Skip to content
All Blogs

Three steps for developing a data integrity audit and framework

Author: Bill Bruno


Businesses need comprehensive data strategies to stay ahead, but many organizations haven't done enough to create a strategy that can scale to solve current use cases while ensuring they can adapt quickly to new challenges and opportunities.

To build that comprehensive strategy, businesses need to create a framework that involves taking a detailed look at what data they have, how they're achieving it, what they want to achieve, and if those plans are compliant and adaptable. The framework should lay out the risks, challenges, and goals of each data set.

This process could lead to the revelation that the business needs to consider an entirely different type of data capture and management to reach its goals. Businesses should start by conducting a data integrity audit that maps out where gaps in data or business risks exist.

Here's a synopsis of what a framework for this might look like in action, at a high level:

Step one: Understand and implement first-party data best practices.


Businesses first need to understand the domain of their technology investments and ensure it aligns with first-party data best practices. First-party data has been heralded as the hero for the future, but many vendors feed on the confusion of that term to convince organizations they're in good hands when they're not.

Once a business has that understanding, they should map out their existing technologies, datasets and integrations. Bucket them by first-party versus third-party, and then drill in further to map out how consent is managed and, ultimately, what type of cookie or profile is being used. From there, a business should have a good visual picture of its data landscape as well as the risks and deficiencies.

Step two: Ensure the data meets compliance standards.

Next, follow the chain of compliance for data integrations, both internal and external. To do this, a business can divide the data that's more latent versus the data that's used in real-time.

For anything in real-time, a business should ensure they can activate that data in the moment in order to be compliant. For more latent datasets, understand the compliance requirements, provided the data is traceable back to its source, and then vet the data. For that vetting process, businesses should consider investing in technology that can integrate with the business’s data management practices and compliance platforms to better automate what could be a very tedious process.

These two steps put the business in control of all of its data and give them the responsibility to look at what data is collected and how the data can be used both now and in the future. For extra credit, they can even set expiration dates on the data sources to ensure data is being refreshed on a more protective basis. The older the data, the more difficult the compliance problem becomes.

Step three: Close gaps.

The final part of the data integrity audit is to understand the use cases for the data across the business. Over many years, I’ve seen organizations change their requirements or goals to fit within the existing technology stack. This results in an organization settling for “good enough,” and frankly, that's not acceptable anymore.

To truly mature, organizations should map the data gaps against the current landscape to determine the best path forward for closing them over time. This gap analysis should set your data strategy for the future and allow you to take an objective look at your current technology investments.

Much of the tech deployed has been in place for many years prior to compliance directives. With a pragmatic approach, organizations can eliminate wasted cost, futureproof the tech stack and focus on using data to deliver positive brand experiences.


Data integrity audits can propel a business into a new frontier for its consumers, but it requires people to take a step back and think differently about existing technology and datasets. It all comes down to ownership and innovation. If you own the data, then you can drive innovation in a compliant manner without having to worry about all the rented data in your third-party solutions.


*This article originally appeared in Forbes Technology Council

Subscribe to our blog for regular updates!