Throughout the business lifecycle, data is collected in data lakes, cataloged in data warehouses, modified in applications, stored in databases, and called, passed, transformed, analyzed, and used as it makes its way through the ever expanding web of structured systems that are common in today’s organizations.

With the growing number of standards and regulations surrounding data, corporations are being put under a heavy burden to both understand their obligations and comply with relevant standards, including GDPR, HIPAA, the California Consumer Privacy Act, and the National Institute of Standards and Technology (NIST) framework.

Data Governance Priorities

FTI offers a differentiated service by bringing together a cross-functional team that understands the importance of combining data governance, privacy obligations, regulatory requirements, analytics and technology.

  • Identify and inventory structured and unstructured information sources
  • Identify privacy-implicated data within databases and business systems, such as PII, ePHI and CUI
  • Ensure consistent data quality across the organization Understand data lineage and flow
  • Assist with data remediation and decommissioning of business systems, applications and underlying databases
  • Obfuscation of sensitive data: anonymization, encryption, tokenization, masking, etc. Implement policy and role-based access controls
  • Align with corporate data privacy priorities
  • Identify legal and regulatory compliance obligations for data (including GDPR, CCPA, HIPAA, CMMC and other requirements)
  • Create and update compliance documentation
  • Training and change management

Our Approach

Our multi-disciplinary experts work alongside the privacy, legal, IT and executive teams to understand the value of data as well as regulatory requirements and security obligations. We show value throughout the entire project lifecycle – to all stakeholders. Leveraging technology that can sit on top of existing tech environments, FTI Consulting provides a systematic, repeatable process that is scalable.

Analytics enable insights across the enterprise to understand who consumes data, where redundant data exists and identify when systems are no longer reliable. We help organizations quickly determine the impact of data issues across the enterprise as they arise.

Benefits of FTI Consulting’s Data Governance Strategy

Data privacy programs

Data Privacy – strengthen and operationalize data privacy programs

Improve data quality

Data Quality – reduce downstream effects of poor data

Reporting and analysis

Improved utilization across the business – elevate confidence in reporting and analysis

Information requests

Simplify requests for information – catalog enterprise data to ensure business standards are met

Tracking data flow and consumption

Anticipate impact of data issues – understand and track data flow and consumption

Data security

Data Security – understand data environments and harden defenses

Data remediation

Reduced Data Storage – remediate data and decommission old business systems to reduce risk and cost

Sensitive data loss prevention

Data Loss Prevention – implement safeguards to protect sensitive data

Improved decision making

Improved Decision Making – reduce response time with deeper transparency and trust

Policies and process

Policies and Process – Establish frameworks and best practices to govern data assets and implement new technology moving forward. This includes training, implementation guides and communication.

Critical compliance case study graphic

Case Study:

FTI Consulting Leads Critical Compliance and Data Governance Program for Multinational Telecommunications Corporation

For the client, a global telecommunications company, a steady flow of information is critical to serving its customers, from service orders to data needed by technicians in the field. In order for the client to preserve billions of dollars in government contract revenue, the client needs to fulfill the new CMMC requirements by identifying controlled unclassified information (“CUI”) in more than 3,500 applications comprised of approximately 7,000 structured databases and protect the information in methods outlined by the government. The timeline for identification and protection reduced from 18+ months to less than one year and the privacy concerns must be mitigated while not interrupting critical business operations.

Read more »