What is Data Governance?

April 19th, 2020 | Managed IT Services, Security Policies

According to the Data Management Association (DAMA) International, data governance is a “collection of practices and processes which help to ensure the formal management of data assets within an organization.” The purpose of data governance is to construct a plan and process for ensuring data is trustworthy by controlling how it’s stored, secured, accessed, and used. However, data governance is much more than just controlling data. It involves the people, processes, and technologies needed to manage and secure data so that there is both accountability and protection. Rather than storing data aimlessly to go looking for later, data governance creates a procedure to regulate what, why, when, how, and by whom data is used. It defines who within the organization is accountable for managing business-critical data and defines the people, processes, and technology needed to do so securely and within compliance. When asked about the importance of data governance, Aldridge CIO Chad Hiatt compares internal and customer business data to inventory for product-based companies, “Would you leave the most-valuable materials unsecured?” He goes on to say, “Companies use data governance to call out the importance or value of certain types of information. Data governance helps the organization to acknowledge certain types of information are assets to the company, require appropriate handling and access control, and preserve its proprietary or entrusted value.” You wouldn’t want your most valuable data walking out the door, would you?

Difference Between Data Governance and Data Management

Data governance is the strategy and data management is the logistics. Data management is executing and supervising the plans that were created during data governance. The DAMA explains data management as “an overarching term that describes the processes used to plan, specify, enable, create, acquire, maintain, use, archive, retrieve, control, and purge data.” It is consistently committed to a data asset through the complete data lifecycle. From its creation until it is stored away, data management helps track the progress and changes of the data to construct reports for business decisions.


In order to maintain a successful data management execution, the data governance framework should be created for efficiency and accuracy. The framework will assist in controlling how the data is stored, secured, accessed, and used to ensure it will be trustworthy. DAMA created a mockup of what the framework should contain. Keeping data governance as the core, CIO.com gives us ten data management knowledge areas to incorporate.

  • Data architecture: The overall structure of data and data-related resources as an integral part of the enterprise architecture
  • Data modeling and design: Analysis, design, building, testing, and maintenance
  • Data storage and operations: Structured physical data assets storage deployment and management
  • Data security: Ensuring privacy, confidentiality, and appropriate access
  • Data integration and interoperability: Acquisition, extraction, transformation, movement, delivery, replication, federation, virtualization, and operational support
  • Documents and content: Storing, protecting, indexing, and enabling access to data found in unstructured sources and making this data available for integration and interoperability with structured data
  • Reference and master data: Managing shared data to reduce redundancy and ensure better data quality through standardized definition and use of data values
  • Data warehousing and business intelligence (BI): Managing analytical data processing and enabling access to decision support data for reporting and analysis
  • Metadata: Collecting, categorizing, maintaining, integrating, controlling, managing, and delivering metadata
  • Data quality: Defining, monitoring, maintaining data integrity, and improving data quality

These ten areas should always consider data collection, management, archiving, and use to manage trustworthiness as it relates to data governance. It’s important to note that this is not a one-time process. Data governance is a highly complex, ongoing program, and participants may begin losing trust and interest over time. To keep that from happening, start with a smaller and specific project and then slowly expand data governance throughout. This way, implementation is more manageable and mistakes can be corrected before more complex issues arise from larger projects. The steps to implementing data governance are:

  1. Define goals and understand the benefits
  2. Analyze current state and delta analysis
  3. Derive a roadmap
  4. Convince stakeholders and budget project
  5. Develop and plan the data governance program
  6. Implement the data governance program
  7. Monitor and control


The Business Application Research Center (BARC) expresses that data governance should establish methods, and create a clear set of responsibilities and processes to standardize, integrate, protect, and store corporate data. In order to do this efficiently, BARC recommends using these key goals in your strategy.

  • Minimize risks
  • Establish internal rules for data use
  • Implement compliance requirements
  • Improve internal and external communication
  • Increase the value of data
  • Facilitate the administration of the above
  • Reduce costs

Help to ensure the continued existence of the company through risk management and optimization Again, it is wise to treat these goals as ongoing processes. It should be a cycle of creating, testing, and correcting to ensure the strategy is up to date and effective.


Data governance must be done before many projects can be started. Most companies have a form of data governance for individual projects or specific departments, even if it is not consistent throughout the organization. Creating a formal process of data governance produces greater transparency with any data-related activities, which in turn increases the value of a company’s data. For the greatest benefit, it’s best practice is for a company to remain responsive throughout the process. BARC gives many clear benefits to data governance.

  • Consistent, uniform data and processes across the organization to promote better and more comprehensive decision support
  • Increasing the scalability of the IT landscape at a technical, business and organizational level through clear rules for changing processes and data
  • Central control mechanisms offer the potential to optimize the cost of data management
  • Increased efficiency through the use of synergies (e.g. by reusing processes and data)
  • Higher confidence in data through quality-assured and certified data as well as complete documentation of data processes
  • Achieving compliance guidelines
  • Security for internal and external data by monitoring and reviewing privacy policies
  • Increased process efficiency by reducing long coordination processes (e.g. through clear requirements management)
  • Clear and transparent communication through standardization


In order to have successful data governance, there is a list of principles that must be followed in every project. These principles allow for organizations to be confident with their data and promote a trustworthy approach to the program. The Data Governance Institute gives us eight principles to guide data governance.

  1. Integrity. All data governance participants must have integrity in their dealings with each other. They must be truthful and forthcoming in discussing the drivers, constraints, options, and impacts of data-related decisions.
  2. Transparency. Data governance and stewardship processes require transparency. It must be clear to all participants and auditors how and when data-related decisions and controls were introduced into the processes.
  3. Auditability. Data-related decisions, processes, and controls subject to data governance must be auditable. They must be accompanied by documentation to support compliance-based and operational auditing requirements.
  4. Accountability. Data governance must define who is accountable for cross-functional data-related decisions, processes, and controls.
  5. Stewardship. Data governance must define who is accountable for stewardship activities that are the responsibilities of individual contributors and groups of data stewards.
  6. Checks-and-balances. Data governance will define accountabilities in a manner that introduces checks-and-balances between business and technology teams, and between those who create/collect information, those who manage it, those who use it, and those who introduce standards and compliance requirements.
  7. Standardization. Data governance will introduce and support the standardization of enterprise data.
  8. Change management. Data governance will support proactive and reactive change management activities for reference data values and the structure/use of master data and metadata.


Having clear roles is crucial to every data governance program. Also, it is important that each role is appointed properly. The top-level roles must be able to communicate efficiently with each other so there are no delays or misunderstandings. Not every company is going to need every role for data governance, but there are some that are essential to all.

Steering committee

Also known as the Data Governance Council, the steering committee is in charge of setting the strategic direction for the data governance program. They create the goals and derive a roadmap to achieve them. This also includes a rough timeline of the program. This committee should establish clear principles for everyone to follow and support. Communication in this role is very important. While this may seem like a large undertaking, in many small and medium businesses, the steering committee is often made up of the CIO (either in-house or outsourced) and members of the leadership team.

  • Strategic guidance
  • Prioritization of projects and initiatives
  • Approval of data policies and standards
  • Enabling ongoing support, understanding, and awareness

Data owner

Data owners are responsible for maintaining the quality of specific data sets throughout their lifecycle. They can be members of the steering committee but they may not get a vote in program decisions. According to Morgan Templar, the responsibilities of the data owner include:

  • Approving data glossaries and other data definitions
  • Ensuring the accuracy of information across the enterprise
  • Direct data quality activities
  • Reviewing and approving master data management approaches, outcomes, and activities
  • Working with other data owners to resolve data issues
  • Second-level review for issues identified by data stewards
  • Providing the steering committee with input on software solutions, policies, or regulatory requirements of their data domain

Data steward

Data stewards are responsible for the routine oversight of a specific data set. Since they are subject matter experts (SMEs) of their data set, they are the spokesperson of their data set when it comes to making data decisions across the organization. Data stewards are responsible for:

  • Acting SME of their data set
  • Recognizing problems and collaborating with other data stewards to correct them
  • Participating in the data steward council
  • Proposing, discussing, and voting on data policies and committee activities
  • Reporting to the data owner and other stakeholders within a data domain
  • Working cross-functionally across lines of business to ensure their domain’s data is managed and understood

Why Your IT Team Should Be a Part of Data Governance

Data governance is a part of your IT strategy that needs to have a full support team to keep up to date. Rather than just a single technology solution, it is an ongoing project. An IT department is trained to handle this type of project and provide the quality data that is expected on a consistent basis. We understand that not every business has its own in-house IT department capable of managing data governance. That is where we can help. With our team of IT professionals, we will handle data governance with efficiency and productivity.