Skip to Main Content
Purpose

Data breaches continue to rise, placing unprecedented pressure on organizations to strengthen data governance (DG) practices. Lean six sigma (LSS), with its emphasis on structured processes and continuous improvement, offers a potential pathway for enhancing governance maturity. This study aims to explore how LSS principles can support and strengthen DG frameworks in small and medium-sized enterprises (SMEs) and SME-like environments, with the goal of informing more effective governance policies, improving decision-making and enabling resilient, data-driven operations.

Design/methodology/approach

A qualitative grounded theory methodology was employed to examine the under-theorized intersection of LSS and DG in SMEs and SME-like environments. Grounded theory was selected due to the limited empirical understanding of how process improvement methodologies can support governance and privacy in resource-constrained environments. This approach enabled the development of a data-driven conceptual framework derived from systematic grounded theory coding procedures, including iterative coding and constant comparative analysis, of semi-structured interviews.

Findings

The study identifies how SMEs and SME-like environments integrate LSS principles through a lens of critical success factors (CSFs), into DG through a triadic framework comprising: (1) structural role clarity, (2) process control through LSS tools and (3) organizational readiness. Four themes emerged: the strategic importance of DG for resilience and compliance; the distribution and formalization of governance roles; the use of LSS tools to improve data quality, role clarity and operational efficiency; and challenges related to resource limitations, resistance to change and capability gaps. Together, these findings reveal a structured pathway for SMEs to embed governance practices while addressing operational and cultural constraints.

Originality/value

To the best of the authors’ knowledge, this research provides one of the first grounded theory examinations of how LSS can enhance DG in SMEs and SME-like environments. The emergent framework advances theoretical understanding by demonstrating how governance maturity develops at the intersection of role clarity, process control and organizational readiness. The study contributes a unique perspective by positioning LSS not only as a quality methodology but as a governance enabler, offering resource-constrained organizations a structured approach to institutionalizing resilient, data-driven governance practices.

Data security has become an increasingly urgent concern in the digital age, as the value of data as a strategic organizational asset continues to grow (Ahmadi et al., 2022). As the importance of data increases, the need for effective data governance (DG) has intensified, particularly for safeguarding sensitive information. High-profile breaches, such as the 2023 cyberattack on National Public Data that compromised 2.3 billion records, highlight the critical importance of robust DG systems (Healy, 2024). Despite growing attention to DG, significant gaps remain in understanding the strategies and challenges faced by small and medium-sized enterprises (SMEs) and other SME-like environments that operate with similar resource constraints and governance limitations.

Although many organizations remain unprepared for the modern technical challenges associated with governing data, SMEs are especially vulnerable due to their limited financial, technical and human resources compared to larger enterprises. SMEs contribute around 50%–70% of gross domestic product (GDP) in most Organization for Economic Co-operation Development (OECD) countries (ILO, 2024), underscoring their economic importance and making their vulnerability to DG failures a critical issue with broader implications. However, their smaller scale often complicates the implementation of effective governance practices. Gartner (2022) notes that many organizations have struggled with DG and predicts that nearly 80% of DG initiatives will fail within the next three years, mainly due to the failure to customize strategies for the unique needs of different organizations. Addressing these challenges requires implementation strategies grounded in operational excellence principles, particularly approaches that integrate continuous improvement, statistical control and process standardization. Lean six sigma (LSS) offers a comparatively structured and measurement-oriented approach for embedding these capabilities into governance practices.

This study examines the application of LSS to DG within SMEs and SME-like operational environments, organizations that operate under similar resource constraints, lean staffing models and limited formalized governance structures, regardless of sector. In this study, SME-like environments refer to organizational units that, although not legally classified as SMEs, function under comparable structural constraints such as limited resources, lean staffing and evolving governance maturity. This definition is intentionally extended to include relevant departments and functional units within larger enterprise and public-sector organizations, as several study participants operate within such contexts while still experiencing SME-like operational constraints at the unit level. As a result, these organizations face challenges similar to those encountered by SMEs Smallwood, (2019).

Using grounded theory, this paper investigates how LSS can strengthen DG in SME-like environments by exploring the intersection of these two domains. Through semi-structured interviews with subject matter experts from the State of Indiana, the study identifies critical factors through which LSS tools and methodologies can enhance DG frameworks. Indiana provides a particularly relevant context: the state is home to more than 534,640 small businesses, representing 99.4% of all businesses (U.S. Small Business Administration, 2022), making it an ideal setting for examining the adoption of LSS principles to improve operational efficiency and DG practices.

The paper addresses the following research question: How can LSS tools and methodologies be applied to strengthen DG and enhance data privacy within SMEs and SME-like environments? While LSS has been widely studied as a driver of operational improvement, limited research has examined its specific role in supporting DG, particularly in relation to data privacy, quality and security. This gap underscores the need to investigate how LSS can help SMEs and SME-like environments manage sensitive data and comply with increasingly stringent privacy regulations.

By focusing on practical applications, this study deepens the understanding of LSS’s role in improving DG within SMEs and SME-like environments and offers recommendations for integrating LSS to enhance data protection, data quality and overall information management.

Organizational success increasingly depends on two intertwined capabilities, effective data management and continuous process improvement. DG and LSS represent structured approaches to these goals. DG emphasizes accountability, compliance and data quality, while LSS provides tools for reducing waste, controlling variability and embedding continuous improvement. This review synthesizes insights from both domains, highlighting critical success factors (CSFs) and exploring their intersection, particularly within SMEs and SME-like environments, where resource constraints heighten the need for integrated, efficient strategies. To connect DG to LSS, a perspective of CSFs was employed, where CSFs represent operational design principles.

The role of CSFs has roots as a fundamental method and requirement for businesses to strategically implement new processes, in his seminal work (Rockart, 1979). First described by Daniel (1961), CSFs serve as set of conditions for an organizational initiative to succeed. CSFs became widespread through now established cross-industry definitions that resulted in the CSF concept applicable across multiple industries (Boynton and Zmud, 1984). Systematic evidence of this cross-industry adaptation is demonstrated by Cooper (2008) where the diversity of CSFs in implementation of initiatives shows CSF theory’s application in operations design and management. This has extended into initiatives beyond industry boundaries, such as LSS. In LSS, linking CSFs to implementation is a basis for strategy and sustaining that design and implementation (Antony et al., 2023; Laux et al., 2015; Li et al., 2018).

Weill and Ross (2004) distinguish DG from management: governance encompasses strategic decision-making authority, while management focuses on execution (Ahmadi et al., 2022). Applied to data, governance ensures oversight of organizational data assets (Wende, 2007). Contemporary studies extend this foundation, positioning DG not only as a compliance mechanism but also as a facilitator of advanced analytics, artificial intelligence (AI) readiness and competitive differentiation (Alhassan et al., 2019; Abraham et al., 2019; Otto, 2011).

Existing DG literature reflects an ongoing tension between structural oversight models and IT aligned governance approaches, particularly regarding how governance responsibilities are operationalized within organizations (Wende, 2007; De Haes and Van Grembergen, 2009). This tension is particularly relevant for SMEs, which often lack formalized structures to support multi-level governance. Cheong and Chang (2007) highlight DG’s role in enabling root-cause analysis and performance assessment, yet Abraham et al. (2019) argue that operationalization, embedding governance into daily processes, is the true differentiator. This operational emphasis aligns closely with LSS principles, which prioritize measurable process control, continuous feedback and standardized improvement routines.

Effective DG requires executive support, clearly defined roles and robust processes (Otto, 2011; Khatri and Brown, 2010). Key roles include DG managers, owners, stewards and custodians, who are empowered by top management to manage policies, standards, access, privacy and risk. In Panian’s (2010) study, essential components of DG are highlighted, aimed at guaranteeing data accessibility, consistency, auditability and security within enterprises. These components encompass:

● Data standards, policies and processes: These components are intricately linked to business rules and data access control, establishing a structured framework to guide data management and usage.

● Roles and responsibilities: Clearly defining roles and responsibilities within the organization ensures effective DG and accountability for data-related tasks.

● Data integration technology platforms: Automation plays a pivotal role in DG processes and data integration technology platforms facilitate seamless and efficient management of data across the organization.

Marinos (2004) identified ten CSFs essential for effective DG, leadership accountability, enterprise-wide standards, managerial alignment, early attention to data complexity, cross-divisional collaboration, use of metrics, partnerships with external stakeholders, strategic control points, compliance monitoring and training and awareness.

These success factors highlight the importance of strong leadership, standardized processes and continuous measurement in sustaining governance initiatives. Subsequent studies reinforce this view, emphasizing that effective governance requires not only clear structures and accountability but also adaptability and integration into organizational culture (Otto, 2011; Abraham et al., 2019). Together, these insights suggest that the durability of governance frameworks depends on balancing formalized standards with the flexibility to evolve alongside changing business needs.

DG in SMEs presents distinctive challenges compared with larger organizations. SMEs often operate with limited financial and human resources, less formalized processes and flatter organizational structures, which can complicate the implementation of comprehensive governance frameworks (Stankalla et al., 2018). Research on DG in emerging digital environments highlights that organizations with constrained resources often struggle with fragmented data ownership, unclear accountability and inconsistent data practices, making it difficult to maintain data quality and compliance (Santos et al., 2017). These issues are further compounded by limited analytical capabilities, which restrict SMEs’ ability to leverage data effectively and develop the governance foundations needed to support reliable decision-making (Mikalef et al., 2020). Although much of this literature does not focus exclusively on SMEs, these structural and capability constraints are characteristic of both SMEs and SME-like environments, including organizational units within larger institutions that operate under similar limitations.

Despite these constraints, effective DG remains critical for ensuring data quality, regulatory compliance and informed decision-making. Scholars emphasize that SMEs can achieve governance objectives by adopting scalable and pragmatic approaches that prioritize high-value data assets, assign stewardship responsibilities to existing staff under executive oversight and leverage affordable automation tools to monitor data quality and enforce policies (Were and Moturi, 2017; Abraham et al., 2019). Embedding governance practices into daily operations rather than treating them as standalone initiatives is particularly important, as it enables SMEs to integrate governance seamlessly into their workflows. This adaptive approach strengthens organizational environment and supports sustainable performance, even in resource-constrained environments.

Given the parallels between SMEs and SME-like units, such as departmental teams in public-sector or higher-education settings, the insights from SME-relevant governance research are directly applicable to the organizational contexts examined in this study.

Compared with highly formalized governance systems that often require extensive administrative infrastructure, LSS offers a more scalable and operationally embedded approach that can be adapted to resource-constrained SME and SME-like environments. By emphasizing process efficiency, waste reduction and continuous improvement, LSS aligns well with the pragmatic and operational realities of such environments, where governance mechanisms must be lightweight yet effective. This alignment makes LSS particularly suitable as an integrative lens for embedding DG within daily operational workflows rather than treating it as a separate administrative function.

LSS has been widely applied across industries to enhance cost efficiency, quality and productivity by reducing variation and defects (Pavlović and Božanić, 2010; Antony et al., 2019). Initially developed at Motorola (Barney, 2002), LSS integrates six sigma’s focus on minimizing variability with lean’s elimination of waste. Modern applications extend beyond manufacturing into services, IT and data-intensive processes (Sony et al., 2021; Redeker et al., 2019).

The methodology involves structured problem-solving, data-driven analysis and continuous monitoring to enhance process outcomes (Schroeder et al., 2008). Scholars emphasize leadership commitment, defined roles, standardized processes and measurable outcomes as essential foundations for sustaining LSS initiatives. More recent studies highlight adaptability and cultural embedding as critical for ensuring relevance across diverse organizational contexts (Antony et al., 2022).

In addition to its technical foundations, LSS also includes an affective dimension. Successful implementation depends on employee motivation, trust and engagement, which collectively foster a culture of continuous improvement. Studies emphasize that emotional commitment and organizational buy-in are as important as statistical tools and process mapping, as resistance to change often limits the effectiveness of LSS initiatives (Murmura et al., 2021).

Although LSS is often positioned within broader operational excellence paradigms such as total quality management (TQM), business process management (BPM) and ISO-based quality systems, it is conceptually distinct in its integration of statistical process control with structured improvement cycles (DMAIC). While TQM emphasizes cultural and managerial commitment to quality (Prajogo and McDermott, 2005), BPM focuses on process modeling and optimization (Vergidis et al., 2007) and ISO frameworks prioritize standardized documentation and compliance (Faruq and Saidur, 2022), these approaches typically do not embed continuous, data-driven variance control directly into operational execution. In contrast, LSS operationalizes improvement through measurable feedback loops, defect reduction logic and process capability analysis, enabling ongoing monitoring and corrective action within day-to-day workflows. This embedded analytical structure positions LSS not only as a quality improvement methodology but also as a mechanism for operational governance enforcement through continuous measurement, accountability and iterative improvement.

The literature identifies multiple CSFs for effective LSS implementation. Kowang et al. (2019) highlight five core CSFs: fostering continuous improvement, promoting innovation, adopting a top-down management approach, ensuring employee knowledge of LSS and enhancing communication. Other studies emphasize organizational performance (Jones et al., 2010; Papic et al., 2017), employee involvement and training (Murmura et al., 2021) and systematic information management (Lee and Choi, 2006).

Patel and Patel (2021) provide a broader framework of eleven CSFs, including training and education, strong leadership, cultural change, project management skills, alignment with business strategy, effective communication, customer focus, supportive infrastructure, reward systems and supply chain integration. The contrast between Kowang’s concise model and Patel’s comprehensive framework illustrates the evolution of LSS literature from emphasizing core managerial practices to encompassing wider organizational systems. Collectively, these studies underscore that leadership commitment, employee engagement and resource alignment remain central to sustaining LSS initiatives, while adaptability and cultural change are increasingly recognized as critical for long-term success.

Implementing LSS in SMEs presents unique challenges, including financial constraints, limited expertise and scarce human resources (Zhou, 2016; Antony et al., 2017). Recent scholarship shows that these barriers persist even as LSS evolves toward more digitally enabled forms, with SMEs and SME-like environments, often lacking the technological readiness and analytical capabilities needed to fully leverage modern LSS practices (Mishra, 2022; Prado et al., 2024). Despite these barriers, LSS has gained popularity as an effective approach to process improvement and quality management, building on its proven success in large organizations worldwide (Zhou, 2016).

Successful adoption in SMEs depends on CSFs such as employee involvement, management commitment and understanding of LSS principles (Lande et al., 2016). More recent studies emphasize that integrating digital tools, real-time data and Industry 4.0 technologies can strengthen these CSFs by improving process visibility, accelerating decision-making and reducing the burden of manual data collection, benefits that are particularly valuable for resource-constrained SMEs and SME-like units (Mishra, 2022; Antony et al., 2022). Recent evidence also highlights the importance of tailoring LSS tools to SME contexts, including simplified define, measure, analyze, improve, and control (DMAIC) cycles, visual management practices and flexible training models that accommodate limited resources (Antony et al., 2019). Neglecting these factors often leads to poor outcomes, including insufficient resources, limited expertise and inadequate access to LSS tools and support systems.

Key CSFs for SMEs include training, leadership commitment, customer focus, cultural change and strategic quality planning. By prioritizing these elements, SMEs can overcome resource limitations and achieve continuous improvement, cost reduction and enhanced product and service quality. Emerging research also suggests that SMEs’ inherent agility and shorter decision chains position them well to adopt LSS 4.0 practices, which rely on iterative experimentation, digital integration and rapid learning cycles (Prado et al., 2024; Antony et al., 2022). This adaptability enables SMEs and SME-like environments to tailor improvement initiatives to their specific operational contexts, supporting more sustainable and scalable LSS implementation.

The comparative analysis of CSFs in Table 1 reveals a structural convergence between DG and LSS, particularly across leadership, standardization, collaboration, performance measurement and capability development. This convergence suggests that DG and LSS are not independent improvement frameworks but represent two interdependent governance logics operating at different organizational levels: DG functions as a structural governance layer that defines accountability, control and compliance boundaries, while LSS operates as a process-level mechanism that enables the operational realization and continuous refinement of these structures.

Table 1.

Summarizes the CSFs identified in the literature on DG and LSS, providing a comparative overview of both frameworks

CSFsDGLSSSynchronization
Leadership and accountabilityDefines data authority and compliance oversightEnforces execution discipline through DMAICDG sets governance authority; LSS operationalizes accountability
Standardization and process alignmentEnsures consistent data definitions and policiesReduces process variation through standard workflowsDG standardizes data; LSS standardizes process execution
Cross-Functional collaborationCoordinates data ownership across unitsEnables team-based problem-solving and improvementDG structures ownership; LSS enables execution collaboration
Metrics and performance monitoringTracks data quality and compliance KPIsUses process metrics and variation controlDG measures data integrity; LSS measures process performance
Training and awarenessBuilds governance roles, responsibilities and data literacyDevelops analytical and improvement skills (DMAIC tools)DG builds governance capability; LSS builds improvement capability
Partnerships and supplier collaborationEnsures external data integrity and compliance alignmentExtends process improvement to suppliers and value chainDG governs data exchange; LSS optimizes end-to-end processes
Control and complianceEnforces policies, auditability and data controlUses statistical control and corrective action cyclesDG ensures compliance; LSS ensures continuous control
Innovation and adaptabilityBalances governance control with evolving data needsDrives continuous improvement and experimentationDG stabilizes governance; LSS drives adaptive improvement
Communication and information sharingStructures governance communication and reportingEnables feedback loops and operational transparencyDG formalizes communication; LSS enables performance feedback
Source(s): Authors’ own work

Rather than reflecting simple complementarity, the differences between the two frameworks indicate a functional decomposition of governance. DG emphasizes system stability through data integrity, regulatory alignment and formal control structures, whereas LSS introduces dynamic adaptability through variation reduction, process optimization and iterative improvement cycles. Together, they form a dual-governance configuration in which structural governance without operational execution remains inert, while process improvement without structural governance lacks institutional anchoring.

This duality provides a conceptual basis for understanding governance as a layered system in which structural control and process optimization are mutually constitutive rather than independently operating mechanisms.

As discussed in Section 2.1, Lean emphasizes waste reduction while Six Sigma focuses on minimizing variation. Together, these principles align closely with core DG objectives, including data quality, transparency, accountability and control. This alignment enables the reduction of redundant data processes, improved consistency and enhanced reliability of organizational data assets.

LSS tools such as DMAIC, SIPOC and value stream mapping provide structured mechanisms for operationalizing governance. In particular, DMAIC supports governance execution by clarifying data ownership, identifying quality gaps, diagnosing root causes of data issues and enabling continuous monitoring and corrective action. This demonstrates how LSS translates governance principles into measurable, process-oriented routines embedded within operational workflows.

As highlighted in Section 1.3 organizations, particularly SMEs and SME-like environments, often face challenges in implementing DG due to limited resources, unclear roles and fragmented processes. LSS can help address these challenges by standardizing procedures, clarifying responsibilities and embedding measurement systems that support compliance and performance monitoring. In such contexts, LSS provides a scalable and structured approach to operationalizing governance through continuous improvement and data-driven decision-making, shifting DG from a static, policy-driven function toward a more adaptive and process-integrated system.

Similar governance-related challenges are also observed across other operational excellence (OPEX) methodologies, including TQM, BPM and ISO-based systems, particularly in relation to data consistency, process integration and operational enforcement (Schiavone et al., 2023; Butt, 2020; Biazzo and Bernardi, 2003).

Although substantial literature exists on DG and LSS individually, their intersection remains underexplored. Even though governance challenges have been noted across other OPEX traditions, a focused understanding of LSS as a mechanism for enabling DG is still limited. This gap presents significant implications for organizations, particularly SMEs, which often struggle to establish robust governance structures under resource constraints. Given LSS’s demonstrated effectiveness in enhancing operational efficiency and quality management, examining how its principles can be leveraged to improve governance practices is both important and increasingly relevant in today’s data-driven environments.

This research aims to address this gap by investigating the contributions of LSS to governance effectiveness, with particular attention to SMEs and SME-like environments that must manage data responsibly despite limited resources. Ultimately, the study seeks to support these organizations in navigating the complexities of data management through structured yet adaptable governance approaches.

This study employed grounded theory as the primary research design to develop a theory grounded in empirical data. Grounded theory was chosen because it enables systematic theory building in areas where limited prior research exists (Corbin and Strauss, 2014). The insights generated through grounded theory in this study later served as the foundation for a subsequent research phase that employed a different design to develop a comprehensive framework based on these results.

Grounded theory was selected because the intersection of LSS and DG in SMEs and SME like environments is an under-theorized domain with no established explanatory framework. As Glaser and Strauss (2017), Strauss and Corbin (1998) and Charmaz (2014) emphasize, grounded theory is most appropriate when the goal is to generate theory directly from participant experiences in areas where existing models are insufficient. This study is positioned at the substantive theory-building stage, aiming to develop an empirically grounded explanation of how LSS practices can support DG in resource-constrained environments. This theoretical positioning clarifies that the purpose of grounded theory here is not to test existing constructs but to inductively build a conceptual understanding of an emerging phenomenon.

Grounded theory involves an iterative process where data is collected through interviews and analyzed to identify patterns and concepts (Charmaz, 2003). These concepts are refined and grouped, resulting in a theory that explains the observed phenomena (Williams, 2007). The flexibility of grounded theory makes it well-suited for exploring complex issues such as the relationship between LSS practices and DG in SMEs and SME-like environments. Figure 1 illustrates the conceptual approach adopted in this study.

Figure 1.
A flowchart outlines the grounded theory methodology for identifying L S S practices in S M Es.The process begins with exploratory data governance and privacy relationships in S M Es through L S S practices. Next, research design uses grounded theory. Then data collection uses semi-structured interviews, followed by population selection and sampling. After that, theory development occurs. Finally, the process leads to best L S S practices for data governance and privacy in S M Es.

Research design

Source: Authors’ own work

Figure 1.
A flowchart outlines the grounded theory methodology for identifying L S S practices in S M Es.The process begins with exploratory data governance and privacy relationships in S M Es through L S S practices. Next, research design uses grounded theory. Then data collection uses semi-structured interviews, followed by population selection and sampling. After that, theory development occurs. Finally, the process leads to best L S S practices for data governance and privacy in S M Es.

Research design

Source: Authors’ own work

Close modal

For this study, SMEs and SME-like environments were defined using a functional rather than strictly legal classification. While the U.S. Small Business Administration (2023) size standards, typically fewer than 500 employees and annual revenues under $50m, served as a general reference point, the primary criterion was whether the organizational unit operated under SME-like constraints. These constraints include limited financial resources, lean staffing structures, multi-role personnel and evolving DG maturity, characteristics commonly associated with SMEs regardless of the size of the parent institution.

This approach reflects the reality that many departments, divisions or operational units within larger organizations function as SME-equivalents due to their resource limitations and governance structures. By focusing on SMEs and SME-like environments, the study ensured that participants represented contexts where LSS and DG adoption is shaped by similar operational pressures, thereby maintaining conceptual coherence and strengthening the relevance of the findings.

The study employed a multi-step sampling approach. Purposive sampling was first used to identify the initial ten participants who met the inclusion criteria: (a) a minimum of two years of experience in LSS, DG or data privacy within SMEs or SME-like environments and (b) employment in organizational units operating under SME-like constraints such as limited staffing, resource scarcity and evolving governance maturity. Indiana was selected for convenience and accessibility.

Although initial participants were identified through purposive sampling, participant selection evolved iteratively as emerging categories were identified during early rounds of analysis. Subsequent interviews were guided by developing concepts, reflecting an iterative, grounded theory, informed sampling approach, allowing further exploration and validation of emerging relationships between LSS practices and DG challenges.

Snowball sampling was then used to identify additional participants through referrals. All participants met the study’s inclusion criteria, ensuring consistency with the research context. In total, 25 individuals were contacted and 20 agreed to participate in interviews. This sample size aligns with grounded theory recommendations, where approximately 20–30 interviews are typically sufficient to achieve theoretical saturation (Moser and Korstjens, 2018; Vasileiou et al., 2018). In this study, saturation was assessed through constant comparative analysis and iterative coding, with no new substantive themes emerging in the later stages of data collection. As with most qualitative studies using purposive and snowball sampling, the findings are not intended to be statistically generalizable but theoretically transferable to similar contexts. Table 2 below includes interview participants’ information.

Table 2.

Interview participants’ information

ParticipantRoleOrganization type
Interviewee A Vice President, Commercial InsuranceFinance and Insurance Sector
Interviewee BPartner, Data Security PracticeLegal Services
Interviewee C Government Legal AdvisorPublic Sector
Interviewee D Technology LeaderPublic Sector
Interviewee E Privacy and Security DirectorPublic Sector
Interviewee F Chief Information Security OfficerAutomotive
Interviewee GChief Information Security OfficerPublic Sector
Interviewee H Senior General CounselHealthcare
Interviewee IChief Executive OfficerIT Consulting and Services
Interviewee J Co-founder and CEOIT Consulting and Services
Interviewee KCo-founder and CTOIT Consulting and Services
Interviewee LChief Privacy OfficerPublic Sector
Interviewee MDeputy Director, Data SciencePublic Sector
Interviewee N Director of Engagement and AnalyticsPublic Sector
Interviewee O Director Commercial ManufacturingMedical Sector
Interviewee PData AnalystHigher Education
Interviewee QVice Chancellor Information ServicesHigher Education
Interviewee RProgram Quality Manager, LSS ExpertAutomotive
Interviewee SPartner in Data Security and PrivacyLegal Services
Interviewee TContinuous Improvement LSS Black BeltHealthcare
Source(s): Authors’ own work

Data was collected through semi-structured interviews designed to elicit in-depth responses and allow flexibility in probing participants’ perspectives (Creswell and Creswell, 2017; DeJonckheere and Vaughn, 2019). The interview guide was designed to explore LSS and DG practices specifically within resource-constrained operational settings, ensuring alignment with the study’s focus on SMEs and SME-like environments. This format was chosen because it combines consistency across participants with the ability to explore emerging themes through follow-up questions.

Each interview lasted approximately 1 h and followed an interview guide consisting of 18 open-ended questions. The questions were developed based on existing research (Hundal et al., 2021; Mahanti, 2021) and reviewed by the authors and external experts in LSS and DG to ensure clarity and relevance. This expert review helped ensure that the interview guide appropriately reflected the operational realities of SMEs and SME-like environments, addressing the reviewer’s concern about alignment. Examples of the questions are provided in Table 3. Semi-Structured Interview Questions Used in the Study:

Table 3.

Theme 1: Importance of DG

SubthemeExample codesExample quotes
Criticality of DGEssential; foundational; protects sensitive info; establishes common understanding“Data governance is essential and critical in my organization, as well as any organization that deals with personally identifiable information” - H
Support for SMEsHelps SMEs manage data; aids storage/usage; improves data handling“Data governance plays a crucial role in assisting SMEs in managing, using and storing their data” - S
Variation by data typePersonal data; confidential; highly confidential; corporate data“There are different data types… personal, company confidential and highly confidential such as patient medicine recipes” - O
global and regulatory needsCross-border data flows; international regulations; privacy requirements“We deal with banks and manufacturers worldwide… cross-border data flows require strong data governance” - F
Reliable data for decisionsCentralized data; trustworthy sources; data-driven culture“Modern technology like data centralization requires robust data governance practices” - M
Need for lifecycle managementLack of governance maturity; gaps in lifecycle processes“Some organizations still lack crucial aspects of data governance and lifecycle management” - L
Source(s): Authors’ own work

Demographics:

  • What is your name, educational background?

  • What is your current role and years of experience?

  • What is your experience of data governance, privacy and LSS as a SME?

DG: (Ref: Mahanti, 2021)

  • How would you describe the importance of data governance and data privacy in your organization?

  • How does your organization implement and maintain data governance and data privacy?

  • In your organization, who is responsible for implementing and maintaining data governance and data privacy systems?

  • How would you describe your organization’s awareness of Federal and State laws for data governance and data privacy? *

  • How does your organization enforce laws discussed in previous question?

  • Do you think the rules and regulations discussed earlier effectively impact the data governance and data privacy, if yes, how so?

  • What challenges do you have to overcome to implement and maintain data governance and data privacy system? *

  • What solutions can you suggest to overcome these challenges?

  • For an SME or local government, what would you say are the top three things they should do regarding data privacy and data governance? *

LSS: (Ref: Hundal et al., 2021)

  • How familiar are you with LSS tools?

  • What LSS tools are utilized within your organization to implement and maintain data governance and data privacy? *

  • How do you evaluate the impact of LSS tools upon implementing and maintaining data governance and data privacy in your organization?

  • What additional LSS tools that are not utilized by your organization but could effectively impact implementing and maintaining data governance and data privacy?

  • What are the challenges that your organization has to overcome to utilize LSS tools in implementing and maintaining data governance and data privacy? *

OTHER

  • Is there anything else you would like to add before we conclude this interview?

with questions marked by an asterisk (*) that were developed based on existing research by Hundal et al. (2021) and Mahanti (2021).

Interviews were conducted virtually via Microsoft Teams to maximize convenience. This approach eliminated travel requirements and allowed scheduling flexibility based on participant availability. All interviews were conducted by one of the study’s authors, ensuring consistency in delivery and probing techniques.

To maintain data integrity, each interview was audio-recorded with participant consent and later transcribed verbatim for analysis. Consent forms were distributed and signed electronically prior to the interviews and confidentiality was assured throughout the process.

Analysis followed an iterative grounded theory process in which data collection and analysis occurred concurrently, enabling emerging concepts to inform subsequent interviews and analytical refinement.

Data was analyzed using grounded theory techniques: open coding, axial coding and selective coding (Corbin and Strauss, 2014). The analysis was conducted with NVivo 12 software to organize and manage qualitative data efficiently. Coding and analysis were performed concurrently with data collection to allow iterative refinement (Watling et al., 2017).

8.4.1 Step 1: Open coding.

Each transcript was carefully read line by line and broken down into discrete components. In vivo codes were created to capture participants’ exact words and phrases, ensuring that the coding remained grounded in the data. The goal of this stage was to remain open to all potential theoretical directions emerging from the interviews, allowing themes and concepts to surface naturally from the participants’ responses.

8.4.2 Step 2: Axial coding.

During axial coding, the initial codes were reorganized and grouped into broader categories based on conceptual similarities. Redundant codes were removed and relationships between categories, such as causal conditions, context and consequences, were identified. This step served as a bridge between the initial open coding and the subsequent selective coding, helping to structure and clarify emerging patterns in the data.

8.4.3 Step 3: Selective coding and theme development.

In the selective coding phase, core categories were synthesized into overarching themes. To strengthen methodological rigor, coding validation involved a two-stage process: (a) the primary author conducted initial coding and (b) two additional researchers independently reviewed coded transcripts and emerging themes. Discrepancies were documented and resolved through consensus, providing transparency in how coding reliability was established.

Through this iterative process, relationships between DG challenges and LSS mechanisms progressively emerged, culminating in a conceptual understanding of LSS as an operational enabler of DG in SME-like environments.

To illustrate the coding process and the development of themes, Figure 2 presents a sample coding tree. This figure depicts the progression from raw interview data to broader analytical levels: starting with “open codes,” moving to “axial codes” (categories) and culminating in “selective codes” (themes) that structure the results section.

Figure 2.
A flowchart presents four coding steps from raw data to themes in grounded theory analysis.The process starts with raw data containing participant quotes about data governance, S M E support, and cross-border regulatory issues. Next, open coding identifies concepts including P I I protection, criticality, essential functions, data management, compliance, and cross-border requirements. Then axial coding groups these concepts into categories including criticality of D G, support for S M E, and global and regulatory needs. Finally, themes emerge, including the importance of data governance and additional themes.

Sample coding showing progression from raw data to themes

Source: Authors’ own work

Figure 2.
A flowchart presents four coding steps from raw data to themes in grounded theory analysis.The process starts with raw data containing participant quotes about data governance, S M E support, and cross-border regulatory issues. Next, open coding identifies concepts including P I I protection, criticality, essential functions, data management, compliance, and cross-border requirements. Then axial coding groups these concepts into categories including criticality of D G, support for S M E, and global and regulatory needs. Finally, themes emerge, including the importance of data governance and additional themes.

Sample coding showing progression from raw data to themes

Source: Authors’ own work

Close modal

Memo-writing was an ongoing process throughout all coding stages. Memos were stored separately and served as a pivotal audit trail, capturing insights, exploring relationships between codes and categories and guiding theoretical integration.

Saturation was assessed iteratively throughout data collection and analysis. Because coding occurred concurrently with interviewing, recurring patterns and stable categories became visible early in the process. After approximately 15 interviews, no new substantive categories were emerging and the final five interviews contributed only confirmatory insights. This indicated that the coding structure had stabilized and that additional data were unlikely to generate new theoretical directions. As Lillemor (2006) notes, “Data collection proceeds until so-called theoretical saturation is achieved, which means that new data does not add new information” (p. 144). Saturation decisions were documented through analytic memos and constant comparison, providing transparency in how the adequacy of the sample was determined.

This section presents findings from interviews with professionals across DG, LSS, SMEs and SME-like environments and organizational leadership. Analysis followed the grounded theory process described in the methodology: open coding (line-by-line coding of transcripts), axial coding (grouping codes into categories and identifying relationships) and selective coding (synthesizing categories into overarching themes). Through this iterative process, four major themes emerged:

  1. Importance of DG.

  2. Roles and Responsibilities in DG for SMEs and SME-like environments.

  3. Leveraging LSS for Effective DG.

  4. Challenges of Implementing LSS in SMEs and SME-like environments.

Each theme is presented below with its coding pathway, subthemes and representative quotes.

Participants consistently emphasized DG as foundational to SMEs and SME-like environments resilience. Governance maturity was linked to reliable decision-making, compliance and organizational trust. Cross-border operations amplified regulatory pressures, while gaps in lifecycle management revealed uneven governance maturity.

These findings indicate that participants view DG as important for supporting decision-making, compliance and operational reliability across SME and SME-like environments. Lifecycle management gaps highlight the transitional state of SMEs, where governance maturity evolves unevenly across contexts. Table 3 includes the subthemes, example codes and representative quotes related to Theme 1.

While these findings demonstrate the importance of DG, the next section explores who is responsible for these practices within SMEs and SME-like environments.

DG in SMEs and SME-like environments reflects a range of organizational approaches, from formally designated roles to distributed responsibilities shared across teams. Interviewees highlighted that the structure and clarity of roles significantly influence the effectiveness of governance, data quality and compliance.

While larger organizations often establish dedicated roles, such as chief information security officer (CISO), chief data officer (CDO) or governance committees, smaller organizations may rely on multi-role employees to manage data responsibilities. This variability affects how governance policies are enforced and how accountability is maintained across the organization.

Participants also stressed that fostering a culture of shared responsibility is critical. When employees at all levels understand their part in maintaining data accuracy, consistency and security, organizations are better positioned to ensure compliance, protect sensitive information and support informed decision-making. Table 4 presents subthemes, codes and representative quotes for Theme 2.

Table 4.

Theme 2: Roles and responsibilities in DG

SubthemeExample codesExample quotes
Designated governance rolesCISO; CTO; CDO; governance committees; data owners“We have a data governance committee that audits data and ensures data quality.” - Q
Privacy and security oversightCPO; privacy office; data security oversight“We have a privacy and security office that handles sensitive data and compliance.” - N
Distributed responsibilityShared ownership; employees wearing multiple hats“ with a small team, we wear multiple hats… governance is shared across the data team.” - J
Organization-wide accountabilityCollective responsibility; cultural importance“We are on a mission to improve the overall awareness across the org of how to appropriately use data, how to interpret it, how to share it, doing all of the things will make us a better data driven organization” - N
Source(s): Authors’ own work

This theme reveals a structural-cultural tension, SMEs and SME-like environments balance formal governance roles with collective responsibility. Resource constraints drive distributed models, but these models depend heavily on organizational culture to sustain accountability. The following section examines how LSS principles can support and enhance these governance practices.

Building on our understanding of the importance and roles of DG, we examined the significance of LSS principles in the context of SMEs and SME-like environments. Interview insights reveal a diverse application of LSS techniques to improve processes, boost efficiency and strengthen data security. Figure 3 presents a categorization of LSS tools identified through grounded theory analysis, grouped into six functional domains: process improvement, visual management, error prevention, identification of critical areas, data security and risk management and data management. Each domain demonstrates how specific tools, such as Statistical Process Control, Kanban, Poka-Yoke and the responsibility assignment matrix (RACI - responsible, accountable, consulted, and informed), support governance objectives including data quality, role clarity, risk mitigation and operational efficiency. LSS tools such as process mapping, Pareto analysis and mistake-proofing were reported as being used to improve efficiency, clarify roles and support consistency in governance-related processes.

Figure 3.
A flow diagram links L S S tools with data governance functions and associated methods.The diagram begins with L S S tools in the context of data governance. Process improvement connects to statistical process control. Visual management connects to Kanban. Error prevention connects to Poka Yoke. Identification of critical areas connects to Gemba Walk, Pareto charts, and process mapping. Data security and risk management connects to S W O T analysis and failure modes and effects analysis. Data management connects to the R A C I matrix.

LSS tools in context of DG

Source: Authors’ own work

Figure 3.
A flow diagram links L S S tools with data governance functions and associated methods.The diagram begins with L S S tools in the context of data governance. Process improvement connects to statistical process control. Visual management connects to Kanban. Error prevention connects to Poka Yoke. Identification of critical areas connects to Gemba Walk, Pareto charts, and process mapping. Data security and risk management connects to S W O T analysis and failure modes and effects analysis. Data management connects to the R A C I matrix.

LSS tools in context of DG

Source: Authors’ own work

Close modal

LSS tools such as process mapping, Pareto analysis and mistake-proofing were used to improve efficiency, clarify roles and support consistency in governance-related processes. Tools like Kanban and RACI, could be used to clarify roles and improved accountability. Participants described LSS as supporting efficiency and reliability in governance-related practices. Table 5 includes subthemes, codes and representative quotes for Theme 3.

Table 5.

Theme 3: Leveraging LSS for effective DG

SubthemeExample codesRepresentative quotes
Process improvement and quality assuranceSPC; DMAIC; documentation; process mapping“In my different business projects, I have used DMAIC to help me design my project or project proposal” - P
Visual managementKanban; workflow transparency; bottleneck removal“Efficiency and productivity can be improved by examining the processes and removing any steps that do not add value” - Q
Error preventionPoka-Yoke; mistake-proofing; control mechanisms“Poka-Yoke helps identify and eliminate errors in data governance processes” - T
Identifying critical areasPareto charts; Gemba Walk; prioritization“Pareto helps us identify key areas to reduce incidents and improve resource utilization.” - E
Risk assessment and managementSWOT; FMEA; security control verification“We regularly assess security controls using LSS to ensure effectiveness against evolving threats” - G
Continuous improvementWaste elimination; efficiency; data-driven decisions“LSS tools help eliminate waste and ensure governance processes are efficient and reliable” - Q
Data management enhancementData lineage; RACI; lifecycle improvement“LSS can help track lineage, identify inefficiencies and ensure integrity” - S
Opportunities and limitationsPotential value; planning requirements; applicability to SMEs“LSS tools can add value to SMEs, but implementation requires planning” - F
Source(s): Authors’ own work

This theme illustrates how SMEs and SME-like environments adapt LSS tools beyond manufacturing, applying them to governance as process-control mechanisms. Participants reported the use of LSS tools such as process mapping, DMAIC and RACI to improve efficiency, clarity of roles and consistency in governance-related processes. The discussion that follows considers strategies to mitigate these challenges and maximize the effectiveness of LSS in small and medium enterprises.

Despite the potential benefits of LSS for DG, SMEs and SME-like environments face practical challenges in adopting these principles. Interviewees emphasized that organizational readiness, available resources and staff expertise significantly influence successful implementation.

Resistance to change was highlighted as a key barrier. Employees and executives may be hesitant to adopt new methodologies, especially if the advantages are not immediately clear. Cultivating awareness and demonstrating the value of LSS were noted as essential steps in overcoming this resistance.

Resource limitations, including budget constraints and limited staff capacity, also affect adoption. SMEs must carefully balance operational demands with the time and effort required to implement LSS initiatives effectively.

Finally, gaps in training and education can hinder LSS adoption. Developing internal expertise or accessing external support is crucial to ensure that tools and techniques are applied correctly and sustainably. Table 6 includes subthemes, codes and representative quotes for Theme 4.

Table 6.

Theme 4: Challenges of implementing LSS in SMEs

SubthemeExample codesRepresentative quotes
Resistance to changeSlow adoption; hesitation; need for leadership support“You have to convince those at the top that these tools are necessary and you have to explain them in a way that frontline staff can understand and find value in using them regularly” - E
Resource constraintsLimited budget; limited staff time; competing priorities“If money is no object, hiring somebody to come in and handle the program is outstanding, but that’s usually not realistic”- B
Training and education gapsLack of LSS awareness; need for trained personnel“There are a number of challenges, I think just from a standpoint of education… a lot of people really don’t know what it is” - N
Organizational barriersCompeting responsibilities; lack of structure; capability limitations“I think the biggest challenge is having the expertise of somebody that can implement the Lean 6 Sigma toolset” - Q
Source(s): Authors’ own work

This theme highlights the conditional nature of LSS adoption, success depends on organizational readiness, resource allocation and cultural acceptance. The interplay between Themes 2 and 4 is notable, distributed governance models may exacerbate resistance and resource challenges, suggesting the importance of leadership support in successful implementation.

Across the four themes, a consistent pattern was observed. DG was described as providing structural accountability and compliance foundations. Organizational roles influenced how governance responsibilities were distributed in practice, ranging from formal governance structures to shared responsibility models. LSS tools were described as supporting governance through process standardization, measurement and continuous improvement. However, participants also emphasized implementation constraints such as resource limitations, training gaps and resistance to change, which affect the extent to which LSS practices are adopted within governance activities in SME and SME-like environments. The synthesis of these themes is further developed in the Discussion section.

This study investigated how SMEs and SME-like environments integrate LSS principles into DG practices. Through grounded theory analysis, four key themes emerged: the strategic importance of DG, the delineation of roles and responsibilities, the application of LSS tools and the challenges associated with implementation. These themes form the empirical foundation for the study’s theoretical contribution.

Implementing LSS in SMEs and SME-like environments presents challenges such as financial constraints, limited expertise and scarce resources (Zhou, 2016; Antony et al., 2017). Successful adoption depends on CSF including employee involvement, management commitment and understanding of LSS principles (Lande et al., 2016). While SMEs face structural disadvantages, their agility allows flexible adaptation of LSS practices (Antony et al., 2017).

DG in SMEs and SME-like environments is complicated by limited resources, less formalized processes and flatter structures (Stankalla et al., 2018). Effective governance can be achieved by prioritizing key data assets, assigning stewardship to existing staff and using affordable automation tools (Were and Moturi, 2017; Abraham et al., 2019). Embedding governance into daily workflows strengthens resilience and supports sustainable performance.

Although DG and LSS have been widely examined separately in large organizations, the structural conditions in those environments differ significantly from SMEs and SME-like environments. Large firms typically operate with dedicated governance roles, formalized processes and mature quality and improvement infrastructures, which enable more systematic adoption of LSS and comprehensive DG frameworks (Zhou, 2016). In contrast, SMEs and SME-like environments function with leaner staffing, limited financial resources and multi-role personnel, making it difficult to replicate large-firm governance models directly (Stankalla et al., 2018). These structural differences mean that practices proven effective in large organizations must be adapted to the realities of SMEs, where governance responsibilities are often distributed and process maturity is uneven. By contextualizing insights from large-firm studies within SME constraints, this study clarifies which elements of LSS and DG can be transferred and which require modification to align with the operational limitations of SMEs and SME-like environments.

Building on these insights, a triadic framework is proposed to explain governance maturity in SMEs and SME-like environments, comprising three interdependent dimensions:

  1. Structural role clarity: ensures accountability and consistency in governance practices. This may involve formalized roles, such as Chief Data Officers and governance committees or distributed responsibility models that rely on cultural reinforcement and shared ownership.

  2. Process control through LSS tools: operationalizes governance by embedding efficiency, error prevention and traceability into workflows. Techniques such as statistical process control (SPC), Pareto analysis, Kanban and Poka-Yoke exemplify how operational methodologies can support governance outcomes.

  3. Organizational readiness: reflects the enterprise’s capacity to adopt and sustain governance practices. Leadership commitment, resource allocation and staff training are critical enablers, while resistance to change and resource constraints emerge as persistent barriers.

Together, these dimensions form a cohesive model that links operational improvement methodologies with governance outcomes. This framework contributes to theory by offering a structured lens for understanding how SMEs and SME-like environments may combine governance structures, LSS tools and organizational readiness to support DG.

As illustrated in Figure 4, governance maturity may be strengthened through the interaction of structural clarity, process control and organizational readiness. These three dimensions were derived by synthesizing patterns observed across the four themes. Each dimension contributes uniquely, but only their integration enables SMEs and SME-like environments to embed governance as a sustained, systemic capability. The diagram also highlights specific LSS tools and organizational mechanisms that support this progression, reinforcing the practical relevance of the framework.

Figure 4.

Data governance maturity framework

Source: Authors’ own work

Figure 4.

Data governance maturity framework

Source: Authors’ own work

Close modal

The findings suggest several practical implications for SMEs and SME-like environments. To strengthen their governance practices, SMEs and SME-like environments can draw on Theme 2 by clarifying and formalizing data-related responsibilities using LSS-inspired structures such as RACI matrices, thereby reducing ambiguity and improving accountability. Consistent with Theme 3, organizations can incorporate specific LSS tools, such as SPC for monitoring data quality, Pareto analysis for prioritizing governance issues and Poka-Yoke for error prevention, into routine data workflows to enhance reliability and traceability. Reflecting Theme 4, leadership teams can address readiness barriers by investing in targeted training, capability development and structured change-management efforts to mitigate resistance and strengthen internal expertise. These actions align with the empirical patterns observed in the interviews and provide practical considerations for organizations seeking to strengthen governance-related processes. These implications should be interpreted within the exploratory scope of the study and may benefit from further validation across broader organizational contexts.

To complement these practical implications, the study also articulates clear theoretical contributions consistent with grounded theory methodology, demonstrating how the emergent framework advances understanding of governance maturity in resource-constrained environments.

From a broader organizational perspective, stronger DG practices in SMEs and SME-like environments may support more reliable data management, operational transparency and improved handling of sensitive information.

Looking ahead, SMEs and SME-like environments can embed this triadic framework within emerging Quality 4.0 environments, where Industry 4.0 technologies enable real-time monitoring, advanced analytics and automation. While data stewardship remains underdeveloped in current Quality 4.0 models, this study suggests that combining LSS tools with robust governance structures can address this gap. Future research should test this framework across industries, examine its scalability and explore its integration with digital technologies and AI-enabled quality systems.

In conclusion, this study develops an emergent conceptualization of governance maturity in SMEs and SME-like environments, shaped by structural role clarity, process control through LSS tools and organizational readiness. By linking LSS with DG, it offers both theoretical insight and practical strategies for SMEs seeking to institutionalize governance and drive continuous improvement. The implications provide theme-aligned actions grounded in the empirical findings. The originality of this research lies in its synthesis of governance and process improvement, suggesting that LSS can function as a governance enabler in SME and SME-like environments. These findings lay the foundation for a comprehensive framework to be developed in future research, guiding SMEs and SME-like environments toward resilient, efficient and compliant data ecosystems.

This study has identified several potential areas for future research concerning DG and the application of LSS principles within SMEs and SME-like environments. To further enhance understanding of these topics, future studies could examine the long-term effects of LSS on SME DG systems and overall operational performance. This performance could be explored through areas such as data security, decision-making processes and long-term operational efficiency. Future research could also explore sector-specific analyses to determine how LSS adoption varies across industries and operational contexts. By conducting follow-up evaluations with SMEs and SME-like environments that have implemented LSS over an extended period, researchers can assess the sustained efficacy of LSS in enhancing DG and its impact on organizational performance.

In addition, exploring the integration of LSS into DG frameworks and how SMEs navigate the challenges associated with it can provide critical insights. Further empirical testing is warranted, especially regarding how LSS principles like SPC can improve governance practices. By examining the relationship between DG practices and operational excellence, researchers can identify potential areas for improvement and optimization in SMEs’ day-to-day operations. Comparative cross-country studies could also be conducted to determine how contextual differences influence LSS effectiveness in SME DG.

Several limitations must be considered when interpreting the findings of this study. First, the sample was geographically constrained, as all participants were located in Indiana (USA). While the high concentration of SMEs and SME-like environments in this region justified the focus, the results may not be generalizable to organizations in other states or countries. Second, the study relied on purposive and snowball sampling, which, while appropriate for exploratory qualitative research, further limits generalizability beyond the sample. Third, although saturation was evaluated qualitatively through ongoing comparison and memo-writing, no formal quantitative measure of saturation was applied, which is acknowledged as a limitation. Time constraints may also have restricted the depth of data collection and analysis, potentially overlooking important aspects of LSS implementation in SMEs and SME-like environments.

Finally, contextual factors such as external market conditions and industry-specific challenges may not have been fully captured. Future research should therefore provide a structured roadmap that accounts for sector-specific challenges and cross-industry comparisons, enabling the identification of best practices and actionable strategies for SMEs and SME-like environments.

Abraham
,
R.
,
Schneider
,
J.
and
Vom Brocke
,
J.
(
2019
), “
Data governance: a conceptual framework, structured review, and research agenda
”,
International Journal of Information Management
, Vol.
49
, pp.
424
-
438
.
Ahmadi
,
S.
,
Tavana
,
M.M.
,
Shokouhyar
,
S.
and
Dortaj
,
M.
(
2022
), “
A new fuzzy approach for managing data governance implementation relevant activities
”,
The TQM Journal
, Vol.
34
No.
5
, pp.
979
-
1012
.
Alhassan
,
I.
,
Sammon
,
D.
and
Daly
,
M.
(
2019
), “
Critical success factors for data governance: a theory building approach
”,
Information Systems Management
, Vol.
36
No.
2
, pp.
98
-
110
.
Antony
,
J.
,
Forthun
,
S.C.
,
Trakulsunti
,
Y.
,
Farrington
,
T.
,
McFarlane
,
J.
,
Brennan
,
A.
and
Dempsey
,
M.
(
2019
), “
An exploratory study into the use of lean six sigma to reduce medication errors in the Norwegian public healthcare context
”,
Leadership in Health Services
, Vol.
32
No.
4
, pp.
509
-
524
.
Antony
,
J.
,
Laux
,
C.
, and
Cudney
,
E.
(
2019
),
The Ten Commandments of Lean Six Sigma: A Guide for Practitioners
,
Emerald Group Publishing
,
Bingley, UK
.
Antony
,
J.
,
McDermott
,
O.
and
Sony
,
M.
(
2022
), “
Quality 4.0 conceptualisation and theoretical understanding: a global exploratory qualitative study
”,
The TQM Journal
, Vol.
34
No.
5
, pp.
1169
-
1188
.
Antony
,
J.
,
Sony
,
M.
,
McDermott
,
O.
,
Swarnakar
,
V.
,
Galli
,
B.
,
Doulatabadi
,
M.
and
Kaul
,
R.
(
2023
), “
An empirical study into the reasons for failure of sustaining operational excellence initiatives in organizations
”,
The TQM Journal
, Vol.
35
No.
7
, pp.
1569
-
1587
.
Antony
,
J.
,
Vinodh
,
S.
, and
Gijo
,
E.V.
(
2017
),
Lean Six Sigma for Small and Medium Sized Enterprises: A Practical Guide
,
CRC Press
,
Boca Raton, FL
.
Barney
,
M.
(
2002
), “
Motorola’s second generation
”,
Six Sigma Forum Magazine
, Vol.
1
No.
3
, pp.
13
-
16
.
Biazzo
,
S.
and
Bernardi
,
G.
(
2003
), “
Process management practices and quality systems standards: risks and opportunities of the new ISO 9001 certification
”,
Business Process Management Journal
, Vol.
9
No.
2
, pp.
149
-
169
.
Boynton
,
A.C.
and
Zmud
,
R.W.
(
1984
), “
An assessment of critical success factors
”,
Sloan Management Review
, Vol.
25
No.
4
, pp.
17
-
27
.
Butt
,
J.
(
2020
), “
A conceptual framework to support digital transformation in manufacturing using an integrated business process management approach
”,
Designs
, Vol.
4
No.
3
, p.
17
.
Charmaz
,
K.
(
2003
), “Grounded theory”, in
The Sage Encyclopaedia of Social Science Research Methods
,
Lewis
Beck
(Ed),
SAGE Publications
,
Thousand Oaks, CA
, pp.
440
-
444
.
Charmaz
,
K.
(
2014
),
Constructing Grounded Theory
,
Sage
,
London, England
.
Cheong
,
L.K.
and
Chang
,
V.
(
2007
), “
The need for data governance: a case study
”,
ACIS 2007 proceedings
, p.
100
.
University of Southern Queensland
,
Toowoomba, Queensland, Australia
.
Cooper
,
V.A.
(
2008
), “
The critical success factor method: a review and practical example
”, in
CONF-IRM 2008 Proceedings
,
Association for Information Systems (AIS)
,
Milwaukee, WI
, p.
53
.
Corbin
,
J.
, and
Strauss
,
A.
(
2014
),
Basics of Qualitative Research: Techniques and Procedures for Developing Grounded Theory
,
Sage publications
,
Thousand Oaks, CA
.
Creswell
,
J.W.
, and
Creswell
,
J.D.
(
2017
),
Research Design: Qualitative, Quantitative, and Mixed Methods Approaches
,
Sage publications
,
Thousand Oaks, CA
.
Daniel
,
D.R.
(
1961
), “
Management information crisis
”,
Harvard Business Review
, Vol.
39
No.
5
, pp.
111
-
121
.
De Haes
,
S.
and
Van Grembergen
,
W.
(
2009
), “
An exploratory study into IT governance implementations and its impact on business/IT alignment
”,
Information Systems Management
, Vol.
26
No.
2
, pp.
123
-
137
.
DeJonckheere
,
M.
and
Vaughn
,
L.M.
(
2019
), “
Semistructured interviewing in primary care research: a balance of relationship and rigour
”,
Family Medicine and Community Health
, Vol.
7
No.
2
, p.
e000057
.
Faruq
,
M.O.
and
Saidur
,
M.J.I.
(
2022
), “
Aligning FEDRAMP and NIST frameworks in cloud-based governance models: challenges and best practices
”,
Review of Applied Science and Technology
, Vol.
1
No.
1
, pp.
1
-
37
.
Gartner
(
2022
), “
Data governance frameworks and challenges
”,
available at:
Link to Data governance frameworks and challengesLink to the cited article
Glaser
,
B.
and
Strauss
,
A.
(
2017
),
Discovery of Grounded Theory: Strategies for Qualitative Research
,
Routledge
,
London
.
Healy
,
J.
(
2024
), “
Hackers may have stolen the social security numbers of every American
”,
The Los Angeles Times
.
Hundal
,
G.S.
,
Thiyagarajan
,
S.
,
Alduraibi
,
M.
,
Laux
,
C.M.
,
Furterer
,
S.L.
,
Cudney
,
E.A.
and
Antony
,
J.
(
2021
), “
Lean six sigma as an organizational resilience mechanism in health care during the era of COVID-19
”,
International Journal of Lean Six Sigma
, Vol.
12
No.
4
, pp.
762
-
783
.
ILO
(
2024
), “
Engines of development. InfoStories, the power of small: unlocking the potential for smes
”,
United Nations
:
New York
.
Jones
,
E.C.
,
Parast
,
M.M.
and
Adams
,
S.G.
(
2010
), “
A framework for effective six sigma implementation
”,
Total Quality Management and Business Excellence
, Vol.
21
No.
4
, pp.
415
-
424
.
Khatri
,
V.
and
Brown
,
C.V.
(
2010
), “
Designing data governance
”,
Communications of the ACM
, Vol.
53
No.
1
, pp.
148
-
152
.
Kowang
,
T.O.
,
Yew
,
L.K.
,
Hee
,
O.C.
,
Fei
,
G.C.
and
Long
,
C.S.
(
2019
), “
Lean six sigma implementation: Does success means sustainability
”,
International Journal of Academic Research in Business and Social Sciences
, Vol.
9
No.
6
, pp.
907
-
914
.
Lande
,
M.
,
Shrivastava
,
R.L.
and
Seth
,
D.
(
2016
), “
Critical success factors for lean six sigma in SMEs (small and medium enterprises)
”,
The TQM Journal
, Vol.
28
No.
4
, pp.
613
-
635
.
Laux
,
C.
,
Johnson
,
M.E.
and
Cada
,
P.
(
2015
), “
LSS green belt projects planned versus actual duration
”,
The Journal of Technology, Management, and Applied Engineering
, Vol.
31
No.
1
,
Lee
,
K.C.
and
Choi
,
B.
(
2006
), “
Six sigma management activities and their influence on corporate competitiveness
”,
Total Quality Management and Business Excellence
, Vol.
17
No.
7
, pp.
893
-
911
.
Li
,
N.
,
Laux
,
C.
and
Antony
,
J.
(
2018
), “
Designing for six sigma in a private organization in China under TQM implementation: a case study
”,
Quality Engineering
, Vol.
30
No.
3
, pp.
405
-
418
.
Lillemor
,
R.-M.-H.
(
2006
), “
The ‘Core Category’ of grounded theory: making constant comparisons
”,
International Journal of Qualitative Studies on Health and Well-being
, Vol.
1
No.
3
, pp.
141
-
148
, doi: .
Mahanti
,
R.
(
2021
), “Data governance and compliance”, in
Data Governance and Compliance: Evolving to Our Current High Stakes Environment
,
Springer Singapore
,
Singapore
, pp.
109
-
153
.
Marinos
,
G.
(
2004
), “
We’re not doing what?; the top 10 corporate oversights In data governance
”,
Information Management
, Vol.
14
No.
9
, p.
62
.
Mikalef
,
P.
,
Krogstie
,
J.
,
Pappas
,
I.O.
and
Pavlou
,
P.
(
2020
), “
Investigating the effects of big data analytics capabilities on firm performance: the mediating role of dynamic capabilities
”,
Information and Management
, Vol.
57
No.
2
, p.
103169
.
Mishra
,
M.N.
(
2022
), “
Identify critical success factors to implement integrated green and lean six sigma
”,
International Journal of Lean Six Sigma
, Vol.
13
No.
4
, pp.
765
-
777
.
Moser
,
A.
and
Korstjens
,
I.
(
2018
), “
Series: practical guidance to qualitative research. Part 3: Sampling, data collection and analysis
”,
European Journal of General Practice
, Vol.
24
No.
1
, pp.
9
-
18
.
Murmura
,
F.
,
Bravi
,
L.
,
Musso
,
F.
and
Mosciszko
,
A.
(
2021
), “
Lean six sigma for the improvement of company processes: the Schnell SpA case study
”,
The TQM Journal
, Vol.
33
No.
7
, pp.
351
-
376
.
Otto
,
B.
(
2011
), “
A morphology of the organisation of data governance
”, in
Proceedings of the 19th European Conference on Information Systems (ECIS 2011)
.
Helsinki
,
Finland
.
Panian
.
Ž.
, (
2010
), “
Some practical experiences in data governance
”,
World Academy of Science, Engineering and Technology (WASET) Academic Science Research Papers
, Vol.
62
, pp.
468
-
475
.
Papic
,
L.
,
Mladjenovic
,
M.
,
Carrión García
,
A.
and
Aggrawal
,
D.
(
2017
), “
Significant factors of the successful lean six-sigma implementation
”,
International Journal of Mathematical, Engineering and Management Sciences
, Vol.
2
No.
2
, pp.
85
-
109
.
Patel
,
A.S.
and
Patel
,
K.M.
(
2021
), “
Prioritization of lean six sigma success factors using Pareto analysis
”,
In IOP Conference Series: Materials Science and Engineering
, Vol.
1070
No.
1
, p.
12133
.
Pavlović
,
K.
and
Božanić
,
V.
(
2010
), “
Lean and six sigma concepts–application in pharmaceutical industry
”, in
Proceedings of the 4th International Quality Conference. Kragujevac, Serbia: Center for Quality
,
Faculty of Mechanical Engineering
,
University of Kragujevac
,
259
-
268
.
Prado
,
R.R.D.
,
Boareto
,
P.A.
,
Chaves
,
J.
and
Santos
,
E.A.P.
(
2024
), “
Agile DMAIC cycle: incorporating process mining and support decision
”,
International Journal of Lean Six Sigma
, Vol.
15
No.
3
, pp.
614
-
641
.
Prajogo
,
D.I.
and
McDermott
,
C.M.
(
2005
), “
The relationship between total quality management practices and organizational culture
”,
International Journal of Operations and Production Management
, Vol.
25
No.
11
, pp.
1101
-
1122
.
Redeker
,
G.A.
,
Kessler
,
G.Z.
and
Kipper
,
L.M.
(
2019
), “
Lean information for lean communication: Analysis of concepts, tools, references, and terms
”,
International Journal of Information Management
, Vol.
47
, pp.
31
-
43
.
Rockart
,
J.F.
(
1979
), “
Chief executives define their own data needs
”,
Harvard Business Review
, Vol.
57
No.
2
, pp.
81
-
93
.
Santos
,
M.Y.
,
e S.
,
J.O.
,
Andrade
,
C.
,
Lima
,
F.V.
,
Costa
,
E.
,
Costa
,
C.
,
Martinho
,
B.
and
Galvão
,
J.
, (
2017
), “
A big data system supporting Bosch Braga industry 4.0 strategy
”,
International Journal of Information Management
, Vol.
37
No.
6
, pp.
750
-
760
.
Schiavone
,
F.
,
Pietronudo
,
M.C.
,
Sabetta
,
A.
and
Ferretti
,
M.
(
2023
), “
Total quality service in digital era
”,
The TQM Journal
, Vol.
35
No.
5
, pp.
1170
-
1193
.
Schroeder
,
R.G.
,
Linderman
,
K.
,
Liedtke
,
C.
and
Choo
,
A.S.
(
2008
), “
Six sigma: Definition and underlying theory
”,
Journal of Operations Management
, Vol.
26
No.
4
, pp.
536
-
554
.
Smallwood
,
R.F.
(
2019
),
Information Governance: Concepts, Strategies and Best Practices
,
John Wiley and Sons
,
Hoboken, NJ
,
Sony
,
M.
,
Antony
,
J.
,
Douglas
,
J.A.
and
McDermott
,
O.
(
2021
), “
Motivations, barriers and readiness factors for Quality 4.0 implementation: an exploratory study
”,
The TQM Journal
, Vol.
33
No.
6
, pp.
1502
-
1515
.
Stankalla
,
R.
,
Koval
,
O.
and
Chromjakova
,
F.
(
2018
), “
A review of critical success factors for the successful implementation of lean six sigma and six sigma in manufacturing small and medium sized enterprises
”,
Quality Engineering
, Vol.
30
No.
3
, pp.
453
-
468
.
Strauss
,
A.
, and
Corbin
,
J.
(
1998
),
Basics of Qualitative Research Techniques
,
Sage Publications
,
Thousand Oaks, CA
.
U.S. Small Business Administration
(
2022
),
Small business economic profile: Indiana
.
U.S. Small Business Administration
,
Washington, DC
.
U.S. Small Business Administration
(
2023
),
Table of size standards
,
U.S. Small Business Administration
,
Washington, DC
Vasileiou
,
K.
,
Barnett
,
J.
,
Thorpe
,
S.
and
Young
,
T.
(
2018
), “
Characterising and justifying sample size sufficiency in interview-based studies: systematic analysis of qualitative health research over a 15-year period
”,
BMC Medical Research Methodology
, Vol.
18
No.
1
, p.
148
.
Vergidis
,
K.
,
Tiwari
,
A.
and
Majeed
,
B.
(
2007
), “
Business process analysis and optimization: beyond reengineering
”,
IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews)
, Vol.
38
No.
1
, pp.
69
-
82
.
Watling
,
C.
,
Cristancho
,
S.
,
Wright
,
S.
and
Varpio
,
L.
(
2017
), “
Necessary groundwork: planning a strong grounded theory study
”,
Journal of Graduate Medical Education
, Vol.
9
No.
1
, pp.
129
-
130
.
Weill
,
P.
and
Ross
,
J.W.
(
2004
),
IT Governance: How Top Performers Manage IT Decision Rights for Superior Results
,
Harvard Business Press
,
Boston, MA
.
Wende
,
K.
(
2007
), “
A model for data governance–organising accountabilities for data quality management
”, in
Proceedings of the 18th Australasian Conference on Information Systems (ACIS 2007)
,
Association for Information Systems
,
Toowoomba, Queensland, Australia
.
Were
,
V.
and
Moturi
,
C.
(
2017
), “
Toward a data governance model for the Kenya health professional regulatory authorities
”,
The TQM Journal
, Vol.
29
No.
4
, pp.
579
-
589
.
Williams
,
C.
(
2007
), “
Research methods
”,
Journal of Business and Economics Research (JBER)
, Vol.
5
No.
3
, pp.
56
-
72
.
Zhou
,
B.
(
2016
), “
Lean principles, practices, and impacts: a study on small and medium-sized enterprises (SMEs)
”,
Annals of Operations Research
, Vol.
241
Nos
1-2
, pp.
457
-
474
.
Alsadi
,
J.
,
Alkhatib
,
F.
,
Antony
,
J.
,
Garza-Reyes
,
J.A.
,
Tortorella
,
G.
and
Cudney
,
E.A.
(
2025
), “
A systematic literature review with bibliometric analysis of Quality 4.0
”,
The TQM Journal
, Vol.
37
No.
5
, pp.
1446
-
1470
.
Cudney
,
E.A.
,
Furterer
,
S.L.
,
Laux
,
C.M.
and
Hundal
,
G.S.
(
2023
),
Lean Sustainability: A Pathway to a Circular Economy
,
CRC Press
,
Boca Raton, FL
.
Hallberg
,
L.R.
(
2006
), “
The ‘core category’ of grounded theory: Making constant comparisons
”,
International Journal of Qualitative Studies on Health and Well-Being
, Vol.
1
No.
3
, pp.
141
-
148
.
Mohajan
,
D.
and
Mohajan
,
H.
(
2022
), “
Memo writing procedures in grounded theory research methodology
”,
Studies in Social Science and Humanities
, Vol.
1
No.
4
, pp.
10
-
18
, doi: .
Oliveira
,
D.
,
Alvelos
,
H.
and
Rosa
,
M.J.
(
2025
), “
Quality 4.0: results from a systematic literature review
”,
The TQM Journal
, Vol.
37
No.
2
, pp.
379
-
456
.
Rodgers
,
B.A.
,
Antony
,
J.
,
He
,
Z.
,
Cudney
,
E.A.
and
Laux
,
C.
(
2019
), “
A directed content analysis of viewpoints on the changing patterns of lean six sigma research
”,
The TQM Journal
, Vol.
31
No.
4
, pp.
641
-
654
.
Wendelborn
,
C.
,
Anger
,
M.
and
Schickhardt
,
C.
(
2023
), “
What is data stewardship? Towards a comprehensive understanding
”,
Journal of Biomedical Informatics
, Vol.
140
, p.
104337
.
Published by Emerald Publishing Limited. This article is published under the Creative Commons Attribution (CC BY 4.0) licence. Anyone may reproduce, distribute, translate and create derivative works of this article (for both commercial and non-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this licence maybe seen at Link to the terms of the CC BY 4.0 licenceLink to the terms of the CC BY 4.0 licence.

or Create an Account

Close Modal
Close Modal