Data governance is the orchestration of a company's staff, technologies and processes to transform data into an enterprise asset that yields business value for the organization. Data governance engages the policies and procedures specifying how decisions are made in handling data, how information resources are allocated and how accountability for results is tracked.

The analogy between governing the data in an enterprise and a system of checks and balances in a federal system of government is a useful one. Customers vote with their dollars, and those managers and executives whose messages, products and services win those dollars stay in office - keep their jobs. That is the ultimate check on the forward motion and balance of the enterprise. An executive function provides the leadership in setting priorities as to which projects, products and data initiatives have the best chance of resonating with the market. A resource allocation function determines the hurdle - prospective ROI - that must be surmounted by the executive initiative(s) to gain funding. At a high level, a compliance, monitoring, and auditing function (with a whole host of external regulatory agencies as well as Sarbanes-Oxley, HIPAA and Basel II) interpret the business practices as being consistent with the integrity and well-being of both the enterprise and customers. At an implementation level, project management keeps the initiative in line with the vision embodied in the governance model by surfacing issues and obstacles, working to resolve them or escalating to request executive intervention to stop losses. All of this, of course, is easier said than done.Because this is a short column, let's go straight to the heart of the matter. The weak link in data governance is between policy formulation and implementation. A data governance roadmap is the key to connecting the dots between the business and the technology in the IT department, which is an essential part of implementing every business process. The roadmap winds it way through policies, standards, success criteria, key performance indicators, accountability and authority, and onto business results. The best data governance roadmaps trace a route that resembles a capability maturity model (CMM) - with a couple of differences.1 The roadmap leads from the current state of enterprise data management capabilities in the direction of implementation. In contrast, a CMM leads from the heroics of the professional staff to the ideal state by means of a defined, repeatable, measurable, process of continuous improvement. Fewer heroics are good. Governance and CMM interact iteratively by means of incremental advances in capabilities enabling corresponding improvements in best practices in the implementation cycle. The roadmap moves from the cow path to the autobahn as implementation activities advance from readiness and engagement through integration to mastery. The goal is information availability - preferably with a low latency that maps to the requirements of the information demands of the business. Examples of policies that form the backbone for data governance look like this:

  • Customers are our reason for existing as an enterprise. Customer data shall be managed as an enterprise resource independent of specific applications and as a source of value for the enterprise.
  • Products (and services) are a key way the enterprise delivers value to our customers. Product data shall be managed as an enterprise resource independent of specific applications and as a source of value for customers.
  • Data integrity is one of our most important products throughout the information supply chain. Data integrity means telling the truth about what is working and what isn't, based on fact-finding and defined processes. The quality of the data must be assessed periodically at the point of capture, transmission, summarization/aggregation, and decision-making. Exceptions to quality must be documented as issues and worked through as a part of a process of continuous improvement.
  • Professional staff shall focus on innovation and business value creation, regardless of whether the IT function is out sourced or managed in house. Management is responsible for assuring that defined processes and best practices, not heroics, are used to bring solutions based on data to business issues.
  • Organizationally, an information management policy committee shall function as the equivalent of the legislative branch. It approves funding and procedural details. The information technology delivery organization shall function as the executive branch. It sees that policies and procedures are diligently designed and implemented. The auditing organization shall function as the judiciary branch of data governance. It makes the tough calls about compliance and what the policies really mean in specific real-world contexts.

Obviously, these examples are far from being a complete list.2 In addition to a structure for governance, the policies must be operationalized. If not, policies will remain an idle wheel, not moving any other part of the enterprise, in a corporate ivory tower along with the complete enterprise data model. For this reason, the roadmap was invented; and this column maintains that such a roadmap is an essential part of any data governance initiative. For example, in the life of the database administration, data administration or data management professional, heroics are common. The roadmap functions to get the professional staff off the treadmill of heroics and actually onto Figure 1. (Note that level zero, heroics, is off the lower left end of the Figure.) Initially, over-commitment is typical, and tribal knowledge and individual experience are the causes of success when success does occur (which is not often enough). The point of data governance is to move beyond heroics to a defined, repeatable, optimized process of managing the information supply chain. The staff are given permission and encouraged to tell the truth about data issues without risking dysfunctional organization behavior such as "shoot the messenger."

Figure 1: Data Governance Levels of Capability

At stage one of data governance, data modeling, master data management and reuse of data assets are incorporated into project discipline with sufficient rigor to repeat early successes with similar applications. However, processes often differ between projects reducing opportunities for collaboration between teams and reuse of data models. Information is still occasionally subordinated and functionally dependent on applications, not treated as an enterprise asset. Internal clients (users) get visibility into the project at defined occasions such as data review and acceptance of major deliverables. This allows limited participation and control.

At stage two, a standard data management process is established, documented, integrated and adopted in operating the enterprise information supply chain. Data is managed as a corporate asset. This means customer, product and other essential data dimensions are functionally decoupled from specific applications, which, in turn, can reuse these data assets. Leveraging a central repository or small set of federated repositories, metadata driven design is enabled. The data models and information represented by the metadata are able to be reused between systems, projects and applications. Quality is a function of standards. The user is able to obtain accurate and quick status updates about data integrity and availability.

Level three of data governance establishes metrics on an enterprise-wide basis to the data governance process. This may have been done on a case-by-case basis previously. Now it is done systematically. Information quality is measured as a function of objectivity, usability and the trustworthiness of data. Management establishes measurable goals and tracks progress toward them. Quality is a function of quantifiable standards. The user community is in a position to assess data management issues and risks prior to a project beginning or being implemented.

Finally, at level four, data governance enables continuous process improvement. Information quality metrics drive the design, piloting and implementation of innovative ideas. Ways of packaging the data for revenue enhancement are discovered and rolled out. When data defects show up, root cause analysis (rather than labor-intensive inspect and remove) is applied on a systematic basis. The commitment is to a data design for defect prevention. While the initial quality of some of the data captured is inevitably low, the result is "garbage in," "quality out." Collaboration between the data management professional and the user community occurs to establish a win/win relationship that looks beyond narrow departmental interests to benefit the whole enterprise and its customers. In the final analysis, "governance" turns out to be synonymous with "management" itself.


  1. It is worth noting that the maturity framework out of which the CMM emerged was inspired by Philip Crosby's book Quality is Free.
  2. For an example of what a more complete list might look like see The Politics of Information Management: Policy Guidelines by Paul A Strassmann, Information Economics Press, Connecticut: New Canaan, 1999.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access