Data governance was not reported to the board of 51 per cent of Australian companies surveyed by the Governance Institute of Australia (GIA).
The survey polled 345 CEOs/C-suite executives, nonexecutive directors, and senior governance and risk professionals, and a report about the results was by the Governance Institute and Macquarie University’s DataX Research Centre.
The Data Governance in Australia report states that almost two-thirds (58 per cent) of those surveyed said their boards lacked a sufficient understanding of their organisation's data governance strategies.
Fifty-one percent of survey participants cited a deficit of formal technology skills and education as the main reason for the lack of understanding among boards.
Almost half (46 per cent) said that they didn't have a data governance framework, with 64 per cent citing lack of capacity as the reason.
Many survey participants said their organisations weren't doing enough to protect data.
"The majority of respondents are not that positive about how their organisation manages and protects data," GIA president and chair Pauline Vamos stated in the report.
"While 34 per cent said it was excellent or very good, 57 per cent rated it only average and four per cent said it was poor."
"As we have seen in recent times, high-profile data breaches have had a sizeable impact on action, with 56 per cent of companies having changed their process and procedures since those events took place."
"But it’s the smaller companies that are less likely — due to resourcing constraints — to have been able to make these changes."
Fifty-seven per cent of companies identified cybersecurity attack as their dominant data governance risk, with 44 per cent citing the risk posed by a lack of staff skill and knowledge.
Training and financial investment were overwhelmingly perceived as the way to address data governance risks.
Eighty-six per cent of companies cited some form of financial investment, with a further 89 per cent citing training.
"An effective data governance framework is critical in protecting an organisation from potentially catastrophic internal and external threats and ensures a responsible, legally compliant and efficient use of data assets," Vamos said
"We also cannot underestimate the role of governance as we move towards safe, responsible and ethical creation and usage of AI and the protection of vital data."
"We know there is a skills and knowledge gap that organisations must address as a matter of urgency."
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
