Advisory Note: Database Governance - 70102

Report Details

Database Governance is the set of policies, procedures, practices and organizational structures ensuring the execution of database related activities in an organization according to defined strategies and controls. Database Governance is required to enforce Information Security for structured data held in databases.

Within Enterprise GRC, Database Governance is an element of IT GRC. Enterprise GRC starts with Corporate Governance, e.g. the general, enterprise-wide policies and the focus on strategic risks. Business GRC with its focus on operational risks is the second element (or layer). However, automated controls for many of the operational and even strategic risks require IT – that’s where Database Governance comes into play as one of the major elements of IT GRC.

KuppingerCole strongly recommends defining a Database Governance approach in the context of enterprise-wide GRC initiatives, based on the same approaches as for policies, controls, processes, and organization. If Database Governance is undertaken without first putting an enterprise-wide GRC approach in place we suggest at least investing some work in defining the basic elements, for instance what a book of rules should look like.

Database Governance is first and foremost an organizational approach and not a technical topic. Technology can assist in implementing and executing controls, but it needs to follow the organizational concept. In other words: Without a book of rules, defined controls and processes, and without suitable organizational structures technology is a back-burner issue. Only when proper controls are in place is it time to worry about technical solutions.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Mar 15, 2011

Advisory Note: Database Governance - 70102

Database Governance is the set of policies, procedures, practices and organizational structures ensuring the execution of database related activities in an organization according to defined strategies and controls. Database Governance is required to enforce Information Security for…

€95.00 Get Access

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

OpenC2 – Standards for Faster Response to Security Incidents

Recently, I came across a rather new and interesting standardization initiative, driven by the NSA (U.S. National Security Agency) and several industry organizations, both Cyber Defense software vendors and system integrators. OpenC2 names itself “a forum to promote global development and [...]

Latest Insights

Hot Topics

Spotlight

Learn more

Cyber Defence Center

Today, the Cyber Defence Center (CDC) or Security Operations Center (SOC) is at the heart of enterprise security management. It is used to monitor and analyze security alerts coming from the various systems across the enterprise and to take actions against detected threats. However, the rapidly growing number and sophistication of modern advanced cyber-attacks make running a SOC an increasingly challenging task even for the largest enterprises with their fat budgets for IT security. The overwhelming number of alerts puts a huge strain even on the best security experts, leaving just minutes [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00