What’s the difference between Data Owners and Data Custodians?

I often get asked about the difference between Data Owners and Data Custodians.

If you’ve read my blogs, you’ll know that I’m not fixated on sticking rigidly to the standard role names, but for the purposes of this article, I’ll to stick with what I consider “best practice” role names and consider both roles in turn:

A Data Owner is a senior business stakeholder who is accountable for the quality of one or more data sets. They are usually a senior business person who has the resources, budget and authority to be able to make changes to that data if necessary.

Data Custodians are very much an IT role. They are responsible for maintaining data on the IT infrastructure in accordance with business requirements. I think the confusion between the roles and who should be making decisions about data is rooted in a long term lack of Data Governance.

Before a company has Data Governance in place, it’s common that the business has not been trained in articulating their data requirements and therefore it is often down to IT to interpret or make decisions in order to help the business.  However, once you have a Data Governance framework in place, the business usually gets much better at articulating data requirements and IT’s job gets easier.

Another difference between the roles is that for Data Owners, I’m looking for named individuals who own one or more data sets. When it comes to Data Custodians. However, I use that more loosely as a collective term for all of the IT department who are supporting your infrastructure.  That said, it’s not impossible to have named custodians. I’ve worked with a number of clients where they have named their Data Custodians.  These have usually been smaller organisations, where there is only one subject matter expert for each system and that person has been named as the Data Custodian.

Also on the CIO WaterCooler
“Good Security Governance” is not a Piece of Useless Consultant Jargon

Another frequent question is whether IT is ever a Data Owner? Now this is an interesting questions as generally, I would say, no. They might own meta data, or performance data around the systems, but nothing more than that. However, recently, I have come across circumstances where IT might own some data.

One such example is maybe your Data Security or Information Security Team who may be monitoring telephone calls or internet activity. This often isn’t being done for any direct business purpose, but rather to protect the business as a whole. If this data isn’t being collected to meet the requirements of a business Data Owner, then it could easily be argued that IT own that data.

I also often get asked if only IT can be Data Custodians?  Generally, it is the case that Data Custodians sit within IT, but there are instances where business teams or functions may also act as Data Custodians. For instance, you may have a BI or Analytics Team sitting in the business reporting line, who perhaps manage and support your data warehouse.  Because of the work they do it is quite common for such a team to be considered as the Data Owners for all data that’s in the data warehouse. However, this is not a correct approach, because all that data has a Data Owner when it sits in the source system and that person still owns it even when it’s on a data warehouse. Of course, in a data warehouse a lot of data is aggregated, combined and often new data is derived or calculated. It is common for the BI or Analytics Team to be involved in these activities, but it does not mean that they own the new or aggregated data. It is more appropriate to consider them as Data Custodians for the data, whilst it’s being managed, manipulated and reported on by that team.  After all they should be carrying out these activities to meet business requirements and the person who approved those requirements is the Data Owner.

Also on the CIO WaterCooler
“Good Security Governance” is not a Piece of Useless Consultant Jargon

I hope that this has clarified the difference between Data Owners and Data Custodians.  Roles and responsibilities are only one of many things that you have to address as part of implementing Data Governance. If you are struggling to get your head around everything else you should be doing and the order in which to do it, please download my free checklist to help you plan your initiative.

Nicola Askham

I am an independent data management consultant. My experience in coaching both regulatory and non-regulatory organisations to design and implement full data governance frameworks, is unique within the Data Governance field. The coaching approach enables organisations to self manage the process beyond initial implementation, leaving them with a sustainable data governance framework. My coaching and Data Governance training workshops ensures that your data governance framework is embedded as an integral part of your business as usual policy. The benefit for you is that once the framework is in place your organisation will be confident, competent and compliant. I have worked in Data Management for twelve years, initially for a leading UK Bank, before becoming a consultant at the beginning of 2009. Most recently I have spent most of my time delivering data governance for Solvency II, but I also run Data Governance Training courses and coach organisations to implement data governance themselves. I am a Director and Committee Member of DAMA UK (I lead Phase 1 of the Data Quality Dimensions Working Group), on the Expert Panel of Dataqualitypro.com and regularly write and present internationally on data governance best practice. I regularly present both at home and internationally. I presented at the MDM Summit, the Business Analysis Conference and the Collibra European User Group in London and Enterprise Data World, Enterprise Dataversity and the IDQ Summit in the US in 2014. I presented at the Experian Data Quality Insurance Summit in March, deliverd tutorials and presentations at the Data Governance Conference in London in May, at DGIQ in San Diego in June and presenting at the Stibo MDM event in Berlin in October. I will be presenting next at the IRMUK EDBI Conference in London in November. Specialties: Data Governance, Master Data Management, Data Quality

Have Your Say:

CIO WaterCooler