Digital Trust: New report highlights top data governance risks

Risks to brand and reputation from mishandling data, a disconnect between IT leaders and business executives, and difficulty in putting a value on data have been identified as key data governance concerns for corporate Australia.

The findings form part of a joint report by Governance Institute of Australia and CSIRO’s Data61, the digital specialist arm of the national science agency, that was released today.

The report Digital Trust - Corporate awareness and attitudes to consumer data uncovers key areas of concern and risk for corporate Australia as they navigate an increasingly complex data governance landscape.

Lead author of the report, Senior Research Consultant Rob Hanson from CSIRO’s Data61 said: “In an environment of rising cyber crime, increasingly valuable consumer data, and a maturing regulatory environment - forming a strong chain of data governance, underpinned by trust, appears to be a very necessary capability.”

He said COVID-19 has added extra complexity and urgency for good governance capabilities.

“COVID-19 has forced a more rapid adoption of digital services. Consequently, confidence, trust and privacy are all critical for consumers to have in the businesses that they interact with. Trust enhancing technologies, including cyber security and privacy enhancing services, are a key enabler of good governance and mitigating risks while maintaining a competitive advantage.”

Governance Institute of Australia CEO Megan Motto said the report has reinforced that data governance must be driven from the top and a data governance strategy is imperative.

“Strong oversight from board and management is essential for good data governance,” Ms Motto said.

“This means ensuring a data governance strategy is in place that includes data modelling, removing duplicated data and cleansing data to remove redundant and corrupt data.

“A board simply cannot afford to be disconnected any longer from their organisation’s data management strategy. To do so is a recipe for serious brand and business failure.”

Key findings of the report:  

  • There is a disconnect between IT and business leaders regarding the risk and opportunity of consumer data. 
  • There is uncertainty over who is responsible and accountable for the data governance strategy. 
  • It is difficult to place a value on data – but this is an important step when considering the risk management of data. 
  • Organisations that value consumer data are more likely to consider it in their strategies and business models. 
  • Organisations with a data governance strategy are more likely to be aware of the risks in handling consumer data and they are significantly more likely to recognise that mishandling consumer data presents a high risk to brand and reputation. 
  • Business executives or technology leaders: There is inconsistency in data governance reporting chains and expectations of who is responsible for managing consumer data issues.  
  • Respondents are more concerned about the risks of damage to brand and reputation than cyber crime or disruptions when it comes to innovating and legislative or regulatory change.

The report’s findings are based on a survey of Australian governance and risk professionals which was used as a springboard to a further set of research contained in the report, including interviews with Governance Institute members.

View the report


Senior Research Consultant Rob Hanson from CSIRO’s Data61 will be speaking at our Public Sector Governance Forum on 5 November. 

View the forum line up

Return to Newsletter