What is Data Quality?

In simple terms, data quality is about ensuring that data is fit for purpose. What does this mean? In our experience of delivering data quality projects, we believe this means that the information the business uses for decision making, planning or operational analysis meets its internal and regulatory requirements.
Data quality is assessed based on a number of dimensions, (not all these need to be applied in each project); the most commonly used are:

  1. Accuracy: The degree to which data correctly reflects the "real world" object or event described. 
  2. Completeness: The percentage to which the data is populated within a defined field or record.
  3. Appropriateness: The data provided to the uses is sufficient for their processes, e.g. there are enough years of historical data to support insurance premium calculations for motor insurance.
  4. Timeliness: The degree to which data represent reality from the required point in time and the data are received to meet its business requirement.
  5. Uniqueness: The values of a record within a specific field are not recorded more than once.
  6. Consistency: The absence of difference, when comparing two or more representations of a thing against a definition.
  7. Validity: Data are valid if it conforms to the syntax (format, type, range) of its definition.

Importance of Data Quality
There are many reasons to maintain high-quality data, including:

  1. Improve customer relations: To understand or stay in contact with your customers. In this data-driven age, it is easier than ever before to find out key information about current and potential customers.
  2. Business efficiency and decision making: Good quality data can be the source of operational efficiency improvements and enable the business strategies to be based on data that can be trusted.
  3. Reduce operational costs: Accurate customer data reduces the amount of undeliverable mail, which saves you money in postage costs and in having to continually resend packages that would have arrived safely the first time, had your data been accurate.

Our approach
Even though our approach to delivering a data quality engagement will use similar steps; the rules for assessing data quality will be different for each organisation. Hence, why we believe that the first and most crucial step in any data quality project is to 'baseline' your data.


Data quality is a significant focus of many organisations, and improvements in this area can have significant internal and external benefits. We, at Data Risk Solutions Ltd, understand the business value that improvements in data quality can create and we have an approach which is tried and tested and will provide benefits to your organisation, quickly.

For further information or support – please contact us by email (info@datarisksolutions.co.uk) or phone (0113 8730209).

Data Governance Maturity Assessment

The importance of good Data Governance

Data Governance is the discipline of managing information within your business to help ensure that:

  • You can provide confidence to internal and external stakeholders that the management of their data is supported by appropriate processes, technology and capabilities across the data lineage.
  • Appropriate controls are in place to protect employee, customer and corporate data through alignment with policy and an effective ownership model.
  • Information presented within management reports is accurate and complete through appropriate data quality checks/controls.

Other benefits of enhancing your Data Governance maturity are:

  • Cross department alignment on data processes.
  • Enforcing roles and accountability for data management.
  • Enabling external data sharing projects.
  • Maintaining regulatory compliance.
  • Standardising data management and utilisation.
  • Reducing inefficiencies and costs for data management.

Regulatory view
“Governance – A bank’s risk data aggregation capabilities and risk reporting practices should be subject to strong governance arrangements consistent with other principles and guidance established by the Basel Committee.” BCBS 239 (principle 1)
“technical and organisational measures are the functions, processes, controls, systems, procedures and measures taken to protect and secure the personal information that an organisation processes.” GDPR

Our approach
We have taken our knowledge of regulations across financial services and beyond to develop an approach in assessing an organisations’ data governance maturity using a defined framework. This approach allows you to take the findings and tailor a Strategy that can shape your maturity at a pace that suits you and aligns to your corporate goals.
Our approach has three dimensions:

  1. We gather an understanding of your data governance procedures and processes (data policy, stewardship, retention, etc.) through a combination of desktop and interview-based reviews.
  2. Assess each procedure and process against the disciplines of capability, process and technology.
  3. Classify your level of maturity against the five levels of Data Governance maturity (as noted below).

Data governance maturity levels


In summary, Data Governance is a key focus of many regulators and improving your maturity in this area can deliver significant business benefits. We at Data Risk Solutions Ltd understand the commercial and business value that improvements in Data Governance can deliver and have a sophisticated and efficient approach to helping you to achieve these benefits quickly.

For further information or support – please contact us by email (info@datarisksolutions.co.uk) or phone (0113 8730209)

Direct Marketing – Code of Practice

The Information Commissioner’s Office (ICO) issued a draft consultation code of practice in January 2020 regarding  Direct Marketing. It demonstrates the direction of travel in regards to marketing activity conducted by any business with individuals or on a business to business basis using the values and principles put in place by the General Data Protection Regulation (GDPR), Data Protection Act 2018 (DPA 2018) and the Privacy and Electronic Communication Regulation (PECR).

We, at Data Risk Solutions found the following points most pertinent:

  • The code applies if you process personal data for direct marketing purposes. Direct marketing includes the promotion of aims and ideals as well as advertising goods or services. Any method of communication which is directed to individuals could constitute direct marketing.
  • Direct marketing purposes include all processing activities that lead up to, enable or support the sending of direct marketing.
  • In most cases it is unlikely that you will be able to make using an individual’s data for direct marketing purposes a condition of your service or buying your product.
  • The two lawful bases most likely to be applicable to your direct marketing purposes are consent and legitimate interests. However; if PECR requires consent then in practice consent will be your lawful basis under the GDPR.
  • It provides guidelines on use of consent data when obtained from third-parties.
  • The principle of privacy by design and Data Protection Impact Assessment (DPIA’s) will help in making sure that any marketing activity is compliant with data protection regulations.
  • Market research will not constitute direct marketing if you contact individuals to conduct genuine market research (or you contract a research firm to do so).
  • Direct marketing is not limited to the sale of good and services, it also includes fundraising, campaigning and promotional activities. This means that the activities of not-for-profit organisations such as charities and political parties are covered by the direct marketing rules.
  • Further guidance on the use of data received from data brokers and specific due diligence expectations on the Data Controller.
  • Asking existing customers to provide information on their friends and family members for marketing purposes and the difficulties this creates from a consent perspective.
  • Recommendations on managing marketing lists for business to business direct marketing activity, specifically for communications via email or text.
  • More detailed requirements provided for the appropriate use of Cookies and/or similar technologies through your websites, specifically how consent is managed.
  • Location-based marketing techniques must be transparent and clearly tell people about this type of tracking. These are likely to require consent.

In summary; the use of personal information for marketing purposes is a complex field but we at Data Risk Solutions Ltd understand the commercial and business value that such information can create. We therefore recommend an appropriate and balanced approach to direct marketing activity 
and have the expertise to help you achieve this.

For further information or support – please contact us by email (info@datarisksolutions.co.uk) or phone 0113 873 0209.

Call us on: 0113 8730209 to find out more!

Our team specialise in Data Quality, Data Analytics, Data Governance and Data Protection assignments.