PARIS/BOSTON – MEGA International, a global enterprise architecture and data governance SaaS software company, presents the results of a study conducted by the Enterprise Strategy Group institute on the evolving role of data governance. For organizations undergoing digital transformation, good data governance practices play a strategic role. As the amount of data and its value to the business continue to grow, so does the importance of managing its availability, usability, integrity, and security.

To understand the benefits and challenges of data governance initiatives, establish the current state of deployments, identify gaps, and highlight future expectations, Enterprise Strategy Group surveyed 376 IT and business decision makers currently responsible for governance technologies, processes, and programs used to manage their organizations’ data.

The study sheds light on the evolution of the implementation of data governance within organizations and uncovers what motivates them to implement data governance practices and the key challenges they face during implementation.

Key findings include:

  • Every two years the data used by companies is doubling along with the share of personally identifiable data (PII) which accounts for 35 % of that data.
  • 56 % of companies surveyed have experienced cyberattacks that undermine their data governance efforts.
  • 52 % percent of respondents say the most important functionality of a data governance tool should enable improved data security, while 38 % cite building resilience to cyber-attacks.
  • Faced with increasing business challenges and risks related to data management, 85% of companies plan to increase their investments in tools to manage data governance, and 31% indicate that this increase will be significant.


Organizations have a huge amount of data to manage, most is unstructured, and growth is not slowing

On average, companies manage about 3 petabytes (PB) of data, about two-thirds of which would be unstructured. With an average annual growth rate of about 40%, there is no relief in sight. For many organizations, that means their data will double every two years or so. This type of data growth can strain any IT initiative, especially less automated and less mature data governance programs.


Personally identifiable information (PII) is unavoidable and can’t be ignored when it comes to sound data governance compliance and risk management

Personally identifiable data accounts for more than a third of the data collected by organizations, which is not without its own high-risk issues related to the explosion in cybersecurity and regulatory compliance. On average, sensitive data accounts for 35% of all stored data, and this data resides in many different environments spanning the typical IT ecosystem. Interestingly, 88% of respondents believe most of their organization’s PII resides in their structured data sets.


Data governance practices are maturing, and stakeholder roles are evolving

62% of organizations have had a data governance program in place for at least five years. And nearly two-thirds (65%) of organizations report having a dedicated data governance team consisting of managers, a steering committee, and even data stewards. Nearly half the people surveyed say IT is no longer the sole owner of data governance programs, and that participation now includes c-level executives and even boards of directors for oversight and guidance.


Non-compliance has a range of negative business impacts

Organizations are faced with a great deal of complexity and lack a unified technology approach. Specifically, when it comes to regulations, non-compliance has a wide range of negative business impacts. The top three risks identified are related to the addressing cyber risks (22%), the impact on IT activities (19%), and the addressing data management regulations (11%).

In response to these risks, various measures have been put in place to ensure the secure and compliant use of data while guaranteeing the confidentiality of sensitive data. Unfortunately, 41% of respondents still report using manual processes to manage data which may lead to more incidents of sensitive data exposure.


Download the full report


Research methodology and demographics

To gather data for this report, Enterprise Strategy Group (ESG) Research conducted a comprehensive online survey of 376 IT professionals from private- and public-sector organizations in North America (United States and Canada) from August 2-5, 2022. To qualify for this survey, respondents were required to be IT and line-of-business professionals personally responsible for data governance technologies, processes, and programs used to manage their organizations’ data.


About MEGA International

MEGA International is a global SaaS software company with offices in 11 countries. The company provides leading software solutions for Enterprise Architecture, Business Process Analysis, Governance, Risk and Compliance and Data Governance to guide organizations in their business transformation initiatives.  MEGA created a collaborative SaaS platform, HOPEX, that offers a single repository to help companies collect, visualize, analyze, and communicate information to better plan and adapt to change. With 350 multicultural dynamic employees, MEGA supports more than 2000 clients in 52 countries.