Why Should You Care About CDEs?
If you’re involved in data governance, you’ve likely encountered the term Critical Data Elements (CDEs). But what are they, and why do data governance managers always go on about them? I must admit I was initially skeptical about their value. However, after five years of using them, I’ve realized how crucial CDEs are for data governance, especially with focusing effort and landing data accountability. In this article, we’ll delve into what CDEs are, why they are used, and how they can be integrated into your data governance framework.
A Brief History of CDEs
The concept of “critical data” first emerged in 2010, when it was introduced in the second edition of DAMA-DMBOK. This edition outlined critical data’s general characteristics and stressed that the specific drivers of criticality vary by industry.
In 2013, after the GFC, the Basel Committee released its risk data aggregation and risk reporting principles (BCBS 239). This standard sought to uplift banks’ information management capabilities. This was when Critical Data Elements really began to be used and integrated into data governance frameworks.
From the Australian context, in 2019, the banking and finance regulator APRA (Australian Prudential Regulation Authority) launched the “100 Critical Risk Data Elements (CRDE) Pilot.” The pilot involved Australian banks and key financial services companies identifying 100 of their most critical data elements (such as customer name, account number, and interest rate) and demonstrating effective control environments over those data elements. APRA has confirmed that they will continue to uplift data risk management and governance under the new Prudential Standard CPS230, which is focused on uplifting operational risk management.
What are Critical Data Elements (CDEs)?
To explain CDEs, let’s start by confirming our understanding of what a data element is. Simply put, a data element is a basic unit of information akin to a building block of data, such as a person’s name, a product price, or a date. Data elements can be categorized as follows:
-
Atomic: These are indivisible, representing the most detailed level of data. For example, a “Date of birth” is atomic because it pinpoints a specific detail that cannot be further broken down without losing its meaning.
-
Derived: These elements are formed from one or more other data elements through transformation, like calculations or aggregations. An example is an annual salary, derived by multiplying hourly wage by the number of work hours in a year.
-
Composite: These are constructed from several atomic elements to form a more complex element. A full name, combining first and last names, is a composite element.
According to DAMA International, CDEs are “data that is critical to success in a particular business area is defined as critical data.” I prefer to define them as data that is essential for operating the business, making decisions, or meeting regulatory requirements. They are recognized as data that, if impacted, would severely impact the organization and, therefore, need to be governed and managed appropriately
When I ask a business team to determine whether data is a CDE or not, I usually ask them the following question:
“If 20-30% of the data was impacted by a data quality/integrity issue, would it cause a high/severe impact to the organistion from a risk impact perspective?”
If the answer yes, then the data element would be are considered a CDE and should come under governed and be documented in the CDE register. It is important to ensure that the rationale for why these data are critical is documented and validated with key SMEs and the risk team.
The Importance of CDEs in Modern Data Governance
Today, Critical Data Elements (CDEs) are recognized as best practice for any modern data governance strategy. Here’s why they are indispensable:
-
Prioritizing Data Governance Efforts: CDEs focus data governance activities on the most critical data within the organization, ensuring that limited resources are utilized effectively.
-
Regulatory Compliance: CDEs are crucial for meeting regulatory obligations. They ensure accurate reporting and help maintain compliance with financial and privacy laws.
-
Integrating Data Governance with Operational Risk: CDEs help integrate data governance into the organization’s operational risk framework. Governing CDEs help mitigate data risks within the organstion.
-
Assigning Accountability for Data: CDEs are key in assigning clear ownership and accountability for data.
-
Data Governance Visibility: CDEs uplfit the visibility of key data within the organization and any issues impacting them and thus causing additional risk the organistion.
-
A Systematic Approach to Managing Critical Data: CDEs provide a structured method to manage and govern critical data throughout the organization, promoting a consistent and standardized approach.
Integrating CDEs into your Data Governance Framework
Here’s how you can implement CDEs within your organistion:
-
Identify CDEs: Start by identifying data used in key business processes, reports, and regulatory reporting. This foundational step helps you determine which data are critical to running your organisation.
-
Formalise CDEs: Clearly define each CDE and document the rationale behind its importance. Establish formal ownership for these CDEs and ensure they are accurately captured in your CDE Register.
-
Capture Data Lineage: Capture business and technical lineage for each CDE. This step is crucial for understanding how the data enters the organisation, the CDEs system of record, and the transformations it undergoes throughout its lifecycle.
-
Implement Data Controls: Utilise the insights gained from data lineage to assess risks throughout the CDE lifecycle. Implement appropriate controls to mitigate these risks.
-
Implement Data Quality: Implement data quality rules across the key dimensions of data quality. Establish an enterprise-wide CDE data quality health score and create a dashboard for ongoing monitoring.
If you would like to learn more about Critical Data Elements, please join us for your upcoming Webinar with Alation June 5th 2024, register using the following link: Mastering Critical Data Elements: A Blueprint for Modern Data Governance
About the author
Chad Barendse is an award-winning Data Governance Expert with over 14 years of experience in the financial services industry, passionate about data and data governance.