on its own. Business organizations should
understand that data governance cannot be successful with the use of technology alone. They also need
to leverage business solutions that will help them improve their governance initiatives. For example,
this could involve using software to enforce rules, monitor data, and improve data quality.

IT GOVERNANCE Is the fundamental approach that assures stakeholders that a business organization’s
investments in IT create high business value and contribute toward meeting laudable business
objectives. Information Technology Governance (ITG) is simply ensuring a company's technology
investments deliver value and meet its goals. It's about making sure the company's technology is
used effectively and efficiently, and that it complies with all relevant rules and regulations. For
example, A company has a lot of technology – computers, software, networks, etc. ITG is the system
of rules, processes, and people that make sure all that technology is used to achieve the company's
business objectives. It's about aligning technology with business strategies.

COBIT (Control Objectives for Information and related Technology). COBIT (Control Objectives for
Information and Related Technology) is a widely used framework to help companies manage their
information technology (IT). It's a set of guidelines and best practices that provide a structured
approach to IT governance. CobiT deals with many issues and concerns related to technical issues,
compliance, control requirements, and risks in business such as Reducing IT risks and gaining more
business value from IT, Assisting in the completion of regulatory compliance requirements, Employing a
structured approach to improve the reporting and decision-making of the management of an
organization and Presenting a valuable solution to control assessment and project implementation in
order to enhance IT asset control.

COBIT works on three levels within an organization:

2. IT and Business Management: Implements the strategy and manages daily IT operations.

3. Security Level (Workers): Ensures security and compliance at the operational level.

4 IT DOMAINS

. Plan and Categorize: This domain focuses on aligning IT with business goals, defining strategies, and
creating a plan for IT initiatives.

Acquire and Apply: This domain deals with acquiring and implementing the necessary resources to
support the IT plan.

Deliver and Support: This domain focuses on delivering IT services and providing ongoing support.

Monitor and Evaluate: This domain involves monitoring the performance of IT systems and processes,
and evaluating the effectiveness of IT initiatives.

ITIL ( Information Technology Infrastructure Library) refers to a set of an organization’s best process
oriented practices that us identified in order to regulate the delivery of its IT services management. This
approach is widely acceptable for both public and private sectors that focus on IT service management
compared with other ITG frameworks, ITIL offers fundamental guidance to business organizations on the
use of IT tools that facilitate change and transform business.

In short: COBIT is about why and how IT is governed and managed strategically; ITIL is about how IT
services are delivered and supported operationally.

Information Governance (IG) is like the big-picture management of all the information within an
organization. It's about making sure that the information the company creates, uses, and stores is
handled properly and securely. IT Governance (ITG) and Data Governance (DG) are parts of this larger
IG process. They're more focused on specific aspects of managing information, such as how
technology and data are used, but Information Governance is broader and includes everything.

A hospital

IT Governance (ITG): This would focus on the systems and technology the hospital uses to store and
process that information. It would focus on things like choosing the right software, ensuring IT
systems are secure, and making sure the technology supports the hospital’s goals.

Data Governance (DG): This part would focus on making sure that the hospital’s data is accurate,
reliable, and consistent. It might include setting rules for how patient data is entered into systems
(e.g., making sure names are spelled correctly, dates are formatted consistently), who can access it,
and how it's used.

Information Governance (IG): Think of IG as the overall management of all the information in the
hospital. It ensures that the hospital’s patient records, financial data, medical research, and other
documents are handled in a way that reduces risks, ensures security, and complies with laws (like
health privacy regulations). IG will ensure the information is stored safely, accessible when needed,
and accurate.

Functions of IG and IT

Users in business units can generate reports and databases and should take full responsibility when
governing information. Information should be managed in accordance with regulatory and legal
requirements and established practices and standards. The IT department must manage IT processes
and activities in accordance with the IG program. Activities that improve efficiency and effectiveness,
quality software development processes, and quality of data can contribute to the overall information
governance program.

IG PLATFORMS

Electronic mail (e-mail) is one of the major areas that information governance should focus on. It is
commonly used as a communication tool by most business organizations. It is essential to implement IG
for email communications and activities.

E-mail archiving is a method of e-mail management and information governance practice that allows
users/employees to use and retain secured and protected company’s e-mail.