They say 'data is the new gold,' and indeed, its value is immeasurable. To harness this value, data must be free of quality issues, adequately protected, and governed as a valuable asset. In the realm of data governance, the Australian Prudential Regulation Authority, APRA, introduced guidelines encapsulated in CPG 235 in 2013.
Data, as one of the most valuable assets for regulated entities, demands attention to information and IT risks. APRA emphasises the importance of implementing data risk management practices to apply adequate controls throughout the data lifecycle.
Integral to a bank's change management initiative, the data management framework must become a business-as-usual process. Clearly defined roles and responsibilities, including chief data officers, data custodians, owners, and stewards, play a crucial role.
Firm-wide campaigns are essential to onboard non-data professionals, fostering adherence to policies and standards outlined in the data management framework.
Identifying and mitigating risks at each stage is crucial. Data lineage diagrams are invaluable, aiding in improving data quality, implementing controls, and automating processes.
Transparency is key. Meta-data repositories with business glossaries, data transformation logic, and controls on data access ensure security, integrity, and fitness-for-purpose, especially in outsourcing or offshoring scenarios.
A robust Data Quality (DQ) issue management framework is vital. Designated teams work towards identifying, resolving, and reporting DQ issues as part of business-as-usual processes.
In the final leg of CPG 235, APRA expects regulated entities to seek regular assurance that data quality is appropriate. Internal audit or independent functions conduct systematic assessments, ensuring effective data risk management over time.
Subscribe to our newsletter for updates and stay at the forefront of data governance practices. Adopt a holistic approach with CPG 235 Managing Data Risk, fortifying your data as a strategic asset.
Send us your details and we’ll get back to you to schedule a time to talk.