ABSTRACT
This chapter focuses on the high-level picture of integrating IT governance with data protection, namely: architecture; service transition; and change management. While there will be elements of data protection to consider in almost all aspects of IT governance, these three topics represent the key junctions where data protection must be more than merely considered: it must be a critical consideration. Every solution developed by an organization, regardless of whether it uses locally created technology, purchased components or outsourced systems, must be developed with three central data protection tenets: integrity; reliability; and recoverability. Just as there are specialist architectural roles in IT for networking, for messaging, for enterprise identification, and a plethora of other subjects, there is a clear need for specialist data protection architects: data protection advocates (DPA). A business without a DPA is a business with an at best incomplete data protection strategy.
