Data Governance Sucess

Data Governance: The Way Forward
Rupa Mahanti
Data Governance
Success
Growing and Sustaining Data Governance
Data Governance Success
“Whatever you may be interested in, if data governance is part of that equation for you, this book
will give you new insights, ammunition to bring back into your day to day work, and an introduction
to a community of data governance practitioners.”
—From the foreword by Dan Power, Founder and President, Hub Designs Inc.
“Rupa Mahanti’s strong engagement with questions central to the success of data governance
continues in the third volume of her comprehensive DG series. In Data Governance Success:
Growing and Sustaining Data Governance, she takes up the challenge of developing data gover-
nance practices over time through strategy, organizational structure, and effective metrics. Based
on a maturity model framework, she presents a practical approach to data governance and, through
it, a clearer path for organizations to get more value from their data.”
—Laura Sebastian-Coleman, Author of Navigating the Labyrinth: An Executive Guide
to Data Management.
“The road to a successful and enduring Data Governance practice has challenges that can impact its
effectiveness or event stop it altogether. These challenges include the resistance by some IT groups
to share the necessary information about their systems and data, or the “business as usual” mindset
that prevents workers from focusing on the enterprise and its information value chains. This book
provides a practical approach to effectively identify and address these challenges from a strategic
to a tactical perspective.”
—Andres Perez, Information Management Consultant and President of IRM Consulting, Ltd. Co.
“Implementing data governance it’s not difficult, but it is challenging. Rupa Mahanti covers a lot
of areas on what you need to know in order to implement a data governance program successfully
while navigating its pitfalls.”
—George Firican, Founder of LightsOnData.
“Nothing ever stands still, it is either growing and moving forward or it is failing. Data Governance
Success: Growing and Sustaining Data Governance is an essential tool for any organization trying
to transform its data governance into a successful, ongoing program instead of a well-intentioned,
but failed project.”
—Dr. John R. Talburt, Acxiom Chair of Information Quality at the University of Arkansas at Little
Rock, and Lead Consultant for Data Governance and Data Integration with Noetic Partners.
“I can hear readers who open this book for the first time thinking, “This book will help me figure
out how to start our data governance project.” I’m hoping that by the time they reach the end, these
same readers will be fortified by the experiential knowledge that Rupa Mahanti and her band of data
experts have imparted throughout these pages. Data has moved beyond a byproduct of the systems
that generate it to become the major driving force behind business, and indeed our own evolution.
It’s more than a project, it could very well be our salvation.”
—Jill Dyché, Author and Data Strategy Consultant.
“Segueing from data governance imperatives, strategy, and ecosystem, this volume of the trilogy
arms readers with crucial practical insight about data governance success factors, and provides
means to surmount challenges and achieve mastery.”
—Jeannine Siviy, Director, Healthcare Solutions, SDLC Partners, Co-author
of CMMI and Six Sigma.
Rupa Mahanti
Data Governance Success

Growing and Sustaining Data Governance
Rupa Mahanti
Strathfield
NSW, Australia
ISBN 978-981-16-5085-7 ISBN 978-981-16-5086-4 (eBook)

https://doi.org/10.1007/978-981-16-5086-4
© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature
Singapore Pte Ltd. 2021
This work is subject to copyright. All rights are solely and exclusively licensed by the Publisher, whether
the whole or part of the material is concerned, specifically the rights of reprinting, reuse of illustrations,
recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or
information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar
methodology now known or hereafter developed.
The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.
The publisher, the authors and the editors are safe to assume that the advice and information in this book
are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or
the editors give a warranty, expressed or implied, with respect to the material contained herein or for any
errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional
claims in published maps and institutional affiliations.
This Springer imprint is published by the registered company Springer Nature Singapore Pte Ltd.
The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721,
Singapore
Data Governance: The Way Forward
This mini-series of three volumes looks at
different aspects of data governance. The
volumes do not assume any prior or
specialist knowledge in data governance.
Data governance is an important component
of the data management discipline, and these
books should appeal aspiring information
management candidates, aspiring/current BI
and reporting analysts, project managers
heading information management projects,
business and IT consultants, especially those
involved with data, university students,
professionals in organisations from all
industries and sectors who wish to gain a
comprehensive understanding of data
governance.
To my parents,
for their unwavering support, dedication,
love and encouragement.
To my teachers and mentors,

for their guidance and patience.
Foreword by Dan Power
The final book in the series opens with a discussion of the challenges and dynamics
of data governance. Sometimes achieving success in data governance seems easier
said than done.
Data governance is an inherently political area, involving a wide range of stake-
holders and constituencies, often with divergent interests, both within and outside
of the enterprise. But there are “rookie mistakes” to avoid and best practices that
organizations can apply.
According to Gartner, about 90% of organizations fail in their first run at data
governance. A lack of executive sponsorship and uninterrupted funding are two of
the biggest reasons. Another is treating data governance as a one-off project, rather
than a long-term, ongoing program. Other challenges include lack of alignment
between the business and IT and a data strategy that does not line up with the overall
corporate strategy.
Large organizations can have thousands of different application databases, data
warehouses and other repositories, often of differing value to the enterprise. Often,
companies find it difficult to identify what is truly critical and to prioritize the many
different kinds of data.
One often disastrous challenge is when the business abdicates its responsibility
for data to IT, feeling that, since data is ultimately stored in a database, and databases
reside on computers, that this is all IT’s responsibility and does not require the busi-
ness to be involved. The reality is that strong business/IT alignment and collaboration
are required.
Chapter 2 does an excellent job reviewing and debunking common mispercep-
tions about data governance and goes on to outline several key factors for ensuring
data governance success, including strong executive sponsorship, a commitment to
success, alignment with corporate strategy, adequate training and education, and an
orientation to approaching data governance as an organizational change management
exercise first and foremost.
Creating a compelling business case and a robust data strategy are usually two of
the first tasks of the data governance organization. It is also useful to figure out if the
organization is ready to implement a data governance initiative. Some of the biggest
ix
x Foreword by Dan Power
issues arise if there is some outside pressure to do it, but the organization is showing
multiple warning signs that it is not ready.
Once the overall corporate strategy is clear, and a data strategy has been developed
that supports it, then a data governance strategy can be created to show how the
program will be conducted over its first 18 to 24 months. And the business case
for “why we need data governance” (versus what happens if we do not have data
governance) can be created as well.
The book does a good job covering data governance maturity models. There
are a number of them from different organizations, and they typically assign a one
to five score, similar to the capability maturity model (CMM) created by the U.S.
Department of Defense and now maintained by the Software Engineering Institute
at Carnegie Mellon University.
Chapter 5 describes the components of data governance and outlines a workable
framework. Start with the people component—they are the heart of a data governance
program. Different people in the enterprise will participate in different ways and
in different roles. Ideally, you are looking for people to do what they are already
doing, but to do more of it, or to change it slightly, or even just to weave it into an
enterprise-wide context where now they are doing it for a single area or department.
The operating model can be a difficult question as well. A purely centralized or
decentralized model often does not work well in today’s large, siloed organizations.
Top-down operating models work well in traditional command-and-control-oriented
organizations.
Many companies find a hybrid or federated model to work well, similar to how
the USA has a federal, state, and local level of government. Execution and imple-
mentation of data governance are done on a decentralized basis, by the people who
are closest to the action (the state and local levels). The enterprise level provides
a single point of contact and centralized accountability. It can be cumbersome and
challenging to coordinate however and requires close collaboration between several
different layers.
Data governance is a complex, challenging topic that has arisen relatively recently
in the big scheme of things. Data professionals with many years of experience are
sometimes challenged by the difficulty of successfully implementing a data gover-
nance initiative. This three-book series gives a lot of great information, models, best
practices, and approaches, making it an incredibly valuable resource for anyone new
to the discipline of data governance.
What I have found most rewarding about data governance over a thirty-three-
year career is that it continues to be challenging, interesting, and rewarding, and
I have made a lot of great friends over that time with similar interests in soft-
ware, technology, master data management, data quality, data governance, business,
management, alliances, and project management.
Whatever you may be interested in, if data governance is part of that equation for
you, this book will give you new insights, ammunition to bring back into your day-
to-day work, and an introduction to a community of data governance practitioners.
Foreword by Dan Power xi
I hope that your journey in the “data world” is as rewarding as mine has been. I
fell into it in 1987 and have never managed to escape, but it has been and continues to
be a very rewarding profession, and it continues to become more and more relevant
to our world. Good luck on your journey!
Hingham, USA Dan Power

Preface
There are no secrets to success. It is the result of preparation,

hard work, and learning from failure.
—Colin Powell
While good data is an enterprise asset, bad data is an enterprise liability. However,
in order to have good data, it needs to be managed effectively, and effective data
management requires data governance.
Companies that govern and manage their data effectively are able to achieve a
competitive advantage in the marketplace. Data governance is often viewed as “nice
to have.” However, with the increase in value of data and data being treated as an
asset, and compliance and analytics calling for better quality data and improved data
protection, data governance is a “must have.”
Data governance enables you to effectively and proactively manage data assets
throughout the enterprise by providing guidance as in “how to do it” in the form
of policies, standards, processes, and rules. It also helps in defining roles and
responsibilities to define who will do what, with respect to data.
While implementing data governance is not rocket science, it is also not a simple
exercise. There is a lot of confusion around what data governance is, and as a result, a
lot of challenges arise in the implementation of data governance. Data governance is
not a “project” or a “one-off exercise” but a journey that involves a significant amount
of effort, time, investment, and cultural changes that must be taken into consideration
to achieve and sustain data governance success.
This book entitled, Data Governance Success: Growing and Sustaining Data
Governance, is the third and the last book in the data governance series which consists
of three books as outlined below:
• Data Governance and Compliance. This first book in the trilogy sets the stage
in terms of evolution of corporate governance, laws and regulations, other forms
of governance, how data governance interacts with other corporate governance
subdisciplines, and goes on to explain how data governance helps in achieving
compliance.
xiii
xiv Preface
• Data Governance and Data Management. This second book provides the
big picture of data and data governance (data as an asset, different technical
aspects of data, data governance drivers, and benefits). It also covers interactions
with different data management disciplines and initiatives, and data governance
technology and tools.
• Data Governance Success. This final book, the one that you are currently reading,
discusses the different perceptions that individuals and organizations have in rela-
tion to data governance, the challenges in implementing data governance, and the
key factors that should be considered to ensure data governance success.
These books share the combined knowledge related to data, and data governance
that I have gained over the years of working in different industrial and research
programs, and projects associated with data, processes, and technologies. I have inter-
acted with professionals all over the world and have read many books and articles,
most of which are listed in the references.
The data governance trilogy will be highly beneficial for IT students, academi-
cians, information management and business professionals, and researchers to
enhance their knowledge and get guidance on their own specific data governance
projects.
This series is written primarily for information management professionals, risk
management professionals, compliance professionals, data quality practitioners,
information management researchers, and students looking forward to a career in
data management or governance.
In addition, this series will be useful for aspiring information management candi-
dates, aspiring business intelligence (BI) and reporting analysts, project managers
heading information management projects, business consultants, IT consultants,
university students, and researchers, and professionals in organizations from all
industry sectors who want to gain an understanding of data governance.
Data governance is often overlooked and its value is grossly underestimated. A lot
of people are highly skeptical about data governance. In order to retain interests of
such an audience, I have conducted interviews with 11 thought leaders, researchers,
and professors. Their interview responses have been included in the appendix section
of the first book of the series—Data Governance and Compliance—with an intent to
share their challenges and experiences with data governance.
Each book has a slight overlap in terms of people, processes, and metrics-related
aspects of data governance, though it is the third book that covers these aspects in
detail. The technical aspect is a major component of the second book and will be
moderately discussed in the first book in relation to compliance and is minimally
discussed in this book.
Data governance is an enterprise-wide program, and its implementation often fails
(or the program even fails to take off) due to a number of challenges and perceptions. It
is therefore important to understand these challenges and perceptions, and the factors
critical to ensure data governance success. Specifically, we need to understand the
different levels of data governance maturity, the role of strategy, data governance
organization structure, and metrics.
Preface xv
This book contains seven chapters as follows:

• Chapter 1 introduces the readers to data governance and other data management
functions in a concise fashion as these have been discussed in great detail in the
second book of the series—Data Governance and Data Management. This chapter
also presents the evolution of the data management discipline, the business drivers
for data governance, data governance benefits, and the key factors necessary for
the success of a DG program very briefly.
• Chapter 2 explores the data governance failures, perceptions, and challenges in the
implementation of data governance and the factors essential for data governance
success.
• Chapter 3 covers data governance readiness, data governance maturity assessment,
strategy in general, data strategy, data governance strategy, data governance busi-
ness case, the data governance roadmap, and the role of the chief data officer in
data governance implementation.
• Chapter 4 discusses data governance maturity and several data governance matu-
rity models, which practitioners can use as a guiding framework to baseline
their organization’s data governance maturity and set goals to move up the data
governance maturity curve.
• Chapter 5 explains the data governance framework, data governance organiza-
tional structures, policies and processes, data ownership, data stewardship, and
the different data governance operating models.
• Chapter 6 discusses the characteristics of a good data governance metric, data
governance metrics categories, guidance on choosing and documenting metrics,
and some examples of data governance metrics for practitioners to choose from,
to track their data governance program.
• Chapter 7 discusses data governance as a key success factor and the various aspects
of data governance success in a nutshell.
In case you have any questions or want to share your feedback about the book,
please feel free to email me at rupa.mahanti0@gmail.com. Alternatively, you can
contact me on LinkedIn at—https://www.linkedin.com/in/rupa-mahanti-62627915.
Strathfield, Australia Rupa Mahanti

May 2020
Acknowledgments
Writing this book was an enriching experience and has given me great pleasure and
satisfaction but has been more time consuming and challenging than I thought. I owe
a debt of gratitude to many people who have directly or indirectly helped me on my
data governance journey.
I am extremely grateful to the many leaders in the field of data governance and
related fields who have taken the time to write articles and/or books so that I and
many others could gain knowledge. The bibliography in one or more books in the
data governance book series shows the extent of my appreciation to those who have
made that effort; special thanks to Anne-Marie Smith, Boris Otto, Chisolm Malcolm,
Carlo Batini, Dan Myers, Dan Power, Dannette McGilvray, David Loshin, David
Plotkin, Doug Laney, Dylan Jones, Evan Levy, George Firican, Gwen Thomas,
Hubert Österle, John Ladley, John Talburt, Jill Dyché, Kelle O’Neal, Larissa
Moss, Larry P. English, Laura Sebastian-Coleman, Lowell Fryman, Majid Abai,
Monica Scannapieco, Neera Bhansali, Nicola Askham, Peter Aiken, Philip Russom,
Prashanth H. Southekal, Robert F. Smallwood, Robert Seiner, Richard Wang, Sid
Adelman, Steve Sarsfield, Sunil Soares, Thomas C. Redman, Todd Harbour, Tony
Fisher, Wayne Eckerson, and Yinle Zhou.
I had quite a few questions in relation to book publishing, and I am extremely
grateful to Bill Hefley, Jill Dyché, Karl Wiegers, Laura Sebastian-Coleman, Nicole
Radziwill, Sandeep Nagar, and Victor Squires for answering some of them. Many
thanks to Satish Gawade for helping me with understanding the terms of the book
contract.
Many thanks to Andres Perez, Christopher Butler, George Firican, Jill Dyché,
John Talburt, John Zachman, Laura Sebastian-Coleman, Phil Watt, Shannon Fuller,
Stan Rifkin, and Tony Epler for agreeing for an interview and sharing their unique
perspectives.
I would like to thank many clients and colleagues who have challenged and collab-
orated with me on so many initiatives over the years. I appreciate the opportunity to
work with such high-quality people.
I am very grateful to Springer for giving me an opportunity to publish this book. I
am particularly thankful to Anushangi Weerakoon for her continued cooperation and
support for this project. She was extremely patient and flexible in accommodating
xvii
xviii Acknowledgments
my requests. Her unique perspective and feedback made this book so much better. I
would like to thank Bhagyalakkshme Sreenivasan and Saranya Kalidoss for making
the production process smooth for me. Thanks to the Springer team for helping me
make this book a reality. The Springer team made the process and the experience very
easy and enjoyable. I am also thankful to the reviewers for their time and constructive
feedback that helped improve the quality of this book.
Many thanks to Jeannine Siviy for her feedback and helpful suggestions that
helped make this a better book.
I am grateful to my teachers at Sacred Heart Convent, DAV JVM, and Birla
Institute of Technology, where I received the education that created opportunities
that have led me where I am today. Thanks to all my English teachers and special
thanks to Miss Amarjeet Singh because of whose efforts I have acquired good reading
and writing skills. My years in Ph.D. research have played a key role in my career and
personal development, and I owe a special thanks to my Ph.D. guides—Dr. Vandana
Bhattacherjee, Late Dr. S. K. Mukherjee, and my teacher and mentor Dr. P. K. Mahanti
who supported me during this period. Though miles way, Dr. Vandana Bhattacherjee
and Dr. P.K. Mahanti still provide me with guidance and encouragement, and I will
always be indebted to them. I am also thankful to my students whose questions have
enabled me think more and find a better solution.
Last but not least, many thanks to my parents for their unwavering support, encour-
agement, and optimism. They have been my rock throughout my life, even when they
are not near me and hence share credit for every goal I achieve. Writing this book
took most of my time outside of work hours. I would not have been able to write
the manuscript without they being so supportive and encouraging. They were my
inspiration and fueled my determination to finish this book.
About This Book
While good data is an enterprise asset, bad data is an enterprise liability. Data
governance enables you to effectively and proactively manage data assets throughout
the enterprise by providing guidance in the form of policies, standards, processes,
and rules, and defining roles and responsibilities outlining who will do what, with
respect to data. While implementing data governance is not rocket science, it is not
a simple exercise. There is a lot confusion around what data governance is and a
lot of challenges in the implementation of data governance. Data governance is not
a project or a one-off exercise, but a journey that involves a significant amount of
effort, time, investment, and cultural change, and a number of factors need to be taken
into consideration to achieve and sustain data governance success. Data Governance
Success: Growing and Sustaining Data Governance is the third and final book in the
data governance series entitled—Data Governance: The Way Forward and discusses
the following:
• Data governance perceptions and challenges
• Key considerations when implementing data governance to achieve and sustain
success
• Strategy and data governance
• Different data governance maturity frameworks
• Data governance—people and process elements
• Data governance metrics.
This book shares the combined knowledge related to data and data governance that
the author has gained over the years of working in different industrial and research
programs and projects associated with data, processes, and technologies, and unique
perspectives of thought leaders and data experts through interviews conducted. This
book will be highly beneficial for IT students, academicians, information manage-
ment, and business professionals and researchers to enhance their knowledge to
support and succeed in data governance implementations. This book is technology
agnostic and contains a balance of concepts and examples and illustrations making
it easy for the readers to understand and relate to their own specific data projects.
xix
Contents
1 Data Governance Journey—Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 1

1.1 Data Governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Data Management Discipline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.3 Data and Its Governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Data Governance Challenges and Dynamics . . . . . . . . . . . . . . . . . . . . . . 5
2.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.2 Data Governance Failures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.3 Data Governance—Perceptions and Challenges . . . . . . . . . . . . . . . . 9
2.3.1 Vastness and Complexity of the Data Landscape . . . . . . . . 10
2.3.2 Data and Data Governance not Priorities . . . . . . . . . . . . . . 13
2.3.3 Individuals Needed on Data Governance are
in High Demand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.3.4 Collaboration Challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.3.5 Data Governance Connotations . . . . . . . . . . . . . . . . . . . . . . 16
2.3.6 Executive Buy-in and Lack of Executive
and Organizational Support . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.3.7 Costs and Budgets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
2.3.8 Organizational Culture, Politics, and Conflicts . . . . . . . . . 19
2.3.9 Restrictive Nature of Data Governance . . . . . . . . . . . . . . . . 21
2.3.10 Data Governance Perceptions
and Misunderstandings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.4 Key Factors for Ensuring Data Governance Success . . . . . . . . . . . . 28
2.4.1 Leadership and Management . . . . . . . . . . . . . . . . . . . . . . . . 30
2.4.2 Strategy and Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
2.4.3 Organizational Change Management (OCM) . . . . . . . . . . . 41
2.5 Data Governance Program—Do’s, Don’ts, Tips, and Lessons
Learnt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
2.5.1 Tailor Data Governance to your
Organization—“One Size Does not Fit
All” Approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
xxi
xxii Contents
2.5.2 Adopt a Non-invasive and Non-disruptive Approach . . . . 55

2.5.3 Accept That the Data Governance Journey will be
Difficult . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
2.5.4 Establish a Strong Base . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
2.5.5 Identification of Areas for Proof of Concept (POC) . . . . . 56
2.5.6 Get Some Quick and Meaningful Wins . . . . . . . . . . . . . . . . 56
2.5.7 Share Lessons Learnt and Success Stories . . . . . . . . . . . . . 57
2.5.8 Keep It as Clear and Consumable as you Can . . . . . . . . . . 57
2.5.9 Have a Clear Focus and Stay Focused . . . . . . . . . . . . . . . . . 58
2.5.10 Have the Right Candidates for the Data Governing
Body . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
2.5.11 Strike the Right Balance Between Opposing Goals . . . . . . 58
2.5.12 Understand the Data Governance Scope First
and Then Form the Data Governance Body . . . . . . . . . . . . 59
2.5.13 Plan for Longevity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
2.5.14 Incentivize Participation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
2.5.15 Do a Data Governance Program Health Check . . . . . . . . . 60
2.5.16 Do not Design Data Governance Without
Integrating the Key Decision-making Bodies
and Other Data Initiatives in your Organization . . . . . . . . . 60
2.5.17 Avoid Establishing Big Committees . . . . . . . . . . . . . . . . . . 61
2.5.18 Do not Take the Tick Box Approach to Satisfy
the Regulators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
2.6 Concluding Thoughts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
3 Strategy and Data Governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
3.2 Are You Ready for Data Governance? . . . . . . . . . . . . . . . . . . . . . . . . 69
3.3 Data Governance Maturity Assessment . . . . . . . . . . . . . . . . . . . . . . . 70
3.4 Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
3.5 Corporate Strategy, Data Strategy, and Data Governance . . . . . . . . 75
3.6 Data Governance Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
3.7 Building a Business Case for Data Governance . . . . . . . . . . . . . . . . 81
3.8 Data Governance Roadmap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
3.9 Data Governance Pilot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
3.9.1 Critical Data Domains and Data Sets . . . . . . . . . . . . . . . . . 88
3.9.2 The Data Function or Data Initiative . . . . . . . . . . . . . . . . . . 90
3.10 Role of the Chief Data Officer in Data Governance . . . . . . . . . . . . . 91
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Contents xxiii
4 Data Governance Maturity Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
4.2 Data Governance Maturity Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
4.3 Data Governance Maturity Model Metamodel . . . . . . . . . . . . . . . . . 102
4.4 Data Governance Maturity Models by Different Industry
Practitioners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
4.4.1 Kalido . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
4.4.2 DataFlux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
4.4.3 Microsoft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
4.4.4 Informatica . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
4.4.5 Oracle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
4.4.6 IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
4.5 Data Governance Maturity Model Proposal . . . . . . . . . . . . . . . . . . . 117
4.6 Data Governance Maturity Assessment . . . . . . . . . . . . . . . . . . . . . . . 119
4.7 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
5 Data Governance Components and Framework . . . . . . . . . . . . . . . . . . . 127
5.1 Data Governance—People, Process, and Tools
and Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
5.2 Data Governance Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
5.3 Data Governance Components—Broad Categories . . . . . . . . . . . . . 133
5.4 Data Governance—The People Component . . . . . . . . . . . . . . . . . . . 133
5.4.1 Data Governance Organization Structures, Roles,
Responsibilities, and Operating Rhythms . . . . . . . . . . . . . . 137
5.4.2 Data Ownership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
5.4.3 Data Stewards and Data Stewardship . . . . . . . . . . . . . . . . . 142
5.4.4 Data Stewardship Models . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
5.5 Data Governance—The Process Component . . . . . . . . . . . . . . . . . . . 149
5.5.1 Data Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
5.5.2 Data Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
5.5.3 Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
5.5.4 Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
5.5.5 Rules and Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
5.6 Data Governance—The Tools and Technology Component . . . . . . 159
5.7 Data Governance Operating Models . . . . . . . . . . . . . . . . . . . . . . . . . . 160
5.7.1 Top Down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
5.7.2 Centralized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
5.7.3 Decentralized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
5.7.4 Hybrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
5.7.5 Federated . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
5.7.6 Crowdsourced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
xxiv Contents
6 Data Governance—Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

6.1 Data Governance Metrics—Introduction . . . . . . . . . . . . . . . . . . . . . . 167
6.2 Desired Characteristics of Data Governance Metrics . . . . . . . . . . . . 169
6.3 Data Governance Metrics—Health Check . . . . . . . . . . . . . . . . . . . . . 174
6.4 Data Governance Metrics—Don’ts . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
6.5 Data Governance Metrics Identification and Selection . . . . . . . . . . 174
6.6 Data Governance Metrics—Categories and Examples . . . . . . . . . . . 179
6.6.1 Quantitative and Qualitative Metrics . . . . . . . . . . . . . . . . . . 179
6.6.2 Progress, Verification, and Impact/Value Metrics . . . . . . . 181
6.6.3 People, Process, Technology, and Data Metrics . . . . . . . . . 183
6.6.4 Efficiency, Enablement, and Enforcement Metrics . . . . . . 188
6.7 Data Governance Metric Documentation . . . . . . . . . . . . . . . . . . . . . . 191
6.8 Dashboard and Scorecards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
7 Data Governance Success—Concluding Thoughts and the Way
Forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
7.1 Data Governance—A Success Factor . . . . . . . . . . . . . . . . . . . . . . . . . 197
7.2 Data Governance in a Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
7.3 Evaluating Data Governance—The Journey Ahead . . . . . . . . . . . . . 200
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Appendix A: Glossary of Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Appendix B: Data Governance—Perceptions Versus Realities . . . . . . . . . 205
Appendix C: Bibliography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
About the Author
Rupa Mahanti, Ph.D. is a Business and Information Management consultant with

extensive and diversified consulting experience in different solution environments,
industry sectors, and geographies (USA, UK, India, and Australia). She has exper-
tise in different information management disciplines, business process improvement,
regulatory reporting, and more. Her research interests include quality management,
information management, software engineering, empirical study, environmental
management, simulation and modeling, and more. With a work experience that spans
industry, academics, and research, she has guided a doctoral dissertation, published
a large number of research articles, and is the author of the books—Data Quality:
Dimensions, Measurement, Strategy, Management, and Governance, Data Gover-
nance and Compliance: Evolving to our Current High Stakes Environment, Data
Governance and Data Management: Contextualizing Data Governance Drivers,
Technologies, and Tools, and Thoughts: A Collection of Inspirational Quotes. She
is an associate editor with the journal Software Quality Professional and a reviewer
for several international journals.
xxv
Acronyms and Abbreviations
BI Business intelligence
CDE Critical data element
CDO Chief data officer
CEO Chief executive officer
CFO Chief financial officer
CIO Chief information officer
CMM Capability Maturity Model
CMO Chief management officer
CRM Customer relationship management
CRO Chief risk officer
DBA Database administrator
DBMS Database management system
DCAM Data Management Capability Assessment Model
DDGO Departmental Data Governance Office
DG Data governance
DGF Data governance framework
DGI Data Governance Institute
DGO Data Governance Office
DGPC Data Governance for Privacy, Confidentiality, and Compliance
DQ Data quality
DW Data warehouse
EDGO Enterprise Data Governance Office
EDM Enterprise data management
ERP Enterprise resource planning
FAST Function Analysis Systems Technique
GQM Goal Question Metric
IAM Identity access management
IT Information technology
MDM Master data management
PII Personally Identifiable information
POC Proof of concept
xxvii
xxviii Acronyms and Abbreviations
RACI Responsible, Accountable, Consulted, Informed

ROI Return on investment
SCM Supply chain management
SLA Service level agreement
SME Subject matter expert
SSN Social Security Number
List of Figures
Fig. 1.1 Data governance tying together the data management

functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Fig. 2.1 Data governance—questions to ponder . . . . . . . . . . . . . . . . . . . . . 6
Fig. 2.2 Journey of data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Fig. 2.3 Data governance challenges and barriers . . . . . . . . . . . . . . . . . . . . 11
Fig. 2.4 Countless data stores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Fig. 2.5 DG perceptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Fig. 2.6 Data governance key factors model . . . . . . . . . . . . . . . . . . . . . . . . 29
Fig. 2.7 Data governance training and education-planning . . . . . . . . . . . . 46
Fig. 2.8 Factors influencing DG education and training requirements . . . 48
Fig. 2.9 Elements of a data governance communication plan . . . . . . . . . . 51
Fig. 2.10 Elements to be considered when tailoring data governance . . . . . 54
Fig. 3.1 Data governance readiness—warning signs . . . . . . . . . . . . . . . . . 71
Fig. 3.2 Gap analysis between as-is state, to-be state, and factors
to consider . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Fig. 3.3 Corporate strategy, data strategy, and data governance . . . . . . . . 76
Fig. 3.4 Data governance strategy—the five Ws and how . . . . . . . . . . . . . 80
Fig. 3.5 Data governance strategy, data strategy, and corporate
strategy alignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Fig. 3.6 DG business case-building blocks . . . . . . . . . . . . . . . . . . . . . . . . . 83
Fig. 3.7 Critical data domains, data sets, and data elements . . . . . . . . . . . 89
Fig. 3.8 Data management functions/initiatives and critical data . . . . . . . 90
Fig. 3.9 Data governance tying together the data management
functions and initiatives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Fig. 4.1 Maturity model structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Fig. 4.2 Capability maturity model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Fig. 5.1 Interacting components of data governance—high level . . . . . . . 128
Fig. 5.2 People, process, and technology components impacts . . . . . . . . . 129
Fig. 5.3 Typical trajectory of data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Fig. 5.4 Data governance—interaction of the people, process,
and technology components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Fig. 5.5 DG functional titles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
xxix
xxx List of Figures
Fig. 5.6 DG program structures and bodies . . . . . . . . . . . . . . . . . . . . . . . . . 138

Fig. 5.7 Data stewardship models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Fig. 5.8 Types of data stewards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Fig. 5.9 Characteristics of data policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Fig. 5.10 Data policy sections/components . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Fig. 5.11 Data governance process stages . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Fig. 5.12 DG operating models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Fig. 6.1 Data governance questions to which metrics can provide
answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Fig. 6.2 Desirable characteristics of data governance metrics . . . . . . . . . . 171
Fig. 6.3 Data governance metric measurement—high level steps . . . . . . . 176
Fig. 6.4 Maintenance of data governance metrics . . . . . . . . . . . . . . . . . . . . 177
Fig. 6.5 Considerations when choosing data governance metrics . . . . . . . 178
Fig. 6.6 Data governance metric categorization . . . . . . . . . . . . . . . . . . . . . 179
Fig. 6.7 Data governance quantitative and qualitative metrics
with examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Fig. 6.8 Data governance progress, verification, and impact/value
metrics with example metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Fig. 6.9 Data governance metrics—people, process, technology,
and data with example metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Fig. 6.10 Data governance metrics—efficiency, enablement,
and enforcement metrics with example metrics . . . . . . . . . . . . . . 189
Fig. 6.11 Dashboard platform options. Adapted from Rajan
and Hertzler (2017) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Fig. 7.1 Data governance in a page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
List of Tables
Table 2.1 Data governance communication plan template

and example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Table 4.1 Data governance maturity models—practitioners, maturity
levels, and subject areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Table 4.2 Data governance dimensions and descriptions with respect
to maturity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Table 4.3 Data governance dimensions and maturity levels . . . . . . . . . . . . 123
Table 4.4 Table format for recording the current and future state
for data governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Table 4.5 Sample table for recording the current and future state
for data governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Table 5.1 Definitions of data governance framework (DGF) . . . . . . . . . . . 132
Table 6.1 Quantitative and qualitative metrics—comparison . . . . . . . . . . . 181
Table 6.2 Data quality dimensions and metrics examples . . . . . . . . . . . . . . 187
Table 6.3 Business outcome related to data quality metrics . . . . . . . . . . . . 188
Table 6.4 Data governance metric documentation elements
and description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Table B.1 Data governance perceptions versus the realities . . . . . . . . . . . . . 206
xxxi
Chapter 1
Data Governance Journey—Introduction
Success is a journey, not a destination. The doing is often more

important, than the outcome.
—Arthur Ashe
Abstract This chapter introduces to the audience data governance and other data
management functions in a concise fashion as these have been discussed in great
detail in the second book of the series- Data Governance and Data Management. This
chapter also presents the evolution of the data management discipline, the business
drivers for data governance, data governance benefits and the key factors necessary
for success of a DG program very briefly.
1.1 Data Governance
Data governance is the exercise and enforcement of policies, processes, guide-

lines, rules, standards, metrics, controls, decision rights, roles, responsibilities, and
accountabilities to manage data as a strategic enterprise asset. Data governance
should not be confused with the technical management of data.
1.2 Data Management Discipline
With enterprises capturing and storing exponential volumes of data, data needs to be
given priority and there needs to be adequate management around the data to derive
the best value. Data management is no longer a simple discipline that existed in
the early days of computing, when data management was all about inputting values
through punch cards and storing data in magnetic tapes.
As we saw in Book 2—Data Governance and Data Management, in the present age
of computing, data management is a multifaceted discipline comprising of several
closely interacting sub-disciplines or functions, with data governance being one of
© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 1
R. Mahanti, Data Governance Success,
https://doi.org/10.1007/978-981-16-5086-4_1
2 1 Data Governance Journey—Introduction
the core functions tying together all the other data management functions as shown
in Fig. 1.1. As shown in the figure, there are different types of data—master data,
reference data, transactional data, big data, and content and records. These data need
to be managed and there are different disciplines such as master data management to
manage master data and create a single version of truth; reference data management
to manage reference data; data lakes to store and manage big data; and document
and content management systems to manage document and content. Metadata is
data about data and provides context around data with metadata management being
one of core data management discplines. As data needs to be processed and stored,
data storage and operations is the discipline that deals with storage of data. The
data needs to be modeled, linkages need to be established, and data flows need to be
established, before storage of data in repositories (for example in databases) and data
architecture and modeling are the corresponding data management disciplines. Data
from multiple heterogeneous sources need to be integrated and data integration is the
data management discipline that deals with the same. Data warehousing and master
data management are special cases of data integration. Data may need to be migrated
from one platform or data structure to another structure. This process is known as
Fig. 1.1 Data governance tying together the data management functions
1.2 Data Management Discipline 3
data migration. Data can be analyzed for decision making purposes, forecasting and
studying trends and data analytics is a data management initiative that deals with
this.
1.3 Data and Its Governance
In today’s rapidly changing digital world, with data growing out of proportions,
with new regulations coming into picture and existing regulations being revised and
having an impact on data, and good data being a key differentiator for organizations
to gain competitive advantage and stay ahead in market, robust data governance is not
optional, but an essential. Data governance empowers and facilitates good behavior
with respect to data and restricts behavior that creates risks with regard to data.
There are several business drivers and use cases of data governance including
compliance, reputation management, improving customer satisfaction, better deci-
sion making, improving data quality, data security, data privacy, data analytics, big
data, improving operational efficiency, revenue growth, mergers and acquisitions
(M&A), and partnering and outsourcing.
Generally any organization that captures, manages, and uses data has some form
of data governance in place. While all organizations have some form of governance
for individual applications or business units, the data practices lack sufficient breadth,
depth or alignment of a formal governance program, instead allowing individuals,
departments or business units to make their own rules and standards (Tucci 2010).
Conversely, formal data governance structures are characterized by established poli-
cies, processes, guidelines, practices, and defined data roles, responsibilities and
accountabilities for specific staff across the organization.
As data, industry, technologies, and compliance are evolving, data governance
is becoming even more crucial in the corporate world. The adoption of data gover-
nance is faster in regulated industries with compliance being one of the key business
drivers. However, even for non-regulated industries, the benefits surpass the cost of
establishing data governance in the organization.
Data is the lifeblood of an organization and hence needs to be managed with
care. Effective data management needs sound data governance. Effective data gover-
nance implementation has several benefits, namely, common understanding of data,
increased collaboration, zeroing in on data location, improved data quality, increased
confidence in data, improved brand protection, improved decision making, compet-
itive advantage, improved data management, improved data security, improved
compliance, improved risk mitigation, cost savings, increased revenue, support
impact analysis, and business and IT partnership.
However, data governance is fraught with challenges and false notions, and several
factors play a role in the successful implementation of data governance. These factors
include leadership and management support, commitment and alignment, change
management and cultural change, executive sponsorship, stakeholder engagement
and management, strategy and business case, skill sets, knowledge, and abilities,
4 1 Data Governance Journey—Introduction
education and training, communication and collaboration, data governance tools

and technology, data governance framework and operating models, data governance
metrics, and incremental approach to data governance. In this book, we discuss the
failure statistics, myths, perceptions, and challenges in the implementation of data
governance, and the crucial factors necessary for the success of a data governance
program.
Reference
Tucci L (2010) Why you need a formal data governance program, and how to get started.
TechTarget. http://searchcio.techtarget.com/news/1517117/Why-you-need-a-formal-data-gov
ernance-program-and-how-to-get-started. Accessed on 31 Mar 2018
Chapter 2
Data Governance Challenges
and Dynamics
Before anything else, preparation is the key to success.

—Alexander Graham Bell
I see only my objective – the obstacles must give way.
—Napoleon Bonaparte
Abstract Implementing data governance is not rocket science. However, it does

involve a significant amount of effort, time, investment, and cultural change. Data
governance is an ongoing endeavor and has several angles to it. Hence, implementing
and sustaining the initiative can be challenging and time consuming. Data governance
implementation in organizations is fraught with challenges and perceptions. It is
important to understand the data governance perceptions, the barriers and challenges
faced in the implementation of data governance programs, and the factors critical
to ensure its success. This chapter discusses the data governance failure statistics
and reasons. Challenges, perceptions, key factors and some do’s and don’ts of data
governance, tips and lessons learnt to help organizations to avoid some common
failure traps and be successful in the implementation of data governance are also
discussed in this chapter. Some of the key factors will be discussed in greater detail
in the subsequent chapters.
2.1 Introduction
Many organizations, especially highly regulated ones like healthcare, life sciences,
and financial institutions recognize that implementing effective data governance is
critical to meeting the increasing demand for high quality data, which is needed
to improve operational efficiency, strategic decision making, and meeting various
regulatory and compliance mandates and requirements. However, attaining success
in implementing an effective data governance program is easier said than done.
Here are some of the questions that come in mind when it comes to data governance
(also shown in Fig. 2.1):
https://doi.org/10.1007/978-981-16-5086-4_2
6
Why is data
Why do data
governance
governance programs
challenging?
fail?
? ?
? ?
What are barriers to ? ?
What are the
achieving data ? ?
indicators that your
governance? ? data governance
? program is dying?
?
?
? ?
? ?
?
? ? What are the DOs
What are the data ?
? and DON'Ts of data
governance critical
success factors? ? governance
What are the various

misconceptions and
myths around data
governance?
Fig. 2.1 Data governance—questions to ponder

2 Data Governance Challenges and Dynamics
2.1 Introduction 7
• What is it that makes data governance so challenging?

• What are the various data governance perceptions and myths that mislead
practitioners?
• Why do data governance programs fail?
• What are the traps to avoid?
• What are the indicators that your data governance program is dying?
• What are the elements that play a crucial role in achieving success in data
governance efforts?
• What are the do’s and don’ts of data governance?
These are some of the questions that we address in this chapter, so that you can
make the right choices when implementing data governance in your organization.
Data governance is not a destination or a one-time effort, but a journey, which
requires a structure and formal process tailored to an organization, to oversee
the management of data. This is because once you have embarked on your data
governance journey, you need processes, people, and controls to sustain it.
Implementing data governance in organizations is fraught with challenges. It
is important to understand the various data governance perceptions, barriers, and
challenges that are likely to arise during the implementation of data governance
programs, and also the factors critical to ensure its success.
In order to ensure successful data governance implementation in organizations,
it is important to understand the underlying factors that influence data governance.
In order for the data strategy to be successfully implemented in an organization,
knowledge of the key factors that help building and sustaining an effective data
governance program is desirable. In the context of a data governance initiative, the key
factors represent the essential elements without which a data governance initiative
flounders. This chapter explores the reasons behind data governance failures, the
perceptions and challenges in the implementation of data governance, and the factors
necessary for the success of a data governance program.
2.2 Data Governance Failures
It’s fine to celebrate success but it is more important to heed the lessons of failure.
—Bill Gates
Why do data governance programs fail? There are various reasons and situations
that lead to or increase the probability of the failure of a data governance program,
or may cause the initiative to struggle. First, let’s consider some statistics:
• As per Gartner’s prediction in 2006, 90% of organizations would fail in their
initial efforts toward data governance (Correia 2015).
• Symantec’s 2014 information governance survey revealed that while 74% of the
respondents had a formal, enterprise-wide governance strategy, just 20% of them
said that their strategy was very effective (Correia 2015).
8 2 Data Governance Challenges and Dynamics
• As per a survey conducted by Amitech, more than 60% of the insurance plans
have either formal data governance programs in place or in the works. However,
50% of new data governance programs fail to deliver (Amitech).
Data governance is an enterprise wide initiative that requires sustained executive
sponsorship and senior management commitment. Without a senior level sponsor to
act as a champion for data governance and provide continuous funding, an initiative
as broad reaching as data governance, is bound to fail.
There is no standard well defined and universally agreed definition of data gover-
nance (SAS). This often results in misinterpretation as to what data governance
actually is. Data governance is often incorrectly viewed as a one-off project or as
an academic exercise (SAS). As outlined by Christopher Butler, Chief Data Officer,
HSBC, UK, the focus is on data governance as a standalone objective without consid-
ering the broader business objectives and how strongly data governance can support
these (Mahanti 2021a).
Data governance objectives not being aligned to the organization’s strategic objec-
tives will cause a data governance initiative to fail. Data governance is a cross-
functional program that requires buy-in and consensus on policies from different
business stakeholders at different levels. The lack of buy-in from key stakeholders
can result in data governance programs to be thwarted right in the very begin-
ning. Difficulty in getting consensus on governance policies from various business
units/departments in the organization can considerably slow down the program.
The data governance program is not well understood, and the resourcing, effort,
and time required for implementing and sustaining data governance is often under-
estimated leading to its failure. An absence of skilled resources or a lack of sufficient
resources can be detrimental to the implementation of data governance. As per Nancy
Couture, wrong timing of data governance activities is another reason for DG failure.
Some examples are (Couture 2018):
• Getting the DG stakeholders involved too soon without anything for them to
actually do.
• Providing stakeholders with a role without any training.
• Installing data governance tools without processes and workflows designed.
• Moving ahead with data governance without a charter, scope, objectives, strategy,
roadmap or a supporting data governance office to ensure progress.
• Not publishing training and communications in relation to DG.
Data governance requires a good understanding of the data including, what the
data means, what is it used for, where is the data located, and what will be the
implications if the data is not correct. All these questions can be answered by the
subject matter experts who are also extremely busy people and have other priorities.
Failing to secure their time for the data governance initiative can significantly slow
down the initiative.
Organizations have a lot of data, but not all data are equally important, and hence
not all data are of use when implementing data governance. Failure to focus on
the “data that really matters” (Turner 2016) or critical data will result in the data
2.2 Data Governance Failures 9
governance program to fail sooner or later, as the organizations will not realize
business benefits.
There is no single, right way to do data governance, and that’s one of the reasons
it can be difficult to be successful and to make data governance stick (Couture 2018).
Every organization has its unique culture, structures, and hierarchies, and failing to
take these factors into account when designing a data governance program will result
in the failure of the program. Not having the right data governance framework and
model can also result in the collapse of the program.
Data is an enterprise asset, which is stored in data repositories, which are tech-
nically managed by the IT teams in an organization. This results in misplacing the
accountability of the data solely with IT. Business users tend to look upon data as an
IT related issue. Often, the business users and IT teams find it difficult to collaborate
on data issues (SAS). IT is not in position to outline the business rules related to the
data—the business users are the subject matter experts and the right people to define
the rules, while the IT teams are the right people to technically implement the rules.
Governance must encompass each and everybody who uses data across (and
beyond) in an organization and any mismatch will result in its failure (Turner 2016).
2.3 Data Governance—Perceptions and Challenges
Organizations struggle to implement data governance and face numerous challenges,

that either prevent the program from starting in the first place or results in derailing
the program at a later stage.
With organizations having several data producers/publishers, large number of
heterogeneous data sources, multiple data consumers for the same data, countless
data touchpoints, data residing in silos in multiple systems, and huge volumes of
data travelling through multiple systems and being massaged and transformed in so
many ways from source to target systems, an organization’s data landscape is quite
complex, and data tends to feel more like a corporate liability rather than a strategic
enterprise asset, and governing the same seems an uphill battle. See Fig. 2.2.
Dr. Stan Rifkin, Director of R&D, Master Systems Inc. in his interview tells us
that (Mahanti 2021a):
...one of the greatest challenges to successful data governance is inherent in its questions: who
owns each datum, how is each one validated, and who is responsible for each transformation
and use? These are difficult questions and few organizations have the patience to thoughtfully
answer them. So, data governance is stuck – and ignored…
In this section, we discuss some obstacles and challenges (summarized in Fig. 2.3)
that organizations face when trying to implement data governance.
Supply Chain
CRM Management
System
Data warehouse
Nomenclature
- Touchpoints
- User
- DataMart - Source System
- IT Application/ Systems - Legacy System
- Data flowing between systems
- Manual Report - System Generated Report
Fig. 2.2 Journey of data
2.3.1 Vastness and Complexity of the Data Landscape
With the large number of data sources, data repositories, data elements, and large
volumes of data (See Fig. 2.4), an organization’s data landscape is massive and
complex, and therefore overwhelming in terms of where to start, and how to approach
data governance.
It is important to have a high level understanding of your organization’s data
landscape—the data your organization holds and how the data is managed, the data
flows across the systems, the important applications and systems including sources
Vastness & complexity Data & data
Restrictive nature of
of the data landscape governance not
DG
priorities
Organizational
Linguistic barriers
conflicts
Bringing IT & business

Organizational politics teams together
Resistance to change DG Individuals needed on

and change obstacles challenges DG are extremely busy
Incomplete understanding
Executive buy-in of the term – data
governance
Lack of executive & Data governance

organizational support semantics
DG perceptions & DG has a bad

Cost and budget reputation
misunderstandings
Fig. 2.3 Data governance challenges and barriers

11
12
Order XML file

Order Customer
database
transacƟon datamart
Customer
database Employee
Employee Data warehouse datamart
database
Supplier
ApplicaƟon
database HR
Sales logs
database datamart
Enterprise
Messaging relaƟonship planning
MarkeƟng
queues MarkeƟng (ERP)
Billing datamart
database
database
Financial
Legacy Performance Customer report
Asset
systems data relaƟonship spreadsheet
database
spreadsheet management (CRM)
Product Web server

Finance
database logs
database
Fig. 2.4 Countless data stores

2.3 Data Governance—Perceptions and Challenges 13
and target systems, and the relationship between the data and systems, before you
start data governance.
The conceptual data models should be a good place to start gaining a high-level
understanding and then proceeding to the next levels (logical data models and phys-
ical data models), ironing out the details as needed. The details can be found in logical
and physical data models, file definitions, documentation, and source to target data
mapping documents.
If you are a business user, you would need the help of the technology experts
(data modelers or data analysts) to understand how data is stored. Technical business
analyst is a new role that has emerged to bridge the gap between the business users
and developers.
Understanding your organization’s data landscape will enable you to understand
the root cause of the organizational data issues, chalk out the impacts, and design data
governance effectively. Proceeding with data governance without understanding the
data landscape will result in addressing the data problem symptoms rather than the
root cause, and could result in negative impacts, as data usage is not fully understood.
This will in turn result in your data governance initiative getting a bad name.
Not all datasets and data elements in an organization have the same business value,
with some being more critical than others. However, this is often overlooked when
collecting and storing data. In addition, some data sets contain only current data,
while others contain a full history of data. So there are lots of data at varying levels
of importance, which organizations find challenging to govern. This challenge can
be overcome by identifying the critical data elements and prioritizing the business
value of the data sets to able to determine the rigour with which, data needs to be
governed, and the right governance requirements around the data.
A common governance mistake is to assume that all important data reside in
enterprise’s transactional “systems of record” and business intelligence systems such
as data warehouse and master data repository, hence, focus only on these systems.
Often, critical data are located in “data shadow systems” dispersed throughout an
organization and hence, needs to be taken into consideration from a data governance
perspective (Sherman 2011).
2.3.2 Data and Data Governance not Priorities
The importance of data and the business value, that data can provide to the organiza-
tion, are not understood by stakeholders including business executives. Hence, data
governance is often not viewed as a priority.
Organizations tend to have a prevailing culture where intuition is valued rather than
data. Such a culture is detrimental for any data initiative including data governance.
It is imperative that stakeholders understand the value of data, and view data as
a strategic enterprise asset that can provide competitive edge, and understand and
support the rationale for implementing data governance.
2.3.3 Individuals Needed on Data Governance are in High

Demand
To be successful, a data governance program requires time and input from business
users and subject matter experts (SMEs), who have in-depth understanding of the
data and key managers who can make operational changes happen. They are suitable
to play the role of data stewards and are highly-sought after resources who often
already have numerous high priority tasks assigned to them, so dedicating time for
them to work on data governance would require demonstration that data governance is
considered high priority. Therefore, it is important to first align the data governance
initiative to the organizational priority and have a strong business case for data
governance. This will provide justification for getting the required resources to spend
time on the program.
As the data governance program and the data steward role matures in the organi-
zation, the time allotted for data stewards would need to be protected so that they can
spend it on ongoing data governance work such as revising data policies, proactive
data quality management, maintaining and adapting data standards, and updating
role-based access policies as things inevitably change.
2.3.4 Collaboration Challenges
Data is an enterprise asset and data governance is an enterprise wide program that
needs collaboration across the different business units and departments in an orga-
nization. However, a large number of groups work in siloed fashion in a complex
diversified data environment across the organization, which results in challenges
in collaboration in form of linguistic barriers and bringing IT and business teams
together which are discussed in detail in the sections below:
2.3.4.1 Data Silos and Departmental Barriers
Most organizations have a complex data landscape with a lot of departmental

databases and data silos, and hence, multiple versions of truth as well as multiple
interpretations of truth exist.
The individuals who manage and use data in these departments, have processes
around the data to meet their own specific needs, and have their own interpretation
of the data in terms of definitions and standards based on the context of use. In other
words, each of these departments have developed a new language of their own, when
it comes to data and the data silos, resulting in language barriers.
For example, in a utilities company, the asset management, finance, supply chain,
and marketing departments have data silos, and each of them speaks a different
language in relation to the data they manage. However, data governance involves
breaking these data silos so that data can be managed as a strategic enterprise
asset. Breaking silos requires facilitating conversations between the different depart-
ments, which can be a challenge, as it requires breaking these language barriers. One
way to deal with this challenge is to use an employee who has worked in multiple
departments in his career, to be a facilitator to bridge the gaps, and enable effective
collaboration required for data governance.
2.3.4.2 Getting Business and IT Teams Together
Successful and sustained data governance implementation in an organization requires

a strong partnership and collaboration between business and information technology
(IT), with the business being the driver and IT playing a supporting role. However, in
most organizations, there is no clear understanding around data governance between
the IT and business leads.
In addition, there is a lot of confusion around “who is in charge of data gover-
nance?” The business feels that IT should be responsible for data governance, whereas
IT feels that data governance should sit with the business.
It is not productive to put the IT department solely in charge of data governance.
While IT is responsible for the infrastructure surrounding data including security,
storage, and back-up, and is responsible for transforming the data as per business
rules, they have no way of ensuring on their own, that the content of the data is
accurate or meets business requirements. This cannot be achieved without validation
and active participation of the business. It is the business users who use the data, know
the context and business requirements around the data—be it security requirements,
formatting requirements, or quality requirements. Hence, they are best placed to
provide the business requirements and specifications, which the IT then work with
to translate into technical requirements, and use technology to deliver the data.
However, most data governance programs revolve around the IT front, because
that’s where all the data sits, but they fail to address critical business challenges. Dr.
John Talburt, Acxiom Chair of Information Quality at the University of Arkansas
at Little Rock, and Lead Consultant for Data Governance and Data Integration with
Noetic Partners Inc. discusses the criticality of business involvement in DG success
and shares his thoughts as follows (Mahanti 2021a):
In my opinion, DG success or failure really depends on the involvement of the business side
of the house. Organizations viewing DG as an IT program are doomed to failure in both
DG and analytics efforts. The real opportunity with DG adoption is not only derived from
more effective data management but what is just as important, is getting the business and
IT engaged with each other. Even though data resides in IT systems, it is the business that
uses data to create value. In a good DG program, the business defines “what” they want
to happen with data and engage IT to help define “how” it will happen. I have seen an IT
group breathe a sigh of relief when the business actually assumed this role. Many IT groups
are overburdened with accountability for data they are not really using. Business should
be accountable for data, IT for networks and systems, and DG is where they should find
common ground.
In order to be successful, the IT and business departments of an organization

need to work closely together and build a holistic plan for data governance that
works best for the organization. As highlighted by Dan Power in his white paper,
All the Ingredients for Success: Data Governance, Data Quality and Master Data
Management, a partnership model in which the business leads data governance and
IT works in a supporting role is a healthier model. However, a harmonious working
relationship between business and IT, and some remedial “business / IT alignment”
work to rebuild the partnership between the business and IT may be required to make
this model work effectively (Power).
2.3.5 Data Governance Connotations
There are a lot of connotations around the term data governance, ranging from
disagreements over its meaning, arguments over its semantics, and bad reputation
associated with it as follows:
2.3.5.1 Incomplete Understanding of the Term
One of the important challenges with data governance is that, no one can quite agree
on, what exactly the term data governance means. There are no formal, industry-
accepted definitions for the term. As a part of a survey conducted by erwin and UBM,
respondents were presented with a set of different definitions for data governance.
As per the survey results report, 67% describe data governance as understanding
data flows across the organization, and 62% see data governance as building policies
that govern the organization around data. According to 59% of the respondents, data
governance is understanding of deployed data; 57% said it is a framework of people
and processes with responsibility for data, and 42% said data governance is about
building a glossary of data standards. 22% percent said data governance enables
business intelligence self-service. The responses reflect the wide range of opinions
on what data governance is all about, and hint at the problems that many organizations
have in implementing it (Erwin 2017).
2.3.5.2 Data Governance Semantics
Some people vehemently argue over semantics as to whether the function should be
called data governance or information governance. These semantic arguments can
result in wasting valuable time arguing, and thus preventing from making progress,
cause ‘storming’ when you need the data governance team to be ‘norming’ and
‘performing’ (Edwards 2016).
It is important for discussions to revolve around the problem statement, the scope,
and the core functions that your data governance program needs to provide, instead
of focusing on the semantics. Also, see Sect. 2.3.5.3 about naming the program
something, that doesn’t include ‘data governance’ in the name.
2.3.5.3 Data Governance Has a Bad Reputation
Data governance has a lot of negative connotations. It raises fears of red tape and
long boring meetings (Edwards 2016). Despite the real value that data governance
provides, some organizations are reluctant to implement data governance because
of past failures or bad experiences. Some organizations have tried their hand at
data governance before, and have spent a lot of time in meetings, and maintaining
spreadsheets with no visible results. These organizations suffer from the “Once bitten,
twice shy” syndrome.
As pointed out by Ashish Haruray, in his LinkedIn article, Why Failed Data
Governance Experience Is Valuable! “Everyone likes success stories but unfortu-
nately failures don’t get the press they usually deserve. There’s as much to learn
from the failures, if not more. (Haruray 2017)”
It is important to have retrospective session with all stakeholders to understand
what went well, what went wrong, and what and how things could have been improved
to chalk out the do’s and don’ts, and use the lessons learnt to design a strategy to
implement data governance.
It is important to plan how you approach data governance by looking at the chal-
lenges that only data governance can solve, and a feasible strategy for solving them
instead of pushing the data governance agenda. If using the term data governance
creates roadblocks or unnecessary resistance, it is advisable to create a program name
around the outcomes that is desired from implementing data governance, or just talk
about the desired outcomes. For example, if the challenge is to locate data in a data
warehouse, know its lineage and who owns the data, a data governance program
should be implemented with the help of a data catalog which will have details of
what data is in the data warehouse, what it means and who owns it, and its lineage,
thus making it easy to find, understand, and trust the data. Since data governance
has a bad vibe, it is better to talk about implementing the data catalog rather than
talking about data governance upfront. For example, if the goal of data governance
is to achieve improved data quality, you might name the initiative as a “Data Quality
Program” to get better buy-in and support.
2.3.6 Executive Buy-in and Lack of Executive

and Organizational Support
Any enterprise wide initiative needs clearance from the executive level and data
governance is no different. Getting executive buy-in can be challenging, as the senior
management is often occupied with bigger problems, and can fail to see the value of
data governance.
Having a clearly focused business case which talks about the specific benefits (and
not generic benefits) of the data governance implementation will help get executive
buy-in. This is because generic benefits are difficult to sell to senior management, who
want to know how data governance will help them attain their strategic objectives.
Also, it is important to have an executive sponsor who is well respected amongst
the senior management, who has clout and politic influence to get buy in for the data
governance program. The executive sponsor should be able to explain the business
case for data governance with the right intensity, focus, and level of detail, so that data
governance becomes an organizational priority. The role of the executive sponsor in
the success of data governance program will be discussed under the “Key factors for
ensuring data governance success” section in this chapter.
Despite the enterprise-wide awareness of the importance of data governance, a
troublingly large number of organizations continue to stumble because of a lack of
executive support. In a survey conducted by erwin, 42% cited a lack of executive
support, and 39% pointed to a broader lack of organizational support as obstacles to
data governance (Erwin 2017).
2.3.7 Costs and Budgets
Costs and budgets can be one of the major obstacles in the path of implementing
data governance in the organization. In a survey conducted by erwin, when asked to
identify the biggest obstacles to their data governance initiatives, 58% of respondents
cited project costs as their top issue. A lot of that concern clearly is tied to budgets
for data governance. For all the apparent enthusiasm around data governance, only
37% of the respondents had a separate budget for it. A startling 63% of respondents
stated that either they didn’t have a budget or didn’t know if they had one (Erwin
2017).
While business and other stakeholders might view data governance as an enterprise
initiative, they appear somewhat reluctant to pay their share of the tab for it. While
the business gets data governance at a high level, it is less clear on costs and the
efforts required to implement it (Erwin 2017). The role of the executive sponsor in
having budget allocated will be discussed under the “Key factors for ensuring data
governance success” section in this chapter.
2.3.8 Organizational Culture, Politics, and Conflicts
Any enterprise-wide initiative which involves significant organizational changes will

be fraught with resistance to change, organizational politics, and conflicts. Data
governance being an enterprise wide initiative is no exception to the rule.
2.3.8.1 Resistance to Change and Change Obstacles
When asked about the biggest challenge that he had ever faced in a data gover-
nance implementation, this is what Shannon Fuller, Director of Governance Advisory
Services, Gray Matter Analytics had to say (Mahanti 2021a)
Cultural change is the biggest challenge. In many organizations, there is no culture of data
ownership or active data management.
Data governance implementation necessitates changes on many different levels in

an organization. As always, change is hard, and it is human nature to resist change.
Change drives people out of their comfort zone, and can result in different reac-
tions in people, from wariness to fear of loss of identity or power. This can reflect
in a tendency to bargain for exemptions, not attending meetings, delaying endorse-
ments, and reverting back to old behavior when it comes to doing things. When asked
about the biggest challenge that he had ever faced in a data governance implemen-
tation program, some of these points are reinforced by Andres Perez, Information
Management Consultant and President of IRM Consulting, Ltd. Co. (Mahanti 2021a):
There are two “bumps” on the road that typically cause data governance derailments. One
is the resistance by IT groups to open up and share the necessary information about their
systems, practices, and data so that we can understand how the data is acquired, stored,
and used by critical applications. The other is, once DG is accepted, organizations continue
working with a “business as usual” mindset and the responsible individuals continue behaving
as they did before, failing to understand that they are no longer working for their stovepipe
team but for the enterprise across the information value chain.
While the first challenge pointed out by Andres Perez on “resistance by IT groups
to open up and share the necessary information about their systems, practices, and
data” is more due to wariness to fear of loss of identity or power, the second challenge
is more to do with reverting back to old behavior.
When asked about the biggest challenges that she has faced when imple-
menting data governance, Laura Sebastian-Coleman, Data Quality Lead, Finance
Data Governance Center of Excellence, CVS Health says the following (Mahanti
2021a):
One of the biggest challenges I have faced (in three organizations) is describing to people,
in the language of the organization, the behaviors they should adopt. This is followed by
actually getting them to change those behaviors. Unfortunately, there are obstacles to culture
change that individuals cannot always overcome. For example, IT funding models can be
direct obstacles to data quality, if those models focus solely on meeting project timeframes
and do not account for the quality of the data produced by projects.
The organizational culture needs to be oriented to be more data-driven and trans-

parent. Overlapping functions would result in the same data being used by multiple
business units which would result in a conflict of interest. There is a change in the
way how data is captured, shared, stored, and accessed to improve data quality and
data security. People are comfortable with the way they have done things for years,
but now have to learn and adapt to the new ways of operation.
2.3.8.2 Organization Politics
Organization politics can derail your data governance program. This is where
you need an influential senior executive sponsor, who can steer his way through
organizational politics, and offer leadership and management support.
2.3.8.3 Organizational Conflict
Organizational conflict over data is a big challenge. This is because data is a shared
resource and there is always a conflict along the following lines:
Conflict 1: Who pays for the data in case of issues?
Conflict 2: Once Conflict 1 is resolved, who has the final say when there is no
consensus amongst groups trying to come to decision with respect to resolving the
issue?
Conflict 3: Which team or group fixes or addresses the issue: source system team,
target system team, or the intermediate system teams?
Once data is viewed as a strategic asset, and all stakeholders understand the value
that data brings, the business function which is the most impacted by the bad data
would be willing to pay for rectifying the data issues. The following two conflicts
can be resolved by having all the relevant IT and business stakeholders to look at the
pros and cons of each option and come to a decision.
Laura Sebastian-Coleman, Data Quality Lead, Finance Data Governance Center
of Excellence, CVS Health, stresses on Conflict 1 when she states from her experience
that organizational conflict is not about who owns the data or who uses the data. The
conflict is about who has to pay if the data is not right (Mahanti 2021a).
She further explains that (Mahanti 2021a):
Conflict itself can be reduced through good facilitation; especially when this is focused on
ensuring that all the parties have as objective a view of a problem’s costs and benefits. But
what actually gets done depends largely on funding.
Shannon Fuller in his interview explained that potential organizational conflicts

from overlapping functions when dealing with enterprise data can be resolved with
the domain owner facilitating resolution, by gathering all requirements for the
respective data from constituents across the organization (Mahanti 2021a).
2.3.9 Restrictive Nature of Data Governance
Varun Pant, Director IT, Swati Consultancy Pty Ltd and DAMA Australia Secretary,
posted an interesting statement about data governance on Linkedin on August 03,
2020. He stated (Pant 2020)
Data governance is like a brake in a car - it is not there to slow you down, but enables you
to go faster, more safely.
Brakes can be viewed as restrictive, but are necessary for a safe journey, and their
appropriate application can avert accidents. However, if applied when not necessary,
can slow progress.
Data governance is about establishing policies, processes, rules, standards, and
controls around data to improve the quality of data, and ensure data security and
privacy. However, this can result in restricting accessibility and constraining people
from what they can do with the data, reduce opportunities for the user, and reduce
productivity levels (Chen 2017). For example, data that was earlier accessible, will
now require following a process, which requires several levels of approvals before
the users can get access to the same data. These processes and restrictions can be
heavy, inflexible, time consuming, and may adversely impact operational efficiency
as well as productivity. Control is important to ensure data protection and quality.
Also, privacy and security cannot be attained without controlling accessibility. Good
governance must balance security, accessibility, productivity, and enablement (Chen
2017), and ensure that processes are streamlined to minimize accessibility cycle
times.
2.3.10 Data Governance Perceptions and Misunderstandings
Reality doesn’t bite, rather our perception of reality bites. —Anthony J. D’Angelo, The
College Blue Book
With data growing at an alarming rate, the data management discipline and its
functions have also evolved and matured. Great strides have been made in the field
of data management, and it is still rapidly growing and attracting a lot of interest
worldwide across all industry sectors. However, the data management discipline
has not been immune to perceptions and misunderstandings, with their narrative
being a combination of both fact and fiction causing confusion and concern. Data
governance is a critical function of data management, and has its share of percep-
tions. Also, there is a certain degree of confusion related to it, with data governance
being considered synonymous with terms like data management, data quality, meta-
data management, data compliance, data privacy, data policies, data definitions, and
master data management.
One of the biggest challenges in implementing data governance are the misun-
derstandings and perceptions, that individuals have about data governance, that can
either lead to individuals resisting the data governance endeavor, or approaching it
in a wrong manner, or not doing it at all. These along with other misconceptions that
are related to terms, tend to mislead people when it comes to making data gover-
nance related decisions, or slow down, hinder, or put a stop to rolling out their data
governance initiatives. Let’s cover these perceptions (See Fig. 2.5).
2.3.10.1 IT Organization is Responsible for Data Governance
A common perception is that IT headed by the chief data officer is accountable and
responsible for data governance. This perception stems from the fact that data resides
in the IT architecture like database systems and file systems, and since IT teams are
owners of IT applications and systems in an organization, the perception is that, the
data held in these systems also should be owned and governed by them, and that,
IT should be made responsible for data governance. However, while IT teams are
the caretakers of the technical aspects of the data, it is the business who are the
data consumers and the subject matter experts, and who define the business rules
around data and who own the data. However, the responsibility for deploying data
governance is joint one- data governance should be primarily driven by the business
with IT in a supporting role (Loshin 2017; Mahanti 2019).
2.3.10.2 Data Governance is a Project/Data Governance is an IT

Project
Some people think that data governance is a project, while there are some who think
that data governance is an IT project. While a data governance initiative can trigger
a number of projects, data governance by itself is not a project.
The fact is that data governance is an enterprise wide continuous initiative that
encompasses all business units. Also, while IT and technology do have a role to
play in data governance from an execution standpoint, data governance is not an IT
project or even a project for that matter. Looking at it from the lens of a project would
assign it a fixed start and end date. However, data governance (once implemented) is
meant to continue as part of the inner culture or business as usual activities or daily
functioning routine of an organization.
Data governance is a continuous initiative, and while it should be able to evolve,
and dynamically adapt to the changes in business, technology and data (Chikkatur),
it does not have an end date.
DG can be done big
DGOs are the data DG is a project/ IT
bang
stewards project
DG is a published
DG is same as data
repository containing
stewardship common data definitions
DG is about compliance
IT is responsible for & meeting regulatory
DG requirements
DG is simple and DG DG is about data

straightforward to
perceptions privacy
implement
DG only works for Technology alone can

large organizations drive DG outcomes
DG is about making
DG does not work in
and maintaining
small organizations
policies
DG is the same as Data management DG should be isolated

change management related misconceptions to a business unit
Fig. 2.5 DG perceptions

23
2.3.10.3 Technology Alone can Drive Data Governance Outcomes
Some organizations have a misconception that technology can help in achieving

data governance. This misconception is more prevalent in organizations that have
purchased master data management, data integration or data quality software—or a
mix of the three—to support their data governance programs. The combination of
vendor hype and high price tags often creates false expectations, that the software will
do all the hard work, without having to deal with the people, process, and political
issues.
While technology and tools implement, manage, and support data governance,
the use of technology and tools alone cannot achieve the targeted and desired data
governance outcomes. Tools and technology play the role of an enabler and facili-
tator in data governance, and assist individuals in carrying out their data governance
responsibilities, and have been discussed in detail in Book 1—Data Governance and
Compliance, and Book 2- Data Governance and Data Management (Mahanti 2021a,
b).
2.3.10.4 Data Governance is About Compliance and Meeting

Regulatory Requirements
Since compliance is the biggest business driver for data governance, there is a misun-
derstanding that data governance is only about compliance. However, this is not true.
As seen in Chap. 2 in the second book of this series -Data Governance and Data
Management, there are other business drivers and use cases, such as big data, data
analytics, and improving data quality (Mahanti 2021b).
Data governance benefits organizations in a number of ways such as increased
operational efficiency, improved data understanding, improved data lineage, better
decision making, greater data quality, increased confidence in the data, improved
risk mitigation, and cost savings (Mahanti 2019).
Implementing data governance effectively results in an organization being capable
to comply with what is asked for by the regulators by ensuring greater data under-
standing, improved data quality, data transparency, and data traceability, with compli-
ance becoming the offshoot of the continuing data governance process. Compliance
and how data governance helps achieve compliance has been discussed in greater
detail in first book of the series -Data Governance and Compliance (Mahanti 2021a).
2.3.10.5 Data Governance is Only About Data Privacy
There is a misconception that data governance is only about data privacy. This is
not true. While, data governance is about implementing the processes, rules, and
policies around concepts of data privacy/security, inter-departmental data exchange
agreements, and improving quality of data to meet with compliance and regulatory
requirements, as well as protecting sensitive data and preventing data breaches, it is
much more than just data privacy as highlighted in the “Data governance is about
compliance and meeting regulatory requirements” section.
Data privacy and data security have been discussed in detail in Book 1—Data
Governance and Compliance and Book 2—Data Governance and Data Management
(Mahanti 2021a, b).
2.3.10.6 Data Governance is all About Making and Maintaining

Policies
Data governance is often perceived as a set of policies, that result in more work to do
on top of the work, the employees are already responsible for. This misconception
can foster attitudes that make it difficult for organizations to get people to adopt data
governance best practices (Baker and Sjoberg 2018).
This perception also leads to organizations thinking that adding another data
policy to a list of policies is all that is needed to implement data governance, while in
reality, issuing a data policy will be of little value if it is not enforced, and does not
drive the right behaviors and actions, and processes, rules, standards, and controls
are not developed in line with the policies.
2.3.10.7 Data Governance Should be Isolated to a Business Unit
Organizations sometimes make the mistake of governing data in silos, either because
they are under the misconception, that data governance should be siloed by business
units or departments, or because of a tendency to address individual data issues
arising in a particular department or business unit.
However, while confining data governance to one department or business unit
may satisfy its internal governance needs, more problems can arise as data is shared
across departments. As data is an enterprise asset and certain data entities will be
used by multiple business units and reside in their associated systems, an enterprise
wide approach to implementing data governance should be taken in a staggered
incremental fashion, by taking effective data governance processes and applicable
controls incorporated in one business unit, and extending them to others (Mahanti
2019).
2.3.10.8 Data Governance is the Same as Change Management
While data governance and change management share similar characteristics, they
are not the same.
Change management assists in solving business issues by aligning both people

and processes to initiatives that will help an organization achieve its strategic business
objectives.
Successful implementation of data governance needs significant changes in behav-
iors and hence, requires effective change management. In fact, change management
can be considered as a key factor in the successful implementation and sustenance
of data governance.
2.3.10.9 Data Governance Does not Work in Small Organizations/Data

Governance Only Works for Large Organizations
Small organizations are under the false impressions that the theory of data governance
with its enterprise wide focus and governance bodies cannot be applied to them
because of the size and the costs associated with it.
The truth is that data governance can be tailored to be implemented satisfactorily in
any organization, irrespective of the size and the industry sector. Smaller sized orga-
nizations would have fewer layers in the data governing body. Data governance can
sometimes be more effective and easier to establish in small organizations because
of lesser conflicts, easier accessibility of the decision makers, and their familiarity
with the systems and data.
2.3.10.10 Data Governance is Simple and Straightforward

to Implement
There is a general perception that data governance is simple and straightforward to

implement. However, in reality, a data governance implementation involves many
business areas and departments in the organization including people, processes, and
technology (Navigate Team 2014). There are multiple variables at play that need to
be managed and controlled, which in turn requires a signification change in ways of
working, behaviors, and attitudes.
2.3.10.11 Data Governance can be Done Big Bang
As per scientists, the universe was created with a big bang, which was a single event
that led to a chain reaction, which in turn created the universe. Many people tend
to have a similar misconception around data governance, that is, data governance
can be done big bang. This misunderstanding stems partly from the perception, that
“data governance is simple and straightforward to implement” and partly because of
the fact that data governance is not well understood, and is equated to developing
a few processes and policies, which should not take too much time and effort, and
hence can be implemented big bang.
However, successful data governance is more than just devising processes and
policies, but it is about building relationships with people to make them more accept-
able to the change, and getting employees in the organization to learn and follow the
processes and comply with the policies, which takes a considerable amount of time.
An incremental approach to governance is an optimal approach to implementing
governance.
2.3.10.12 Data Governance is the Same as Data Stewardship
While both data stewardship and data governance support the recognition of data as
an enterprise asset, they are not the same (Talburt and Zhou 2015). Data governance
is a program which deals with the creation of policies, standards, roles, and responsi-
bilities, and ensures that the right people are assigned the right data responsibilities,
whereas data stewardship refers to the activities necessary to make sure that the data
is accurate, in control, and easy to discover and process by the appropriate parties,
and it involves people who put data governance into operational practice. Data stew-
ardship is the operational facet of a data governance program that involves the actual
routine work of governing the enterprise’s data (Plotkin 2013).
2.3.10.13 Data Governance Offices are the Data Stewards
There is a mistaken belief that data governance teams are data stewards, and are
responsible for taking care of the data and resolving data issues. Data governance
office (DGO) headed by the Chief Data Officer (CDO) is a support team that facilitates
and co-ordinates activities of the various data stakeholders such as business data
stewards, technical data stewards, data owners, and working groups/committees in a
data governance program.
The DGO team brings together different data stakeholders from different business
units to facilitate discussions on different data and data governance topics such as
agreement and alignment on policies, processes, standards, and resolution of data
issues.
While the DGO team liaise with the data stewards from different business units
and applications on data issues, they themselves are not data stewards.
2.3.10.14 Data Management Related Misconceptions
In addition to the perceptions that we discussed, data governance is often confused

with data management and different data management functions. It is also confused
with initiatives like master data management, metadata management, data quality,
data storage, and records management.
These perceptions can be misleading as organizations already implementing any of
these initiatives would come to a false conclusion that they are already implementing
data governance, when in reality they are not. Some of the perceptions that can be
misleading are:
Data governance is the same as data management (Mahanti 2019).
Data governance is the same as data quality (Mahanti 2019).
Data governance is the same as metadata management.
Data governance is the same as master data management.
Data governance is the same as records management (Mahanti 2019).
Data governance is about data storage in a central repository (Iron Mountain;
Mahanti 2019).
Data management is a overarching umbrella, which encompasses a number of
disciplines or functions such as, but not limited to data governance, data quality,
metadata management, master data management, data storage and operations. Data
governance is identified as one of the core components of data management tying
together the other data management functions.
In Data Governance and Data Management (the second book of the series), we
have discussed in detail the relationship and distinction between data governance,
data management, and data quality and dispelled the confusions in relation to master
data management, records management, metadata management, and data storage in
central repositories.
2.4 Key Factors for Ensuring Data Governance Success
Implementing data governance is not rocket science. However, it does involve a

significant amount of effort, time, investment, and cultural change. Data gover-
nance is an ongoing endeavor. It has several dimensions to it, and implementing
and sustaining the initiative is challenging and time consuming.
The key factors for achieving and sustaining data governance in an organization
can be grouped under three affinity classes:
• Leadership and management;
• Strategy and execution; and
• Organizational change management (OCM).
Leadership drives strategy as well as change. The model in Fig. 2.6 illustrates
the key factors under the different affinity classes for achieving and sustaining data
governance in an organization and the relationships between the different affinity
classes. There are 13 factors that have a crucial role to play in the successful imple-
mentation of data governance in an organization. While “stakeholder engagement
and management” falls under the OCM group, it intersects all the other groups, with
2.4 Key Factors for Ensuring Data Governance Success 29
Fig. 2.6 Data governance key factors model

leadership, management, and executive sponsors being stakeholders involved in data

governance strategy formulation and execution.
It is important to take all these factors into account when embarking on imple-
menting a data governance program in your organization to ensure that you achieve
success.
2.4.1 Leadership and Management
Leadership and management have a crucial role to play in the success of any enterprise
wide initiative or management program and the same applies for a data governance
program. The various dimensions that influence and play a role in the success of a
data governance initiative can be grouped into three heads:
• Support and commitment;
• Alignment; and
• Executive sponsorship.
2.4.1.1 Support and Commitment
Leadership and management support, and commitment is a crucial element in the

successful deployment of a data governance program. An enterprise wide initiative
like data governance needs to be driven from the top. In the words of Dan Power, “If
the “top of the house” isn’t there yet, you won’t get too far with your data governance
implementation,” (Power 2015).
Andres Perez, Information Management Consultant and President of IRM
Consulting, Ltd. Co. mentions leadership as the most important factor for the
successful implementation of data governance in organizations. He says (Mahanti
2021a):
There must be a business (not IT) leader that helps other business leaders understand that
information has values when applied and has cost when defined (planned), acquired, stored,
and disposed of. This individual must understand the critical pain points across business
areas and must be able to relate it to others.
A firm commitment and consistent support from leaders and management is

required for a successful data governance program and to realize the goals it is
set to achieve. It is essential for the leadership to emphasize the importance of adher-
ence to policies, processes, and standards of a data governance program. The top
management should also ensure that the data governance implementation achieves
its projected results, and that continual improvement is taking place in the organi-
zation. It is important for the leadership to be motivated, committed, and visionary
(Bhansali 2013).
Data governance involves significant changes in how organizations operate. It

also involves changes in the attitudes and behaviors of an organization’s employees.
The overall leaders are the individuals who influence attitudes and behaviors through
their position and personality (Mahanti 2018).
A change in culture is essential to make the shift from organizational silos and
from viewing data as a department asset, to viewing data as a strategic enterprise asset
that crosses departmental boundaries, and is shared across organizational boundaries.
This kind of cultural change needs to be driven by the leaders in the organization.
With the massive changes wrought by data governance, there will certainly
be resistance to change, which requires dispelling doubts, and providing constant
support, encouragement, and monitoring from the leaders and senior management
to counter and overcome that resistance and surge forward. The senior management
needs to understand, emphasize, and communicate the importance of data and data
governance, fully support and approve of the initiative, and generate confidence and
faith in the initiative. They need to go beyond departmental barriers, and drive cultural
changes to steer the organization towards a data driven culture and drive enterprise
wise commitment to the data governance program. They need to encourage and
support other management roles to demonstrate commitment to data governance so
that it has a cascading effect in the organization.
The senior management should communicate to the employees that data gover-
nance is an important objective. The message should be clear that leadership views
it as an important parameter in its business. The senior management should ensure
that there are suitable staff in data governance roles to drive the initiative effectively,
set expectations, and inspire individuals.
There should be involvement from the leadership when there are holdups in the
progress of the data governance program. The management should also conduct
periodical assessment on the progress of the data governance program.
2.4.1.2 Alignment
Leadership and management alignment at all levels are critical to the successful
implementation of data governance in an organization. Misalignment and disagree-
ment amongst the leaders result in stagnation of a data governance program.
The leaders and management need to align and agree on what data governance is
set to achieve for the organization (Mahanti 2018). This includes agreement on:
• Business case for data governance.
• Mission, vision, and objectives of the data governance program.
• Leadership accountability for data governance.
• Challenges and roadblocks to overcome in rolling out data governance in the
organization, and ways to overcome the same.
• Definition of data governance success.
• Accountabilities, roles, and responsibilities for delivering data governance results.
If the leaders are not aligned, they will end up sending mixed messages to their
subordinates, which can lead to resistance, and sooner or later disrupt the data gover-
nance progress (O’Neale 2015). Hence, it is important to identify the disconnects
and conflicts from the start to the end of the program, and address and resolve them
as quickly as possible to ensure continued unified support for the data governance
program.
2.4.1.3 Executive Sponsorship
As highlighted by Gartner Research VP, Svetlana Sicular, an executive sponsor

ensures that blockers obstructing the progress of a data governance initiative are
removed and that an organization’s data governance program gets visibility across
the organization (Davis 2016).
An active executive sponsor is critical to the success of an enterprise wide cross
functional program like the data governance program, which requires investments in
people, processes as well as technology. Without an executive sponsor, an organiza-
tion cannot make much progress with data governance and will flounder sooner than
later (Davis 2016; Mahanti 2018).
It is extremely critical to choose the executive sponsor carefully, as he needs to
be committed to supporting the data governance program, be involved in the data
governance journey for the long haul, and not bail out when challenges arise.
Without commitment, an involved executive sponsor would only pay lip service
to the data governance program without backing up the initiative with the resources,
budget, or political influence that is needed for it to be successful.
Without involvement, a committed executive sponsor becomes an absentee cheer-
leader. It is important to understand the seniority of the executive sponsor in the
organization, the respect he or she commands in the senior management ranks, the
business functions the executive sponsor represents, the benefits these functions will
derive from the implementation of the data governance initiative, and the relative
power of those business functions in the organization. Understanding these elements
will help to determine the interest, abilities, and degree of influence, the executive
sponsor will have in routing the data governance initiatives through competing initia-
tives, and organization politics, and getting buy in and support for data governance
from the other executives in the organization. In addition, data governance programs
need the involvement from multiple stakeholders who have their own interests and
problems, which can stop the data governance program from moving ahead. The
executive sponsor needs to have good interpersonal skills, have sufficient authority,
and political clout to be able to clear such roadblocks.
It is important to have a senior executive as a sponsor for the data governance
program, because a data governance initiative involves enterprise wide change, which
is disruptive. The lower or middle level management will not have the power or
political standing needed to influence and sustain the organization change wrought
by data governance.
The executive sponsor needs to be able to communicate the value proposition

and scope of data governance at different management levels in an organization,
set expectations with regards to the support and involvement required from key
stakeholders and senior management, and respond to their queries regarding the
initiative (Mahanti 2018).
A good executive sponsor will provide strategic direction to the initiative, clarify
business priorities, and remove internal roadblocks. Also, continued executive spon-
sorship across both business and IT is essential to implement and sustain effective
data governance. In order for an organization to be able to recognize the permanent
nature of a program such as data governance, sustained sponsorship is necessary.
Generally, data governance is a part of a data quality initiative or is combined
with data quality initiatives, in which case the data quality program sponsor would
be the data governance sponsor too.
2.4.2 Strategy and Execution
Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise
before defeat. —Sun Tzu
Strategy and execution (that is tactics) play an important role in the success of a
data governance program. The various dimensions that influence and play a role in
the success of a data governance initiative can be grouped into six heads:
• Strategy and business case;
• Skill sets, knowledge, and abilities;
• Data governance framework and operating models;
• Data governance tools and technology;
• Incremental approach to data governance; and
• Data governance metrics.
2.4.2.1 Strategy and Business Case
A robust strategy plays a critical role in providing appropriate direction to achieve

success in data governance implementation. The corporate objectives in the corporate
strategy should be mapped to the data necessary to achieve them. The data strategy
should have objectives that align with corporative objective(s), and should also have
a prioritized list of data initiatives to achieve these objectives. Data governance
should be in the prioritized list of data initiatives in the data strategy. A strong data
governance strategy is critical to the successful implementation of data governance
in an organization, and provides the foundation for building the data governance
program implementation plan (Mahanti 2018).
The data governance strategy should align with the organization’s corporate
strategy as well as the organization’s data strategy. The data governance initiatives
should align and integrate with the other data intensive initiatives being implemented
in the organization to avoid conflicts and achieve maximum business value. The
data governance strategy should state the future data governance vision and have a
strategic roadmap outlined and realistic milestones set to achieve the vision (Alder
2005). There should be a strong business case for data governance outlining the costs,
value proposition, risks, and benefits.
An organization’s strategic business objectives and future direction, their data
and application landscape, regulatory landscape, business impact of data issues, what
value they want to derive from their data, size of the organization, organization struc-
ture and hierarchies, organization culture, current data maturity and their readiness to
achieve higher maturity levels should be taken into consideration when designing the
data governance strategy. We will discuss more on strategies in Chap. 3 and maturity
models in Chap. 4.
2.4.2.2 Knowledge, Skill Sets, and Abilities
Data governance is an enterprise wide cross functional effort and involves many
stakeholders at different levels across different business units across the organiza-
tion. A mix of roles and responsibilities are also required. The roles and responsi-
bilities drive the knowledge, skill sets, and competencies required. Hence, a variety
of knowledge, skills, and expertise distributed across teams are needed for a data
governance initiative to be successful—namely, technical skills like data quality,
data analysis, data assessment, data architecture, data modeling, data stewardship,
data governance knowledge, data life cycle management, and good business knowl-
edge of data. In addition, soft skills—like leadership, communication skills (both
verbal and written), excellent writing, presentation skills, influencing, prioritization,
negotiation, facilitation skills, inter-personal skills, diplomacy, ability to manage
conflicting priorities, persuasion skills, stakeholder management, and organizational
skills are also required. For example, achieving cultural change would need these
skills. Also, with a rise in multinational organizations with operations across the
globe, which requires working across remotely located teams, soft skills become
even more important to ensure effective collaboration and achieve desired results.
People involved at the top level decide governance policies and translate them into
objectives and rules of engagement for the lower level teams to follow as they build,
monitor, and manage individual data controls (CIOReview 2016; Mahanti 2018).
A good knowledge of the source systems and target systems is also required. It is
essential to know where data resides in the organizations. This is why you need to
enlist in-house subject matter experts to be involved in the data governance program.
This is because, while it is possible to recruit individuals with knowledge and experi-
ence in data governance implementation and associated tools and technologies, they
would not have the knowledge of the intricate details of the organization’s data land-
scape, systems, business processes creating and using the data, and business rules
governing the quality and usage of the data.
Dylan Jones, Founder of Data Quality Pro and Data Migration Pro, in his article
“Data governance: The perfect marriage of soft and hard skills?” provides a list of
soft skills cited in interviews with data governance experts (Jones 2016), which show
that data governance, data quality, data stewardship knowledge, data communication,
coaching, and change management skills are very important in a data governance
program. This is illustrated in the interview responses, which state that considerable
amount of time is spent by interviewees in training people on data governance and
data quality, briefing senior management on their role and responsibilities as data
stewards, and demonstrating a range of formats to report data quality issues (Jones
2016).
In response to the interview question on which skill sets, expertise, and knowledge
are important in the implementation of data governance, Jill Dyché, Principal, Jill
Dyché, LLC. states, (Mahanti 2021a)
“At minimum, I’d say the necessary skills fall into three buckets.
1: Business analysis: Every company needs data-conversant analysts who can define data
requirements and tie them back to business requirements and strategy.
2: Data stewardship: Tactical data stewards can ensure that data quality, metadata, data
modelling, and data deployment are formal processes using best-of-breed toolsets.
3: Platform specialists: Whether you’re relying on a legacy data warehouse or a newfangled
big data in the cloud platform, there should be an understanding of the data’s sources and
destinations. Designating specific platforms for specific purposes leads to trustworthy data.”
In short to be successful at data governance, an organization would need a mix

of individuals with varying skill sets. There should be a group of individuals who
understand the business context of the data (why is the data needed, what is it used
for, are there any specific scenarios when the data would not be populated, and what
is the impact if the data is incorrect, incomplete, or not available in a timely manner).
These fall under the class of business analysts, subject matter experts and business
stewards. There should be a technical group who have understanding of the code and
are able to provide the data sources and the destinations and the technical rules used
to transform and store data. Another class that is becoming popular is the technical
business analyst, who bridge the gap between the business analysts and the technical
group. These individuals have data analysis and data modeling skills. They have an
understanding of the metadata and understand the data, but might not have indepth
technical knowledge to verify implementation details or indepth business knowledge
to have full understanding of all the business requirements in relation to the data. In
addition, to these roles, communication, coaching, and change management skills
are necessary, and an organization would need a change management team to ensure
smooth data governance implementation and sustenance.
2.4.2.3 Data Governance Framework and Operating Models
When asked about the role of data governance framework and data governance oper-
ating models in the successful implementation of data governance, this is what Jill
Dyché, Principal, Jill Dyché, LLC. had to say (Mahanti 2021a)
Critical. Data governance frameworks and delivery models help to not only define data
governance, but also establish its boundaries and success measures. If delivery models are
absent, data professionals can end up ‘going rogue’ and fixing things that aren’t broken.
Frameworks keep people on track and ensure that there’s a delivery pipeline.
A data governance framework with roles and associated responsibilities, author-

ities, decision rights, policies, processes and standards, ownership, and stewardship
defined in the context of the organization is crucial to the success of a data governance
program. The data governance framework needs to be integrated effectively into the
organization, otherwise, individuals and groups will revert back to their old behavior
and previous ways of operation. Roles and responsibilities form an integral part of
a data governance framework, and unless responsibilities are assigned to integrate
and embed the framework, an organization will not be able drive the right behaviors,
and nobody will adopt the new way of doing things (Askham).
When asked about the keys factors for ensuring data governance success, Andres
Perez, Information Management Consultant and President of IRM Consulting, Ltd.
Co., stated, organizational structure as the second most important factor in the
successful implementation of data governance (Mahanti 2021a).
Data governance involves multiple stakeholders and rules of engagement, as in
how these people should work together should be defined. Data governance will
require different levels of roles. The individuals who will be involved in setting the
vision, business objectives, and strategy will be different from the set of individuals,
who will be defining roles and responsibilities, who will in turn be different from the
individuals, who would be operationalizing data governance.
The roles, responsibilities, and decision rights at different levels (executive,
strategic, tactical, and operational) in relation to business, organizational, and tech-
nical aspects need to be defined clearly, with appropriate segregation of duties
(Mahanti 2018) and conflict resolution process in place. The data governance working
groups, committees, councils and their membership, authorities, responsibilities, and
relationships to other groups, the operating model, and operational rhythm also need
to be defined. These have been discussed in detail in Chap. 5.
While roles may vary slightly, the core roles have been discussed in Chap. 5.
Organizations need to be rigorous about defining roles and assigning specific respon-
sibilities to individuals involved in data governance to enforce accountability (Wu
2007, 04). There should be no ambiguity around definition of roles, responsibilities,
and accountabilities to avoid confusion regarding expectations.
George Firican, Director of Data Governance & Business Intelligence at UBC
DAE and Founder of www.lightsondata.com, when asked about the role that
governance organization structures play in the successful implementation of data
governance in an organization, stated (Mahanti 2021a)
Data governance has its share of politics and change management struggles. The program
structure needs to be shaped in such a way so as to best address these struggles and mitigate
the risks associated with them.
Since data governance touches data owned and used by different business units in
an organization, it is essential to establish cross-functional data governance bodies
who work together to ensure that data is handled efficiently as well as to ensure data
quality.
Businesses should assume the ownership of the data and take the lead in driving
data governance. Ownership of data does not mean that the data belongs to an indi-
vidual or department, but it refers to the final accountabilities with regards to data
such as quality, and decision in case of conflicts regarding data. This is appropriate,
since the data in due course exist to serve the business, and the business is the primary
beneficiary of effective data governance (Panian 2010).
Data governance policies are one of the components in the data governance frame-
work and are necessary to manage data governance operations. Without well defined,
practicable, and enforceable data governance policies around data governance struc-
ture, data quality, data access, data usage, data retention, and data archival, it is not
possible to succeed in your data governance efforts as chances are high that your data
will not be governed and managed effectively. Policies are like rulebooks but unless
they can be consumed as requirements, and if there is no way to enforce them, they
are useless.
Data governance involves a large number of stakeholders at different levels and
from different departments in the organization, so data governance policies should
be written in a way so as to project a coherent vision to all these stakeholders, and
provide a framework of overarching governance.
Creating and maintaining effective data governance policies which drive
processes, guidelines, rules, and standards, and which can be understood and
translated into actionable items, and adhered to by the whole organization, is crucial.
Data governance policies are documented set of guidelines for warranting the
formal management of an organization’s data in a consistent, collaborative, and coor-
dinated fashion so as to derive maximum business value from data while minimizing
the risks.
Data governance policies also set limits on who can and should do what with the
data, and what should not be done to and with the data. Hence, unless these policies
are correct and clear, you will not have the right governance around data assets.
Also, the policies should be reviewed at regular intervals, and revised if necessary,
to ensure that it reflects the current needs of the organization and stakeholders, and
are compliant with the internal and external regulations.
Practicable and enforceable data governance policies foster greater accountabili-
ties and define parameters for operational activities related to data (Mahanti 2018).
An effective data governance policy drives process, guidelines, standards, and rules
that results in availability of high quality organizational data, which in turn leads to
better management of business operations and supply chains, and improved efficien-
cies in marketing and customer relationship management (CIO Review 2016). We
will discuss more about data governance policies in Chap. 5.
2.4.2.4 Data Governance Tools and Technology
To help manage organizational data and to ensure that it meets regulations, data gover-
nance tools should be used to streamline your data governance processes quickly
and easily. Tools and technology provide support, and facilitates the people and
processes aspect of data governance through automation, scaling, and augmentation.
Data governance tools and technologies cannot be used as plug and play, and by
themselves cannot achieve data governance outcomes for you.
While data governance tools are not a replacement for an organization’s data
governance system, they offer capabilities that support the administrative tasks and
processes of data stewardship. These tools support the creation of data policies,
manage workflow, provide monitoring, and measurement of policy compliance and
data use (Peyret and Goetz 2014).
Data governance tools and technologies can form an important part of an overall
data governance strategy and implementation as they can automate repetitive activ-
ities and processes. Hence, the use of data governance tools can improve the
productivity of the data governance program and reduce operational costs.
There are several data governance tools available from different vendors in the
market, and tool selection should be made based on the business requirements and
use cases, and the capabilities of the tool to meet those requirements and use cases
(Mahanti 2018). Some vendors providing data governance tools are Collibra, Infor-
matica, Datum, IBM, Oracle, Infogix, Global IDs and SAP. Chapter 4 in the second
book of this series-Data Governance and Data Management, discusses the various
components and aspects of data governance, that can be facilitated by technology and
tools, the readiness checks to be performed before exploring the market to purchase
a data governance tool, as well as the different players in the market, that provide
tools for supporting data governance (Mahanti 2021b).
2.4.2.5 Incremental Approach to Implementing Data Governance
The issues addressed by data governance are wide-ranging, ranging from arbitration
of cross-functional data usage (Dyché and Nevala 2017) to compliance requirements
around data quality, data privacy, data security, data access, data retention, and data
usage.
As a result, governance initiatives endeavoring to address a range of enterprise
needs in one big bang are quickly crushed by role confusion, prioritization argu-
ments, “emergency” development projects, resourcing constraints, bandwidth issues,
productivity questions, and a resistance to change (Dyché and Nevala 2017).
The big bang approach quickly turns data governance into a major project that
requires a lot of time and resources (Askham). Business users need to play an active
role in data governance, but they have their own daily chores and responsibilities.
Implementing data governance big bang will be disruptive, and may result in creating
a whole set of new responsibilities on top of already existing responsibilities, require
additional time, and getting resources allocated will be an uphill battle from the very
start.
To avoid risks of failure, to be less disruptive, and less resource intensive, an
incremental approach to data governance is recommended. The data governance
work should be broken into manageable chunks of firmly scoped initiatives having
clearly articulated business value and sponsorship (Dyché and Nevala 2017).
There should be a short-term and long-term roadmap in place, which shows key
milestones and the different initiatives that are to be implemented. The order in
which these initiatives will be executed would be based on the business priority.
This will showcase the business value of data governance which is necessary for
the success of data governance effort. It would also help in getting support and
acceptance for the initiative, and establish the momentum needed to sustain the data
governance program, as well as enable people to use the learnings and experience
from these initiatives to better implement the next initiative by making corrections
and adjustments as needed, and will allow your organization to realize the short-term
and long-term benefits of a data governance program.
While an incremental approach takes more time, it brings about business support
by establishing the value of governance in a context relevant to each stakeholder
or sponsor. Also, a phased approach establishes data governance as a repeatable,
core business practice, and process rather than a standalone “once and done” project
(Dyché and Nevala 2017).
2.4.2.6 Data Governance Metrics
Management thinker, Peter Drucker was often seen to be quoting the following
axioms:
You can’t manage what you can’t measure.
If you can’t measure it, you can’t improve it.
Effective measurement is a fundamental element of any successful contin-

uous improvement program, and data governance being a continuous improvement
program is not an exception. Data governance is a long-term initiative, and in order
to sustain it and maintain momentum, it is important to define metrics to track the
progress and effectiveness of data governance, in terms of costs saved or revenue
generated, and socialize the results calculated.
It may look difficult, but as stated by Gartner Research VP, Svetlana Sicular,
“it is essential for organizations to quantify their data governance results, though
doing the same would appear to be a difficult exercise” (Davis 2016). Stakeholders
and executive management want to see quantifiable results early on and at regular
intervals, and in the absence of quantifiable results, funding is like to stop.
Relevant metrics helps assess out the effectiveness of the data governance imple-
mentation as well as its progress. It also enables improving and controlling the same.
It enables you to demonstrate to your executive sponsors and stakeholders, that you
are attaining the objectives set forth in the data governance use case. Metrics that
bring you closer to the objective should be assessed, monitored, and the process for
capturing and reporting metrics should be defined and established.
It is important to understand the benefits of attaining the objectives. These might
be cost savings, a reduction in data issues, shorter lead times, and improvements in
user satisfaction. All these indicators should be actively monitored, and the results
regularly shared with the wider organization.
If the purpose of your data governance business use case is improved data quality,
then your metrics should be based on data quality improvements along the relevant
data quality dimensions like accuracy, consistency, timeliness, and currency.
It should be understood that measurement and metrics are not the end, but a means
to achieving the end goal. The goals and targets should be measurable. The results
of measurement are just the starting point of the improvement plan.
A sound measurement framework with periodic assessments of milestones
achieved, benefits, and value provides visibility to the stakeholders on the progress
and contribution of data governance in creating business value. It also helps in
maintaining interest in the data governance program and retaining support of the
stakeholders, to ensure continuity of the program.
Depending on the area of focus and goals of the data governance program and the
outcomes the organization wants to get out of the program, specific metrics would
need to be defined and analyzed to measure the success of the program. While defining
metrics, one should remember that over analysis leads to paralysis and hence, it is
best to avoid defining too many metrics. Only metrics that will be meaningful to
the business, that add value, and are able to drive improvement decisions should be
used. The proposed metrics and the process for capturing and reporting metrics should
be reviewed, agreed, and approved by the stakeholders. This will help validate the
“what” and “how” of measurement, and result in prevention of mistakes of measuring
the wrong things, or measuring the right things in the wrong way.
Chapter 6 covers the characteristics of good data governance metrics, data gover-
nance metric categories, data governance metric documentation, and some examples
of data governance metrics that will give you guidance when choosing metrics to track
your data governance program. Chapter 6 also covers dashboards and scorecards in
brief to visualize and present metrics.
2.4.3 Organizational Change Management (OCM)
Organizational change management (OCM) has a crucial role to play in the successful
implementation of data governance in an organization. The various OCM factors that
influence and play a role in the success of a data governance initiative are as below:
• Stakeholder engagement and management;
• Cultural change and change management;
• Training and education; and
• Communication and collaboration.
2.4.3.1 Stakeholder Engagement and Management
Appropriate stakeholder coverage, buy-in, and support of stakeholders is required to

achieve success in data governance (Mahanti 2018). If stakeholders are not engaged
and involved, they are less likely to accept the changes brought about by data gover-
nance, and would see such changes as an imposition. Stakeholders should be engaged
early on, the data governance value proposition should be sold to them, expectations
should be set, and relationships should be built with the stakeholders to get data
governance buy-in and acceptance, reduce resistance to change, and build a trusted
partnership.
The stakeholders are influential people who can benefit from data governance,
promote your project to others within the organization, and provide support and feed-
back (Davis 2016). All the stakeholders should be identified and engaged to ensure
that the program is effective. Data governance involves all business units/departments
in an organization that touch data; those who create/capture/acquire it, administer
it, process it, consume it, store it, and analyze it. For a data governance program
to succeed, stakeholders from the different business units/departments should be
involved and convinced of the value that data governance can provide (Speare 2017).
Creating a data governance program behind closed doors with just a select few
participants is most likely to fail.
Organizations generally have overlapping functions to lesser or greater extent to
support operations in the most efficient way. The extent of overlapping functions is
driven by the complexities of the business environment. It is important to identify
overlapping functions and the impacted stakeholders early on, in a data governance
initiative, and engage them to set the scene and understand possible conflicts and
segregate duties appropriately. Doing so will eliminate unpleasant surprises and
minimize/mitigate (if not eliminate) roadblocks and resistance later in the life of
the data governance initiative.
You would need subject matter experts within different business units to take up
data stewardship responsibilities. These responsibilities are likely to be viewed as an
overhead, hence, it is important to illustrate the specific pain points that data gover-
nance is trying alleviate or eliminate, and the specific benefits of implementing DG,
rather than generic benefits and pain points, in such a way that stakeholders under-
stand “what is it in it for them”. This is because stakeholders are able to empathize
with “what is it in it for them” rather than a generic benefit or pain point. Selling data
governance to stakeholders is the key to initial stakeholder acceptance. The stake-
holders should also be involved to participate in the design of the data governance
framework design so that they are able to contribute and voice their concerns. This
increases transparency. Also having them alongside throughout your data governance
journey would pave a path to a smoother implementation when the time is right.
Stakeholders should understand and agree with the scope of the data governance
program, the rationale behind it, and the goals that data governance is set to achieve.
They should also understand the roles and responsibilities of key participants in
the data governance program as well as understand what is expected from them in
terms of time, effort, duties, and inputs. Stakeholders should understand and agree
to the timeframes, processes, and milestones used to measure and assess progress
and effectiveness of the data governance initiative.
The data governance council and stakeholders need to work together to conjointly
outline the data governance success criteria and commit to providing proof of the
benefits. The data governance council needs to inform stakeholders about ongoing
initiatives to keep stakeholders confident, supportive, and engaged. Keeping stake-
holders up-to-date with the progress also reinforces the data governance council’s
commitment to the initiatives and keeps the stakeholders enthusiastic about the data
governance initiative (Fox 2014).
There should be an ongoing, open, and honest feedback mechanism for the data
governance council to elicit feedback from the stakeholders. Feedback taken into
consideration buys goodwill of the stakeholders and helps build their confidence in
the data governance council. For a data governance program to succeed, trust and
confidence is essential (Fox 2014).
2.4.3.2 Cultural Change and Change Management
Culture of an organization is the combination of shared values, beliefs, norms, and

repeated behaviors. It is very important to understand the culture of the organization
when structuring data governance. This is reinforced by Jill Dyché, Principal, Jill
Dyché, LLC. in her interview statement, when questioned on what factors should be
taken into consideration while choosing a data governance model for an organization
(Mahanti 2021a)
Culture, culture, culture! Understand how successful projects are delivered at your company.
Is it largely top-down, meaning that executive sponsorship is required and there should be
formalized budgets for each initiative? Or is success typically more bottom-up, where a
group of data management experts deploy valuable new data using agile techniques, then
rinse and repeat?
Understanding how the culture defines success will inform not only how you structure data
governance, but who you hire.
Also, data governance requires changes in how people operate. As explained by

Laura Sebastian-Coleman, Data Quality Lead, Finance Data Governance Center of
Excellence, CVS Health in her interview, as many organizations have not governed
their data in the past, at least at an enterprise level, data governance is perceived as
a “new” thing that is making new demands on people’s time and requires people to
change their behavior (Mahanti 2021a).
Data governance requires considerable cultural changes and introduces new ways
of working. Managing those changes effectively are often critical to the successful
implementation of data governance in an organization. Change management is a
discipline, which makes use of processes, tools, and techniques for ensuring that
changes are comprehensively and smoothly implemented, such that the business
outcomes and the lasting benefits of change are achieved.
The focus is on the broader impacts of change, particularly on people and how
they, as individuals and teams, transition from the current situation to the new one,
and easily adapt to the new ways of working. It is very important to understand
the existing culture to define your data governance strategy, your operating model,
as well as to assess the impact that the new data governance policies, processes,
practices, rules, and responsibilities will have on the culture, and how the culture
needs to change in order to accommodate the changes wrought by data governance.
Laura Sebastian-Coleman further explains (Mahanti 2021a)
Culture change will look different in different organizations because the starting point will
be different. The behaviors that need to change will differ but the behaviors that people
will be encouraged to adopt will be similar (e.g., simply paying attention to data and asking
questions if it does not look right is a behavior to be cultivated in any organization that wants
to govern its data better).
Change management is both an enabler and enforcer of data governance. Change

management should be focused on helping organizations deal with the cultural
changes that come as a result of transitioning to new data governance policies,
processes, practices, rules, and responsibilities. According to C. Lwanga Yonke,
an information quality professional and an adviser to the International Association
for Information and Data Quality, employees in the organization need to be educated
on the problems that data governance is trying to solve six months before the data
governance policy is approved (Talend).
Data governance brings changes along the following lines:
• How data is accessed, used and shared, distributed, and disclosed;
• Who can do what with the data;
• Who owns and manages the data;
• How priorities are established as needs around the data changes; and
• What principles, rules, and controls govern the data.
These changes can be a culture shock for individuals who have not dealt with
them before.
Peter Drucker, who was one of the most widely-known and influential thinkers
on management, said, “If you want to start doing something new, you have to stop
doing something old.” Although this sounds quite easy, it’s easier said than done as
cultures are deeply entrenched in the organization fabric, and replacing them with
something new is not easy.
According to Peter Drucker, “For new technology to be embraced, people have
to believe that it has ten times the advantages of what people were previously
doing.” Communicating why the present way of working will no longer work; that
is, explaining the risks and adverse impacts of not doing data governance and the
benefits of data governance from the end user perspective, can get people motivated
and have a more positive outlook when it comes to data governance.
Also, the appropriate infrastructure in the form of training, policy, and processes
to be followed, and the tools and technologies needed should be there in place for
embracing the change.
Understanding and communicating the “why, what, when, who, and how” of the
changes that data governance will bring about, can dispel some resistance to the
change. It is important to assist the impacted groups to let go of their old way of
working and get them to feel comfortable doing things the new way.
Every organization has a different culture and different ways of operation and
hence, the impacts will differ for each organization. In order to effectively manage
the change brought about by data governance roll-out, a change plan and strategy
should be built to facilitate the change.
It is important to understand the prevailing organizational culture, and put yourself
in the shoes of the impacted groups and try to understand how they will be impacted
by the change wrought by data governance. It is also important to anticipate how
they will react to the data governance changes and the concerns they might have.
It is important to understand the way of operation prior to the change and post
implementation of data governance, to understand what has changed for the impacted
group, and what would be needed to make them feel more acceptable of the change.
It is also important to recognize that impacts would not be uniform throughout
the enterprise. There would be several user groups impacted by the changes brought
about by data governance implementation and impacts for different user groups
would vary.
It is important to understand specific impacts for these different groups to be able
to understand the best course of action—as is in determining what is needed in terms
of change management—for example, class room training versus hands-on training,
communication, awareness sessions or a combination of some or all of these.
Awareness sessions, communication and training strategies need to be tailored to
suit the different user groups. For example, for groups that have very low impact,
email communications may suffice, while a high impact group would need face to
face communication, awareness sessions, class room training as well as hands-on
training.
It is also important to anticipate the level of resistance that will be offered by
the different stakeholder groups during the implementation of a data governance
program. Listening carefully to the concerns of each stakeholder group will help
understand the reasons behind their concerns and devise adequate strategies to
address them. Some stakeholder groups will be for the change, while some will
be against the change brought about by data governance. Knowing who is going to
work for and with you, and who is going to work against you, can help you plan
accordingly.
There are different change management models such as adoption curve, commit-
ment curve, and Beckhard’s models, and depending upon what suits best for the
organization, one of these can be adopted.
2.4.3.3 Training and Education
Appropriate training and education are essential to the successful roll out of any
new program that requires new ways of working, and the same applies to effec-
tive implementation and sustenance of data governance in an organization (Mahanti
2018). Andres Perez, Information Management Consultant and President of IRM
Consulting, Ltd. Co. stresses on training being one of the three factors critical to
successful data governance implementation and states that (Mahanti 2021a)
Data governance is difficult. It goes against the grain of the typical organization. Organi-
zations are managed top-down using a command and control (hierarchical) method while
information flows across all of these stovepipes. Data governance must be practiced by all
members of the organization and the DG leadership must provide proper training to them so
that they can work across organizational borders effectively.
Implementation of data governance introduces new ways of operation, requires a

data-oriented mindset, and brings about significant organizational changes (Mahanti
2018).
Enterprise change without adequate training is bound to fail. This is because
education and training fill the gaps in knowledge and skills. It upskills employees,
so that they are comfortable with the new ways of working. There are many miscon-
ceptions around data governance, and it is important to have regular data gover-
nance awareness sessions across the organization to dispel these misconceptions and
increase data governance awareness.
The most successful data governance programs are those where participants and
data users are trained in the principles, tools, methods, and politics of data governance
and stewardship (Lopez 2012).
It is important to educate the employees on the data governance program—explain
the pains, risks and impacts in the absence of data governance, the benefits of data
governance, and how will data governance impact them; knowledge is power, and
people respond best to a change in work practice when the changes are clearly
articulated (Marcan 2017).
Because of the depth and breadth of data governance, it is important to carry out
some planning when it comes to data governance training and education requirements
of the organizations. Figure 2.7 summarizes the activities involved in planning for
data governance training and education.
A “one-size fits all” training and education approach will not be suitable as data
governance needs to be tailored for an organization, and data governance training and
46
Who are the stakeholders targeted for

DG training & education ?
When will the training be delivered?

What is the frequency of the Who?
training sessions?
When? Why?
DG Why do you need to deliver DG

Training & training and education?
Education
Where? What?
Where to start educating What is the scope of DG training

and training? How? & education?
What are the training requirements
by stakeholder groups?
How should the training
be delivered?
Fig. 2.7 Data governance training and education-planning

education would also need to be tailored accordingly for the organization (Mahanti
2018).
First, one has to understand the scope of the data governance training and educa-
tion, that is, what is in scope, and what is out of scope. This would be dominated
by the objectives of the data governance program. Nonetheless, some of the critical
topics on which training needs to be delivered are the following:
• Laws and regulations related to data and information.
• Personally Identifiable information (PII) (for example, email address, credit
card debit card information, and social security number), sensitive, and
protected/restrictive data. Sensitive and protected data vary from industry to
industry. For e.g., Protected Health Information is specific to the healthcare
industry.
• Managing confidential data and information.
• Safeguarding and protecting data and information (Thomas 2015).
• Managing proprietary records, for e.g. customer information.
• Handling intellectual property, i.e., patents, trademarks, and copyrights (Thomas
2015).
• Data stewardship.
• Metrics and performance reporting.
• Data management.
• Data quality.
• Data governance tools.
The next thing is to identify the audience or stakeholder groups who need to be
trained and educated regarding data governance.
What are the impacted teams?
How would they be affected by data governance changes?
What would they be doing differently as a result of implementation of data governance?
Answering these questions would help you determine the training required and
design training material adequately.
Training is necessary to ensure that employees fully understand what the changes
are, what is required of them, what are the gaps, and how things need to be done, with
data governance in place. This is principally imperative for individuals who have no
previous knowledge, awareness, or exposure to data governance (Marcan 2017).
There are various factors that influence the training and education requirements
which are summarized in Fig. 2.8. Training would need to be tailored depending on
the job descriptions, roles, responsibilities, and the amount of upskilling required.
The maturity level would also help ascertain the gaps that need to be filled. If the
data governance initiative is a part of a wider data quality initiative and is coupled
with data quality or master data management initiatives, training would need to be
tailored accordingly. The enterprise architecture and IT application landscape also
need to be taken into consideration when assessing the training requirements.
If software tools are to be used for data governance, software tool training would
need to be conducted so that the responsible individuals know how to use the tools.
48
Roles &
responsibilities
Job description
Industry sector
Resistance to
Policies & change
procedures
DG Maturity level
Other data education-
initiatives influencers
Regulatory/
Compliance
Funding requirements
Tools & Enterprise

technologies architecture
IT applications
Fig. 2.8 Factors influencing DG education and training requirements

Training content for different compliance and regulatory requirements would differ.
For example, GDPR and Basel would need different training.
Different industry sectors would also have different data governance requirements.
For example, the highly regulated industries, such as finance, banking, insurance, life
sciences, manufacturing and healthcare are subject to more stringent compliance and
regulations and need more rigorous processes and practices around data governance,
and the data governance education requirements would also need to be adequate, thus
enabling the employees to do their tasks properly so that compliance and regulatory
requirements are fulfilled. Training must be focused on how data governance and
compliance form a part of successful business processes (Lopez 2012).
Both business users and IT professionals need to be trained. IT professionals need
training and education to help them understand that data governance is much more
that a technical problem, and while technical solution is an aspect, there are other
aspects like policies and procedures too. Business users need training to help them
understand what are the new roles and responsibilities they must staff and adopt
(Lopez 2012).
It is important to measure the benefits from educating and training in data gover-
nance, and the impacts in the absence of training, for the various stakeholder groups
to demonstrate why data governance training and education is needed, and how will
it benefit different stakeholder groups.
The timing and frequency of the training sessions need to be established for the
different stakeholders. Also, how the training will be delivered needs to be deter-
mined. This would vary depending upon the roles, responsibilities, job descriptions,
and the knowledge gap of the different stakeholder groups and user constituen-
cies. Data governance education and training would range from organizing aware-
ness sessions (for example, awareness related to legislations, regulations) to training
sessions which demonstrate how they need to do the work.
The degree of resistance to change because of lack of knowledge and deficiency of
required skills, the gaps which need to be filled for the audience to perform their jobs
adequately would dominate the type and mode of training required. For example, data
governance might result in a major change in processes. In this case, a combination
of classroom and hands-on training along with adequate training documentation in
the form of user manuals and quick reference guides would be a desired approach.
In case of minor changes, awareness sessions would suffice. Funding might lead to
organize training so that you do not cross the budget.
A combination of different education and training approaches would need to
adopted. Some common education and training approaches are:
• Classroom training;
• Hands-on or on-the-job (OJB) training;
• Presentations;
• User manuals;
• Videos;
• Quick reference guides; and
• E-learning.
It might be a good idea to hire external consultants who have a long-standing data
governance experience to facilitate training on the core data governance topics.
You need to decide as to where to start the data governance education and training
in your organization. You need to start by educating your executive sponsor if he
does not have the requisite knowledge, and conduct awareness sessions for senior
management and mid-tier management groups, and then train and educate the opera-
tional teams on the new ways of working, which might be a combination of technical
education and/or training on process changes.
2.4.3.4 Communication and Collaboration
Data governance is an enterprise wide, interdisciplinary, and cross functional effort.

It should be widely known and well understood across the organization. Hence,
communication and collaboration have a prominent role to play in the success of
data governance.
Phil Watt, Director, Elait Australia, when asked to share interesting
thoughts/advice stresses on collaboration when he says (Mahanti 2021a)—“We
will always need data governance but we will see much more of this done
collaboratively…”
Stakeholders from different business units including risk, legal, and IT need
to work together to work out processes, resolve issues, determine controls, define
metrics related to data, and work towards consistent data definitions. They should
have a formal understanding and agreement as to who is going to do what in relation
to governing the data.
There are different perspectives related to data that need to be looked into, and
one single business unit will not have the entire perspective. For example, the legal
team might have a specific view on data retention and the business unit using the
data might have a different perspective.
Conflicting requirements need to be resolved. Depending on the focus of your
data governance you might need more representation from certain business units.
Effective communication is a means of overcoming resistance, dispelling doubts,
and maintaining enthusiasm for implementation of data governance, and is vital
in aligning the workforce towards corporate expectations (Mahanti 2019). As per
the Founder and President of The Data Governance Institute, Gwen Thomas,
communication constitutes a large section- probably 80% of data governance efforts
(Talend).
The need for data governance, the approach the organization will take with regards
to implementing the initiative, the progress, and the impacts should be communicated
to the stakeholders to ensure transparency.
Without the right communication strategy and plan, the anticipated benefits will
remain ambiguous, and data governance will only be viewed as a cost to the company
and an administrative burden. A communication plan is necessary to communicate
the why and how of data governance, and the benefits to all those involved. The data
governance communication plan should include the following information elements:
• Short description of the communication—A few words to indicate what the

communication is about.
• Message Objective—The purpose or intent of the message.
• Author—Who is sending out the communication?
• Audience/stakeholder groups—The groups, users, or teams who would be the
recipient of the communication.
• Communication medium—The communication channel, which would be used
to deliver the message to the audience. Different communication channels
include email, company web portal/intranet, newsletters, workshops, and meet-
ings. Multiple communication channels may be used for the same communication
if need be.
• Frequency—Some communications would have a pre-determined frequency, for
example, monthly, quarterly, annually, while others would be adhoc or on-demand.
Figure 2.9 shows the different elements of a data governance communication plan
and Table 2.1 shows a communication plan template with an example.
Short
communication
description
Message
Author
objective
Elements of a
DG
communication
plan
Audience/
stakeholder Communication
groups medium
Frequency
Fig. 2.9 Elements of a data governance communication plan

Table 2.1 Data governance communication plan template and example

Message Message Author Audience/Stakeholder Frequency Communication
objective description group medium
Data Communicate DGO Executive steering Bi-annually Email
governance DG Program committee Intranet-web
program successes and Data governance portal
update progress council
towards
established
program
objectives
The communication plan should be revisited often to include new communica-

tions and stakeholder groups. Communication should be customized according to
stakeholder group—so that the communication is relevant to the stakeholder groups.
Proactive communication, especially before launch and in the early stages of
a data governance program, is critical to ensure acceptance and adoption across
the organization. Get out the word about data governance with some high-level
information of what is known at that point in time, the launch date, the benefits,
the key milestones, quickly before the launch if possible, via the most effective
communication channels and set expectations for regular updates (Fox 2014).
The kick-off messages are just the start of the data governance communication.
Ongoing communication is equally important to demonstrate progress and the wins,
as well as to identify and address any potential roadblocks, challenges, or concerns.
Effective communication fosters positive relationships between stakeholders and the
data governance council (Fox 2014). Stakeholders should be communicated about
ongoing initiatives to have their trust, support, and enthusiasm.
Delivering employee focused communication is critical to achieving success in
data governance efforts. A variety of channels—intranet, emails, newsletters, wall
posters, workshops, meetings, and internal social platforms should be used to attract
employee attention and crack through the information overload.
Videos related to the data governance as well as its progress and achievements
can be also prepared and posted on the organization’s intranet, and internal social
platforms, to spread awareness and build familiarity with the concept. It is important
to ensure that the communication to stakeholders is appropriately frequent. Commu-
nications should be clear, focused, brief, and free of jargons, and complement each
other in terms of look and feel, messaging, and terminologies to avoid confusion,
and sustain the attention and interest of the stakeholders.
Successful implemention of data governance requires executives and staff from
the different business units and the IT department to come together. Teamwork is a
crucial element in data governance, as it involves the combined efforts of a number of
employees across different business units as well as IT departments (Mahanti 2018).
As per Philip Russom, Senior director of TDWI Research for data management,
data governance involves a multitude of different roles that need to interact with each
other and hence, data governance has to be a kind of a collaboration hub to facilitate
these interactions (Talend). The value of teamwork formed by cross-functional teams

promotes a sense of ownership, better communication, team working value, and
overall view of the organization (Aviation Week 1998).
2.5 Data Governance Program—Do’s, Don’ts, Tips,

and Lessons Learnt
There are certain things that you might want to take into consideration and things
you would want to avoid when embarking on a data governance initiative in your
organization.
2.5.1 Tailor Data Governance to your Organization—“One

Size Does not Fit All” Approach
When it comes to implementing data governance in organizations, it is important to

understand that a “one size fits all” approach does not apply to all organizations, even
though there may be a set of generic governance organizational structures, roles, and
associated responsibilities. This is because different organizations will be different
along the following lines. See Fig. 2.10:
• Organization size,
• Industry sector,
• Geography,
• Organizational goals,
• Business strategy,
• Business drivers,
• Context,
• Scope,
• Organizational structures,
• Organizational hierarchies,
• Interactions between different organization teams and groups including IT and
business,
• Data management challenges and opportunities,
• Data landscape with varying complexities and data volumes,
• Organizational culture and maturity levels, and
• Circumstances.
These factors should be taken into consideration when designing and imple-
menting data governance for a specific organization. The data governance program
should be customized within guidelines to meet the specific needs of the organiza-
tion, so that it is fit for purpose for the organization, while at the same time sharing
Group Data
Industry interactions management
sector and challenges &
geography opportunities
Organization
Data
structures &
landscape
hierarchy
Organization
Scope
One size size
does not
fit all
Context Circumstances
Organization
Business
culture and
drivers
maturity level
Business Organization
strategy goals
Fig. 2.10 Elements to be considered when tailoring data governance
the basic data governance concepts and principles. Hence, data governance designed
for different organizations will share some common characteristics.
For example, the business driver for data governance in a utility company may be
to improve the quality of their asset data stored in their geospatial database, whereas
in a healthcare organization to protect patient data, whereas in a retail company to
achieve a single version of truth for their customer and product data. Each of these
scenarios might require data governance to be implemented in a different way.
The business and data challenges will differ based on the size, industry sector,
and the data they hold. Legislations differ by industry sector and geography. Also,
organizations that have offices in more than one country or have global operations
will require a different data governance structure when compared to organizations
that have operations and offices in one country only. The organization’s culture and
maturity levels also have an influence on how you proceed with data governance.
In short, no two organizations are the same, and similar data governance practices
cannot be applied to all of them.
2.5 Data Governance Program—Do’s, Don’ts, Tips and Lessons Learnt 55
2.5.2 Adopt a Non-invasive and Non-disruptive Approach
Data governance programs are often perceived as being “invasive” and “over-and-
above” the existing work culture of an organization, as pointed by Robert S. Seiner,
author of the book—“Non-Invasive Data Governance”.
It is important to be as non-invasive and non-disruptive as possible when designing
and implementation data governance in your organization. There are already individ-
uals working in the organization who are familiar with the data (that is the business
and technology subject matter experts). Such individuals are involved in dealing with
the data and resolving issues. They are natural candidates for data stewards, and their
opinions should be valued.
The aim should be to build data governance on what is existing (that is organiza-
tions structures, hierarchies, resources, and cultures), instead of building everything
from the scratch, and defining too many new roles or hiring new resources. This can
be achieved by identifying existing practices, processes, and identifying people in
the organization that have a level of accountability for the data they are defining,
producing, and using to complete their job or function. Also, existing resources
should not be overburdened with large amount of work because of data governance.
It is also important to design a data governance operating model of roles and
responsibilities that aligns with the way your organization operates today, and allows
you to overlay the framework over your existing organizational components, and
repurpose roles and practices to focus on data governance.
Identifying existing escalation paths and decision-making capabilities from both
a positive standpoint as in scenarios in which they do work, and from a negative
perspective as in the scenarios in which they do not work, will enable leveraging what
is working instead of having to build from scratch. It will also help in addressing the
opportunities for improvements that can minimize disruption. Understanding what
data is handled by people, and helping them formalize their behavior to the benefit
of others, potentially impacted by that behavior along the data lifecycle is another
aspect of being non-invasive.
2.5.3 Accept That the Data Governance Journey will be

Difficult
Implementing data governance is not an easy exercise. It is imperative to recognize

this up front and be prepared for the obstacles, resistance, risks, and challenges.
Employees who have been a part of a data governance initiative before and have seen
it fail, will be naturally resistant to the initiative and wary of giving their time and
effort.
It is important to size up the challenges, risks, and blockers early on, have a solid
plan in place to deal with these issues, and work together as a team. It is important
to educate and prepare stakeholders for what data governance is, its benefits, and
to communicate expectations, so that they are more amenable to the changes and to
make the road ahead easier to traverse. This will help achieve success in the initiative.
2.5.4 Establish a Strong Base
The foundation or base of a construction has a crucial role to play in the successful
development and sustenance of the building structure. Stronger the base, longer
lasting is the structure!
When it comes to implementing a data governance program in an organization,
it is important to establish a strong foundation to ensure long term sustainability of
the program. It is important for the leaders to know the scope of the data governance
initiative, the major issues and their impacts, and what they are trying to achieve.
The data governance body needs to understand what data needs to be governed and
why, who understands the ins and outs of the data, and who the stakeholders are.
2.5.5 Identification of Areas for Proof of Concept (POC)
The data governance initiative should be implemented in a limited area with a

definable scope and measurable criteria for success. This enables you to test the
strategy, uncover flaws and challenges, check the benefits, and ensure that the business
requirements are being fulfilled.
Initial testing on a smaller scale helps figuring out whether it will work on a larger
scale or needs refinement. While the proof of concept cannot cover every single
business use case, and there will still be new gaps that will need to be filled when you
start implementing data governance on a larger scale, it will enable you to determine
whether the data governance processes, polices, and rules designed for the proof of
concept will work for your organization.
Once benefits of data governance implementation are realized within a small
group, they can then be rolled out to multiple functions and finally across the entire
organization in a staggered way.
2.5.6 Get Some Quick and Meaningful Wins
Data governance initiatives are often run in combination with data quality initiatives,
master data management or BI initiatives, which in turn, may or may not be driven by
compliance requirement. These initiatives are cost intensive and as a whole require
significant changes in operation and culture.
When outcomes are not seen for a long time, the interest and commitment tend
to diminish. Therefore, demonstrating returns on investments early on and at regular
intervals, by resolving an issue or fixing a problem with broad visibility and impact to
the organization, and communicating the same to the impacted groups and commu-
nities, can help reduce resistance, keep stakeholder hooked, build and maintain
momentum, as well as furnish justification for sustained funding.
2.5.7 Share Lessons Learnt and Success Stories
It is important to share success stories to keep the fires burning and improve success
rates. Organizations have tried implementing data governance and not got it right
the first time. As stated by Dr. John Talburt, Acxiom Chair of Information Quality at
the University of Arkansas at Little Rock, and Lead Consultant for Data Governance
and Data Integration with Noetic Partners Inc. “…As more and more organizations
implement DG and share their “lessons learned,” DG practice is improving and
success rates are increasing, (Mahanti 2021a).”
As pointed by Andres Perez, Information Management Consultant and President
of IRM Consulting, Ltd. Co. (Mahanti 2021a),
…The value is not distributed evenly across business areas, so it is important for those who
gain the most to share the wealth with those who do not by providing feedback on business
value and by treating each other as partners.
2.5.8 Keep It as Clear and Consumable as you Can
Keep the data governance process as simple, clear, and consumable as possible with
a plainly defined process flow and a RACI chart with clear segregation of duties and
responsibilities for ease of understanding and operation. It is also important to have
a well-defined communication plan.
If data governance processes are complicated and process steps are ambiguous,
then it will be difficult for the employees to follow the same, and they will circumvent
them. It is important to ensure that all tasks in the process flow are adding value to the
overall organization. Steps should be added to processes only when they are abso-
lutely needed. For example, if data needs to be exchanged between data producer and
a single data consumer group without intermediate systems or additional consumer
groups using the data, then an agreement can be reached between the data producer
and consumer without the need for additional data governance processes to be defined
(Klein, 2017).
2.5.9 Have a Clear Focus and Stay Focused
Without clear focus, data governance initiatives can lose momentum. It is important
to have well defined scope and unambiguous, defined goals when it comes to imple-
menting data governance. It is also important to understand the primary objective
of the initiative, identify the individuals and groups who will derive value from its
implementation, and the key benefits. This will help stay focused within the scope
and achieve results.
2.5.10 Have the Right Candidates for the Data Governing

Body
Data governance involves defining and assigning roles, responsibilities, and authori-
ties. Each of the data governance roles need to be assigned to the right people. For that
purpose, each data governance role should have clearly defined criteria for participa-
tion—knowledge and skill sets required, what tasks are to be accomplished, and the
right candidates must be carefully vetted for each role based on whether they match
the criteria specified for the role. For example, business data stewards are responsible
for a subset of the data and define rules relating to the data (for example, business
meaning of the data elements, format, and domain values). Hence, they need to have
good business knowledge of the dataset. In other words, the business data steward
should be a subject matter expert of the dataset for which he is assigned the role.
Data owner role requires a comprehensive understanding of the business as well
as leadership, communication, and decision-making skills. If individuals with the
requisite knowledge, experience, and right skill sets are not assigned to the data
governance roles, it will fail to drive the desired outcomes and would lead to failure.
2.5.11 Strike the Right Balance Between Opposing Goals
Data governance needs to serve several goals. Some of these goals will have
conflicting requirements and require varying levels of controls. For example, compli-
ance goals might need to restrict data access whereas business integration goals might
need expansion of data access.
Other contrasting goals include business versus technology, data content versus
data usage, strict governance (as in case of compliance) versus loose guidance (as
in case of data architecture standards), departmental data ownership versus enter-
prise data ownership, data security/protection versus data accessibility, compliance
requirements versus productivity (Russom 2008).
Data governance would need to achieve a feasible balance between these

conflicting requirements through cross functional collaboration and effective change
management (Russom 2008).
2.5.12 Understand the Data Governance Scope First

and Then Form the Data Governance Body
It is important to understand the scope of the data governance program and the roles
and responsibilities needed before forming the steering committees and the working
groups, and assigning people to them, and not the other way around.
This is because creating the governance bodies first without knowledge or under-
standing of the scope would most likely not have the correct people on board, which
you would only discover once you have understood the scope, which would require
you to form committees again causing business to lose interest.
2.5.13 Plan for Longevity
The saying “Rome was not built in a day” applies to data governance too. It takes
a considerable amount of time for data governance processes to become entrenched
in the organization culture and hence, you need to plan for the long haul.
The initial stages of the data governance involve establishing and defining the
working structure and processes, which need both time and resources. Hence, the
data governance bodies should be provided with adequate support so that they can
spend time on the program. Once the operating rhythms are established, data gover-
nance bodies need to evolve the data governance function to meet new challenges to
continue to deliver value.
2.5.14 Incentivize Participation
Data governance requires active participation from data stewards—the subject matter
experts who are already extremely busy and have a number of pressing duties on their
plate. Providing incentives for participation and rewarding their efforts can gain a
more sustained commitment, maintain enthusiasm, and help promote desired cultural
changes across the organization.
2.5.15 Do a Data Governance Program Health Check
A data governance program does not fail abruptly. There are indicators, both blatant
and subtle, that indicate your data governance program’s downfall. As pointed out
by Jill Dyché and Kimberley Nevala, in their article-” 10 Mistakes to Avoid When
Launching Your Data Governance Program”
Data governance isn’t overtly canceled. It simply fizzles like a damp firecracker.
Robert S. Seiner in his article—“Saving a Failing Data Governance Program”

provides some red flags that indicate that your data governance implementation is
going off track (Seiner 2017). Below are some of the warning signs to look for so
that you can bring your program back on track (Seiner 2017).
• Senior leadership meetings no longer have data governance as a line item.
• Business units are not approaching data governance office with issues to resolve.
• There are competing data governance groups.
• Accountability for data governance does not rest with anyone.
• All the enterprise data issues have got resolved and there are no new issues reported
for quite sometime.
• The individuals in charge of data governance are being asked to spend a larger
percentage of their time on something else.
• The data governance office/team in the organization has been broken up.
• Attendance at data governance meetings is decreasing.
• Conversations at the data governance meetings do not focus on data governance.
• Metrics are no longer being used to track data governance progress and impacts.
• Data governance metrics indicates a problem, but no action plan is there in place
to rectify the issue.
• Data policies are not being adhered to/enforced any more.
• Data policies, processes, definitions, and standards have not been reviewed for a
considerable length of time.
2.5.16 Do not Design Data Governance Without Integrating

the Key Decision-making Bodies and Other Data
Initiatives in your Organization
Data governance should not be designed in a vacuum without integrating other data
management functions and data initiatives, and without establishing relationships
with other decision-making bodies in the organization. Data governance affects
data management functions and initiatives including data security management, data
quality management, data integration initiatives like data warehousing, master data
management, as well as data modeling, data architecture, and big data.
Designing and implementing data governance without integrating existing
decision-making bodies would result in resistance. Also, not taking into account other
data initiatives would prevent an organization from leveraging maximum benefit and
getting the best business value from data, and achieving the right balance when
objectives of these initiatives conflict with one another.
By establishing relationships with these organizations, you gain the ability to
learn from previous program’s experience (the stumbling blocks, dependencies, risks,
issues, and constraints) in the specific environment. By involving the leaders who
have previously worked on more mature programs and discussing data governance
decisions with them, you can get help in getting consensus and endorsement for the
implementation of data governance across the organization (Buff 2018).
2.5.17 Avoid Establishing Big Committees
Avoid establishing big data governance steering committees and working groups, as
more the number of individuals on each committee, the more politics comes into play
and the more watered-down governance responsibilities become. To be successful,
try to limit the size of committees to between six and twelve people, and ensure that
committee members have the required knowledge and decision-making authority
(Sherman 2011).
2.5.18 Do not Take the Tick Box Approach to Satisfy

the Regulators
Compliance and regulatory requirements are one of the key drivers of data gover-
nance. In case the business case for data governance is driven by regulatory require-
ments, organizations often take a tunnel view to data governance with an intent to
deliver the bare minimum requirements in a short time to meet the regulator needs
only.
They create a checklist of tasks, and focus on ticking the tasks on checklist without
understanding the benefits, and completely ignoring long term goals. Therefore, data
governance is not embedded in the cultural fabric of the organization, and the focus
is on risk mitigation, and not on the opportunities.
A tick box approach to data governance offers little in terms of on-going sustain-
ability, transparency, or business value for the effort invested. Also, all the facets of
data are not taken into consideration. Hence, if and when regulations change, you
will have to start all over again. It is important to look at data governance holistically,
treat it as an ongoing process, have the entire organization involved, and look at the
root cause of the problem. This will not only enable you to comply with any checklist
or regulatory requirements, without the need for a fresh implementation whenever a
new checklist is issued, but will also achieve other business benefits.
2.6 Concluding Thoughts
Effective data governance is not a one-off exercise and cannot be implemented all
at once. As stated by Dr. John Talburt, it is important to share lessons learnt and the
success stories of data governance so as to help improve the program and increase
success rates (Mahanti 2021a).
Data governance is not a project or even a destination, but a long drawn journey
and practice that needs to be sustained and measured, to develop and mature over
time, so that it becomes a central business process with improvement goals which
are continually revised to reflect changing business goals, and to be used as criteria
in managing data improvement. In line with Aristotle’s quote—“Quality is not an
act, it is a habit”, “Data governance is not an act, it is a habit.”
As stated by Dr. Stan Rifkin, effective data governance program needs to take into
account organizational and human factors (Mahanti 2021a). Successfull entrench-
ment of data governance in the cultural fabric of the organization requires a combi-
nation of a number of contributing elements—executive sponsorship, leadership and
management commitment and alignment, a robust strategy and strong business case,
a combination of hard and soft skills, training and education, communication, team-
work and collaboration, metrics to track progress and effectiveness of the data gover-
nance initiative, data governance organization structures in place, technology and
tools, and effective change management.
Of all these elements, executive sponsorship is the most important, because
without sponsorship you will not be able to kick start your data governance initia-
tive. There are connections between these elements. For example, a lack of leader-
ship and management commitment would not result in sustained sponsorship and
not drive change. Training and education also helps drive awareness and enables
change management. Metrics showing the benefits realized by data governance can
increase leadership and management faith and commitment and pave the grounds
for sustained sponsorship.
Identifying the different data governance perceptions, and debunking them is
also crucial in avoiding a problem or challenge that does not exist. It also helps in
isolating and addressing the real obstacles and challenges. Data governance is often
confused with other terms associated with data, like data quality, data management,
master data management, metadata management, records management, and even
change management. Organizations often consider data governance synonymous
with these. People misconstrue the meaning and value of data governance and the
shape it would eventually take in their organizations, resulting in its failure (Dyché
and Nevala 2017). Hence, it is important that the correct definition, meaning, and
value of data governance is relayed and understood by the people in the organization.
It is necessary to understand the challenges, organization readiness, and mindset
of people, your champions (who will bat hard for you), movers (who will not bat
quite so hard) and shakers (pockets of resistance), the current state and the future
state, and based on this understanding, devise the best way to rollout data governance
in your organization.
2.6 Concluding Thoughts 63
Ultimately, good data governance will be successful within your organization

when the correct balance between people and organizational capability, processes
and controls, technology and architecture, and accountability between data producers
and consumers is achieved (Advision Digital 2016).
I will conclude this chapter with the statements made by Dr. John Talburt (Mahanti
2021a)
In my experience, I see DG becoming more mature. The first adopters usually had to make
2, or even 3, attempts before seeing any success. However, like any new paradigm, it takes
time to iron out the wrinkles. As more and more organizations implement DG and share
their “lessons learned,” DG practice is improving and success rates are increasing. We now
have good models to follow. It is still a very difficult undertaking but I see things beginning
to get better with fewer failures and restarts.
References
Advision Digital (2016) Why do you need data governance? WorleyParson Group, Last accessed on
November 9, 2018 from http://digital.advisian.com/curious/why-do-you-need-data-governance/
Alder S (2005) Six steps to data governance success, CIO. Last accessed on 31 March
2018 from https://www.cio.com/article/2438861/enterprise-architecture/six-steps-to-data-gov
ernance-success.html
Amitech, Data governance. Last accessed on June 20, 2020. https://amitechsolutions.com/modern-
data-management/data-governance/
Askham N The 9 biggest mistakes companies make when implementing data governance. Last
accessed on 16th July, 2018 from http://static1.squarespace.com/static/52ed2570e4b02079a8
2e6ff3/t/56111545e4b0890ee92b5901/1443960146356/Nicola+Askham+-+9+biggest+data+
governance+mistakes.pdf
Aviation Week (1998) Success with six sigma after an elusive goal. Aviation Week 149(20):53
Baker S, Sjoberg P (2018) Intelligent data governance for dummies, Hitachi Vantara Special Edition.
Wiley
Bhansali N (2013) Data governance: creating value from information assets. CRC Press
Buff A (2018) Data governance danger: five warning signs of imminent failure, Big Data Quar-
terly. Last accessed April 20, 2019 http://www.dbta.com/BigDataQuarterly/Articles/Data-Gov
ernance-Danger-Five-Warning-Signs-of-Imminent-Failure-124076.aspx
Chen A (2017) Breaking data myths- highlights from Tableau CEO’s Keynote at #DATA17 Last
accessed on Dec 26, 2017 from https://centricconsulting.com/breaking-data-myths-by-tableau-
ceo-data17-keynote_cincinnati/
Chikkatur L Information management part 1: myths and facts. Last accessed on 25 December, 2017.
https://www.melissadata.com/enews/articles/010809/1.htm
CIO Review (2016) Why data governance is important and what skills are key for it? Last accessed
on 9 April, 2018 at https://security.cioreview.com/news/why-data-governance-is-important-and-
what-skills-are-key-for-it-nid-18105-cid-21.html
[CIO-WIKI], Data Governance. https://cio-wiki.org/wiki/Data_Governance
Correia J (2015) Data governance: 5 common pitfalls and how to avoid them. Last accessed April
20, 2019. https://www.daymarksi.com/information-technology-navigator-blog/data-governance-
5-pitfalls-and-how-to-avoid-them
Couture N (2018) Implementing data governance – 3 key lessons learned. Last accessed April
20, 2019. https://www.cio.com/article/3328855/implementing-data-governance-3-key-lessons-
learned.html
Davis J (2016) 9 tips for data governance success. Last accessed on March 10, 2018 from https://
www.informationweek.com/big-data/big-data-analytics/9-tips-for-data-governance-success-/d/
d-id/1327129?image_number=3
Dyché J, Kimberley N (2013) 10 mistakes to avoid when launching your data governance program,
SAS Best Practices White Paper, Last downloaded on 20th March, 2018 from https://www.sas.
com/content/dam/SAS/en_us/doc/whitepaper1/ten-mistakes-to-avoid-when-launching-data-gov
ernance-program-106649.pdf
Edwards PJ (2016) Why is data governance in healthcare so difficult? Himformatics
Erwin (2017) State of data governance report. Last accessed from Dec 28, 2018 from https://go.
erwin.com/2018-state-of-data-governance-report
Fox M (2014) Five indispensable best practices for communicating your data governance strategy.
Knowledgent blog. Last accessed on 10 July, 2018 at https://blog.knowledgent.com/five-indisp
ensable-best-practices-for-communicating-your-data-governance-strategy/
Haruray A (2017) Why failed data governance experience is valuable! LinkedIn. Last accessed April
20, 2019. https://www.linkedin.com/pulse/why-failed-data-governance-experience-valuable-ash
ish-haruray/
Iron Mountain, Information Governance: Puncturing The Myths, Last accessed on 25 December,
2017. http://www.ironmountain.com/resources/general-articles/i/information-governance-pun
cturing-the-myths
Jones D (2016) Data governance: the perfect marriage of soft and hard skills? The Data Roundtable.
https://blogs.sas.com/content/datamanagement/2016/09/29/data-governance-soft-hard-skills/
Klein J (2017) Six things you need to know about data governance. SEI Blog https://insights.sei.
cmu.edu/sei_blog/2017/06/six-things-you-need-to-know-about-data-governance.html
Lopez K (2012) The 5 things you must do before starting any data governance program, Sponsored
by Embarcardero, InfoAdvisors Inc. Last accessed on 18th July, 2017 https://www.embarcadero.
com/images/dm/technical-papers/karenlopezebookv5.pdf
Loshin D (2017) Busting 10 Myths about data quality management, information builders white paper.
Knowledge integrity incorporated
Mahanti R (2018) Data governance implementation: critical success factors, software quality
professional. ASQ 20(4):4–21
Mahanti R (2019) Data quality: dimensions, measurement, strategy, management and governance.
ASQ Quality Press, Milwaukee, WI, 526 p. ISBN: 9780873899772
Mahanti R (2021a) Data governance and compliance, Springer Books, Springer, ISBN: 978-981-
33-6877-4
Mahanti R (2021b) Data governance and data management, Springer Books, Springer, https://doi.
org/10.1007/978-981-16-3583-0; ISBN: 978-981-16-3582-3
Marcan C (2017) 10 Steps to creating a successful data governance strategy, manufacturing busi-
ness technology, Advantage Business Media, Posted on 09/08/2017 - 11:16 am. Last accessed
on 10th December, 2017 from https://www.mbtmag.com/article/2017/09/10-steps-creating-suc
cessful-data-governance-strategy
Navigate Team (2014) Debunking common misconceptions about data governance frameworks.
last accessed on 8th July, 2018 from http://www.navigatecorp.com/debunking-common-miscon
ceptions-about-data-governance-frameworks/
O’Neale K (July 2015) Identifying the right operating model for your organization: a step toward
sustainable data governance. Last accessed on 10 April 2020, from http://www.b-eyenetwork.
com/blogs/oneal/archives/2015/07/the_right_operating_model.php
Panian Z (2010) Some practical experiences in data governance. World Acad Sci Eng Technol
Manage 62:939–946
Pant V (2020) Linkedin Post. Last accessed August 5, 2020 from https://www.linkedin.com/feed/
update/urn:li:activity:6695938653677613056/?commentUrn=urn%3Ali%3Acomment%3A(act
ivity%3A6695938653677613056%2C6695978205234520064)
Peyret H, Goetz M (2014) The forrester wave™: data governance tools, Q2 2014
Plotkin D (2013) Data stewardship, Elsevier Science Publication
References 65
Power D (2015) Secrets of Successful Data Governance, Eckerson Group, https://www.eckerson.

com/articles/secrets-ofsuccessful-data-governance Last accessed on June 1 2020
Power D All the ingredients for success: data governance, data quality and master data management.
Last accessed December, 1, 2019 from http://www.oracle.com/us/products/middleware/data-int
egration/odi-ingredients-for-success-1380930.pdf
Russom P (2008) Data governance strategies: helping your organization comply, transform, and Inte-
grate. TDWI. Last accessed on 12th July, 2018 on https://tdwi.org/Articles/2008/05/27/Data-Gov
ernance-Strategies-Helping-Your-Organization-Comply-Transform-and-Integrate.aspx?Page=2
SAS, The SAS® Data Governance Framework: A Blueprint for Success. Last accessed on
14 December, 2017 https://www.sas.com/content/dam/SAS/en_us/doc/whitepaper1/sas-data-gov
ernance-framework-107325.pdf
Seiner RS (2017) Saving a failing data governance program. The Data Administration News Letter.
Last accessed on 20th April, 2018 from http://tdan.com/saving-a-failing-data-governance-pro
gram/22440
Sherman R (2011) A must to avoid: worst practices in enterprise data governance. Search Data
Management Tech Target. Last accessed on July 15, 2018 from https://searchdatamanagement.
techtarget.com/feature/A-must-to-avoid-Worst-practices-in-enterprise-data-governance
Speare G (2017) Understanding data governance: tools, documents, processes, and people. Iron-
side. Last accessed on 31 March 2018, from https://www.ironsidegroup.com/2017/02/15/unders
tanding-data-governance-tools-documents-processes-people/
Talburt JR and Zhou, Y (2015) Entity Information Life Cycle for Big Data: Master Data Management
and Information Integration (1st. ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA,
USA.
Talend (2018), New trends and best practices for data governance success, ebook downloaded on
1 April 2018 from http://viewer.media.bitpipe.com/1216309501_94/1288990195_946/Talend_
sDM_SO_32247_EBook_1104.pdf
Talend, What is Data Governance (and Why Do You Need It)? Last accessed on 10 July, 2018 from
https://www.talend.com/resources/what-is-data-governance/
Thomas W (2015) Educate for data governance. IVT Conference presentation available at, http://
www.cbinet.com/sites/default/files/files/Willis_Thomas_Educate_Data%20Gov.pdf
Turner N (2016) Taming the waves: the foundations of effective data management, Marine Data
Management and GIS Workshop, Royal Society of Edinburgh, DAMA United Kingdom
Wu J (2007, 04) Empowering the information enterprise: role-based performance management. DM
Review. Available http://www.dmreview.com/editorial/dmreview/
Chapter 3
Strategy and Data Governance
The significant problems we face cannot be solved at the same

level of thinking we were at when we created them.
—Albert Einstein
Abstract Strategy plays a critical role in the success of data governance and the role
of strategy in data governance is elaborated in this chapter. Before an organization
takes a leap of faith and embarks on its data governance journey, it needs to have a
data strategy and a data governance strategy. This chapter discusses DG readiness
(as in how ready is the organization to undertake data governance), warning signs
that indicate that the organization is not yet ready to implement a more mature data
governance approach, data governance maturity assessment, and factors to consider
when analysing the gaps between the as-is and to-be state. The interactions between
corporate strategy, data strategy and data governance are discussed. The importance
of a data governance business case, the key components of a DG business case,
data governance strategy, data governance strategy map, and the data governance
roadmap is also discussed in this chapter. The role of the chief data officer in data
governance implementation is discussed in this chapter. It is critical to commence
any data governance initiative with a short, high priority, and well defined and under-
stood pilot. The prioritisation and selection of the pilot phase have been discussed
succinctly.
3.1 Introduction
Data is an enterprise asset and needs to be of a superior quality to provide business

value, be it business intelligence, sales, finance, or marketing. Data must also serve
the key strategic objectives that define the future vision for an organization.
In order for data to generate business value and not be a liability, it needs to be
available, accurate, complete, consistent, free of duplicates, free from ambiguity,
easily interpretable, and secure.
https://doi.org/10.1007/978-981-16-5086-4_3
68 3 Strategy and Data Governance
Data governance oversees the management of data so as to ensure its availability,

usability, integrity, quality, privacy and security. Data governance is both an organi-
zational process and structure. A data governance function sets up an environment
in which the program staff are assigned roles and responsibilities to work together
to establish order and organization for overseeing the data (Mauzy et al. 2016).
Data governance is a continuous process. However, before your organization takes
a leap of faith and embarks on its data governance journey, it needs to have a data
strategy that incorporates the data initiatives (data governance being one of the data
initiatives) to meet the organization’s strategic goals.
The organization should also define a data governance strategy that outlines the
outcomes that the data governance program is set to achieve. However, creating a
data strategy and data governance strategy is not easy as it requires commitment from
the senior management and executive leadership, and an acknowledgement that data
is an enterprise asset that must be managed and secured like any other asset.
While having a data strategy can open doors to the power that data can bring
and can also help in leveraging it to gain a competitive advantage, only one in ten
organizations have an enterprise data strategy, given the difficulty in getting a buy-in
from the executive level (Eckerson 2011) or because of a lack of realization of the
benefits that an effective strategy can bring to the organization.
However, it is also important to remember that while a good strategy can put an
organization on the competitive map, only solid execution can keep an organization
there (Neilson et al. 2020).
This chapter discusses data governance readiness, data governance maturity
assessment, strategy in general, data strategy and data governance, data governance
strategy, data governance business case, the data governance roadmap, and the role
of the chief data officer in data governance implementation.
In order to be successful, organizations need to approach designing as well as
implementing data governance in a strategic manner rather than in a tactical manner.
According to a survey carried out by Experian and UBM, nearly all (98%) respon-
dents said that their organizations view data governance as either important or criti-
cally important from a business perspective. Despite this, 46% of respondents indi-
cated that their organizations recognize the value of data but lack a formal governance
strategy (Pastore 2018).
When asked about the role of strategy in paving the way to achieving success in
data governance, Jill Dyché stated (Mahanti 2021a).
The most sophisticated companies use strategy to determine their data deployment priorities.
In other words, there’s a lot of data and a lot of potential data-enablement projects, so where
should we start? The short answer is to consider your company’s most important strategic
initiatives and figure out the data that will be required to execute them. Start there.
… From a corporate strategy perspective, we use a strategy mapping technique to map
corporate objectives to the data necessary to achieve them. This approach essentially puts
data – and the need for data governance – on the radar of executives who might believe data
to be an afterthought. Executives, many of whom are measured on strategy execution, will
typically support data governance as soon as they understand its role in strategic enablement.
3.1 Introduction 69
The extent to which companies can link their corporate strategies to data is the extent to
which they’ll get support and funding for data governance!
Data strategy is an essential component of any organization’s digital transfor-

mation journey and should align with it’s corporate strategy. Data governance is an
important component of a data strategy. Data governance involves people, processes,
and technology, as well as substantial cultural changes; hence, organizations need to
assess how ready they are to move to higher levels of data governance maturity by
taking into account the challenges of introducing change, and conduct a data gover-
nance maturity assessment to determine the current maturity level and assess the gap
to achieve the desired maturity level.
3.2 Are You Ready for Data Governance?
Data governance introduces a new way of working that challenges entrenched beliefs.
An organization might not be ready for the massive change brought about by data
governance, and the change could be detrimental to the enterprise, a particular
program or project. That is, while data governance may be the right thing to do,
the timing to do it might not right. Nicola Askham, data governance coach, states
in her article – “The 9 biggest mistakes companies make when implementing data
governance (and how to avoid them all)” –
Sometimes, an organization is just not ready to implement a data governance initiative. Even
if the organization is ready, it may not be mature enough to implement anything more than
baby steps towards their end goal.
Some of the warning signs that an organization is not ready for a more mature
data governance approach have been summarized in Fig. 3.1 and are as follows:
• Refusal of business groups to get involved (The Data Governance Institute 2017).
• Refusal of leadership to sponsor a data governance effort (The Data Governance
Institute 2017).
• The decision to implement a bottom-up program when the decisions and rules
that must be implemented should be made from the top of the organization (The
Data Governance Institute 2017).
• The decision to empower a group (an outsourcer, partner, or team) to make data-
related decisions for a data-related effort where they would benefit from NOT
(The Data Governance Institute 2017).
– Considering an enterprise view,
– Involving data stakeholders,
– Correcting data issues, and
– Acknowledging data issues.
• Key stakeholders do not see a need for data governance, and there is no executive
decree to change their outlook.
• Subject matter experts (SMEs) whose attendance will be required at rule-making

sessions or governance sessions are extremely busy, have higher priorities, and
cannot make a commitment to attend these sessions.
• The right resources cannot be assigned to the data governance programs because
they are assigned to other projects, programs or business as usual activities.
Any organization that captures, manages, and uses data has some form of data
governance in place. It is very important to conduct a readiness assessment exercise
before you decide to climb the ladder from the current state of data governance
maturity to a higher level or decide to move from an informal approach to a more
formal approach of data governance, and start building a strategy for implementing
data governance.
3.3 Data Governance Maturity Assessment
It is important to understand how mature your organization is in terms of data gover-

nance, before you take the risk of attempting to introduce something that your orga-
nization isn’t ready for or doesn’t need. This is because you need to know why you
have the current model of data governance in place to be able to make a decision as
to whether it is right at that point in time to move to the next level and overcome the
challenges to reach that level. There are various data governance maturity models that
can help you assess the current maturity and these have been discussed in Chap. 4.
Data governance maturity assessment provides a picture of an organization’s
current data governance maturity along various dimensions of the data governance
maturity model such as overall data governance, data policies, data standards,
data ownership, data stewardship, data compliance, data architecture—data access
and isolation, data quality, and metadata. It also provides an organization with an
informed, objective, measurable, and documented assessment of the maturity within
a data governance maturity model (Gow 2006).
Data governance maturity assessment provides an insight into the organization’s
existing capabilities, uncovers strengths and weakness of the organization’s current
data management capabilities, validates, modifies or invalidates assumptions, iden-
tifies constraints, risks and issues, and helps assess the gap between the existing state
and desired state, and supports steps that can be taken to develop, prioritize, and
deliver solutions to bridge the gap (Gow 2006).
The maturity assessment involves interviewing a number of representative people
in the organization to assess their perspectives. It also includes a review of existing
documentation to understand the data landscape, the existing capabilities, dependen-
cies, constraints, risks, and issues and hence, should be undertaken by experienced
people who can form a judgment based on their experience of other similar environ-
ments. This exercise also reveals the critical data sets and domains that you should
target for data governance.
Fig. 3.1 Data governance readiness—warning signs

71
A maturity assessment exercise—conducted well—provides the opportunity for

stakeholders to feel that they have a platform where they’re being heard, and it
sows the seeds for encouraging them to buy in to the idea of data governance and
management—and also to related changes down the line (Entity).
A maturity assessment measures progress in the range of 1 to 5; where ‘1’ is
lowest level of maturity, and ‘5’ is the highest level of maturity, with capabilities
continuously improving, as you move from lower levels to higher levels of maturity.
The different dimensions against which the maturity can be assessed and the data
governance maturity assessment have been discussed in detail in this chapter.
It is important to evaluate the current state and ascertain an attainable target state
based on current data governance maturity levels within your organization, taking
into account the challenges of introducing change that will be brought about by
the new capabilities and solutions to be implemented to achieve the target state. The
assessment should identify critical data assets and the associated issues in the current
state, the desired target state, and the gaps along the following lines (illustrated in
Fig. 3.2):
• Critical data assets and data domains,
• Capabilities,
• Organizational structures—roles, responsibilities, and accountabilities,
• Business processes and their impact on data,
• Technology management practices (systems, platforms, tools, and languages),
• Data management practices,
• Skill sets along the lines of business processes, technology, and data management,
and
• The organizational culture.
The target state needs to be assessed along the lines of the value that capabili-
ties in the target state would provide, and the associated risks, interdependencies,
constraints, and success factors.
3.4 Strategy
The term strategy does not have a universally accepted definition. Therefore, in
different contexts and to different people, strategy means different things.
The Canadian guru Henry Mintzberg (1978) defined strategy as a pattern in a
stream of decisions.
Strategy is an outline of how a business intends to achieve its goals. The goals are
the objective, and the strategy sets out the route to achieving that objective (Henry).
Liddell and Scott (1999) define strategy as a high-level plan to achieve one or
more goals under conditions of uncertainty. Daniell (2007) defined strategy as the art
and science of informed action to achieve a specific vision, an overarching objective,
or a higher purpose for a business enterprise.
Organizational culture
Technology management practices

3.4 Strategy
Capabilities
Critical data assets and data domains
AS–IS State Gap Analysis TO-BE State
Organizational structures
Skill sets
Data management practices
Business processes and impact on data

73
Fig. 3.2 Gap analysis between as-is state, to-be state, and factors to consider
In the private sector, strategy is about a business gaining competitive edge over
other businesses. This is because business do not operate in vacuum but have to
compete with several other players in the market. Having a value proposition superior
to other businesses that are trying to appeal to the same customers and turning it into
a habit is key to sustain competitive advantage. Robust “where-to-play” (that is the
target customer segment) and “how-to-win” choices, therefore, are still essential to
strategy (Lafley and Martin 2018).
Every organization has its own unique strategy, which is an expression of organi-
zational objectives that identifies specific goals within a confined scope of operations
to deliver value and achieve specific benefits.
While strategy is not the only determining factor in the success or failure of an
organization, a robust strategy can yield amazing results for an organization which
has mediocre level of competence. On the contrary, the most inspiring leaders when
dealing with an inappropriate strategy will have to wield their full competence and
drive, merely to keep afloat (Tilles 1963).
The importance of strategy in success can be illustrated by the following examples
from history (Tilles 1963):
• When Hannibal wreaked the humiliating defeat on the Roman army at Cannae in
216 b.c., he led a ragged band against soldiers who were in possession of supe-
rior arms, better training, and competent “noncoms.” This was possible because
his strategy was so superior that all of those advantages proved to be relatively
insignificant.
• Jacob Borowsky made Lestoil the hottest-selling detergent in New England by
using an effective strategy to battle competition with superior resources.
• Walmart’s global strategy for expansion was “being the cheapest” and it beat
out all of the competition by offering the same products for the lowest prices
(Kimberlee 2018).
• Porsche’s carefully designed and brilliantly executed strategy focused on Japanese
manufacturing concepts to improve efficiency and launching new products to
increase market appeal resulted in highest profit margins across the industry
(~15%); comparatively other players found themselves far behind in terms of
profitability (2016 numbers) e.g. Mercedes (~7%) or Hyundai (~4%) (The Burnie
Group).
• When Facebook launched in 2004, it was one of several social media sites with
MySpace being dominant. Facebook had a strategy that focused on measured
expansion. Facebook is omnipresent today, but it starting small with a focused
group of Harvard students, and after gaining traction in Havard, it expanding
gradually to other colleges, and when ready, finally opened up to non-students.
This allowed Facebook to focus on adjusting the product to the needs of each
new customer segment. As a result, it avoided the growth challenges that led to
MySpace’s decline (Izquierdo 2020).
• When Dollar Shave Club launched its razor business in 2012, Gillette had a
commanding share of about 70% of the U.S. market according to Entrepreneur
magazine. In 2019, Gillette’s market share had eroded to about 53% according to a
3.4 Strategy 75
CNBC report. Meanwhile, Dollar Shave Club’s growth prompted Unilever to buy
it for $1 billion. Dollar Shave Club beat Gillette by adopted a strategy that offered
a cheaper alternative directly to end consumers through Internet, as opposed to
Gilette that sold its products through retail outlets which costed more. Dollar
Shave Club worked with manufacturers in Asia to produce razors, eliminating
any markup from a middle man (Izquierdo 2020).
In the words of John Zachman, author of “The Framework for Enterprise
Architecture” (The “Zachman Framework”), Zachman International, (Mahanti
2021a)-
There is an old engineering adage, “Form Follows Function.” Today, this might be restated
as “Structure Follows Strategy.” Structure (form) takes time and costs money. If you expend
the time and money to build it before you define what it is for or what it is to do, you have
delivered a classic solution in search of a problem … which in all likelihood is a huge waste
of resources.
3.5 Corporate Strategy, Data Strategy, and Data

Governance
Don’t sell a data strategy on its own. It’s just not going to work. It’s got to be coupled with
a broader strategy that the data strategy fits into. - Jim Swanson, CIO, Monsanto, [Source:
Data Strategy Playbook]
As shown in Fig. 3.3, the corporate strategy which is driven by the corporate
vision and mission, sits at the top of the hierarchy, and defines the overall corporate
objectives. Corporate strategy also defines the way in which these objectives will be
accomplished to create value while attaining competitive advantage.
The corporate strategy is the overall strategy of an organization that consists
of several business units, and helps determine how to structure its business and
human resources, and support business units to share human resources and technical
resources, and work together to create more value and meet the corporate objectives.
Mission translation, that is, translating mission and high-level enterprise objec-
tives into operational goals and objectives is important for clarity and alignment and
is achieved using methodologies such as (Siviy et al. 2008; Siviy and Kirwan 2008):
• Function Analysis Systems Technique (FAST) goal decomposition [Siviy and
Ismail];
• Six Sigma’s Y-to-x decomposition (Siviy et al 2007);
• Critical success factors (developed Daniel 1961, refined Rockart 1986);
• Systems thinking’s current and future reality trees and other system dynamics
methods;
• Traditional strategic planning methods; and,
• Balanced scorecard strategy maps (Kaplan and Norton 1996, 2004).
Corporate
Vision &
Mission
Drive
Corporate
FEEDS Strategy Should
INTO align
Should with
align
with
Data Part Data Drive Data
Vision &
Governance of Strategy Mission
Governs
data assets
Fig. 3.3 Corporate strategy, data strategy, and data governance
A corporate strategy should also recognize the organization’s critical assets that
would be a differentiator in terms of attaining competitive advantage. Data is an
enterprise asset and some data are critical. The corporate objectives should be mapped
to the data required to achieve them (Mahanti 2021a). For example, one of the
corporate objectives could be to increase revenue. One way to increase revenue is
to increase the customer base. The data that this corporate objective maps to are
customer and prospect data.
Data strategy is the vision and actionable foundation for the organization’s ability
to harness data-related or data-dependent capability that helps achieve the strategic
objectives of the organization. A data strategy establishes common methods, prac-
tices, processes, procedures, usage pattern, and structures to acquire, manage, inte-
grate, manipulate, secure, operationalize, consume, and share data across the orga-
nization in a repeatable manner. It is, in effect, a checklist for developing a roadmap
toward the digital transformation journey that companies are actively pursuing as
part of their modernization efforts (Gurevich and Dey 2018).
3.5 Corporate Strategy, Data Strategy, and Data Governance 77
John Gallant and Kevin Fleet in their book “ The Data Strategy Playbook: A CIO’s
practical guide to driving change” define data strategy as follows (Gallant and Fleet
2018):
A data strategy defines how an organization achieves specific business goals through the
strategic use of its data assets.
Ramesh Dontha defines data strategy as follows with the key points highlighted
in bold (Dontha 2018):
Data strategy lays out a comprehensive vision across the enterprise and sets a foundation
for the company to employ data-related or data-dependent capability.
A data strategy can be defined as a high level plan as to how an an organiza-

tion strategically uses its data assets and employs data-related or data-dependent
capability to achieve its business objectives.
An organization’s data strategy might also be called a data management strategy
or a data quality strategy. Laura Sebastian-Coleman in her book “Measuring Data
Quality for Ongoing Improvement: A Data Quality Assessment Framework” states
(Sebastian-Coleman, 2012).
The difference between a data strategy and a data quality strategy can also be purely semantic.
An organization’s data management strategy must also be a data quality strategy, since the
purpose of data management overall should be to ensure the existence and availability of
high-quality data for the organization.
Organizations generally have multiple data management initiatives underway

(metadata, master data management, reference data management, data governance,
data migration, modernization, data integration (data warehouse), data security, and
data quality). However, most efforts are focused on point solutions that address
specific project or organizational needs without taking into consideration, the
interrelationships and interactions between these initiatives (SAS 2018).
A data strategy establishes a road map for aligning these activities across each data
management discipline in such a way that they complement and build on one another
to deliver greater benefits, with data governance, data quality, and data architecture
being key items (SAS 2018).
The data strategy must align with and complement the corporate strategy. It should
be subordinate to the corporate strategy. Corporate strategy provides guidance to and
context for the data strategy. A strategy mapping technique should be used to map
corporate objectives to the data necessary to achieve them and should be the focus of
the data strategy. As highlighted by Jill Dyché, the approach of mapping corporate
objectives to data- essentially puts data and the need for data governance on the radar
of executives who might believe data strategy to be an afterthought (Mahanti 2021a).
A data strategy should be able to answer the question as in how it will result in an
economic value, be it, increased revenue, profits, or cost reduction. In the example
that we used earlier with the corporate objective—“revenue increase” mapped to
customer data and prospect data, data strategy would focus on initiatives like master
data management, data quality management, and data governance to improve the
customer data and prospect data based on the gaps and issues.
Data governance implements the data strategy. With respect to the customer
and prospect data example, some of the activities that data governance could be
looking at are, locating the critical customer and prospect data elements, improving
customer and prospect data collection processes, establishing enterprise wide stan-
dards for these elements, and ensuring processes and metrics are in place to ensure
that the data is of high quality. Figure 3.3 shows the high level interaction between
an organization’s corporate strategy, data strategy, and data governance.
Data strategy is often confused with data governance. They are distinct but at the
same time also tightly intertwined (Thalanki 2017). The scope of data strategy is
wide-ranging and represents an umbrella for all data initiatives such as data architec-
ture, data warehouse, data analytics, business intelligence (BI), data migration, master
data management (MDM), reference data management, metadata management, data
governance, and data quality. A data strategy ensures that all data initiatives follow
a common method and structure that is repeatable (Gurevich and Dey 2018).
Paul Barth listed four principles of a successful data strategy in the form of
questions (Barth 2018a, 2018b) as follows:
Question #1—How does data generate business value?
Question #2—What are our critical data assets?
Question #3—What is our data ecosystem?
Question #4—How do we govern data?
The above questions show that data governance is one of the four factors for an
effective data strategy and not the only factor.
Richard Inserro, Principal, PwC, mentioned in his presentation at Data Citizens
‘17, “The CDO Mandate and the Path Forward,” data governance must be the starting
point of any data strategy, and must have the capability and flexibility to support
the productivity aspirations, risk mitigation, and operational efficiency needs of the
business, and properly align IT activities.
These can be achieved by businesses when their programs build a community of
common language, collaboration framework, policies, and responsibilities to start
their data strategy journeys, which are the basis of data governance (Marchese and
Rao 2018).
Without prioritizing governance in your data strategy, the desired impact of data on
your business will never be realized in an efficient and dependable manner over time.
As Stephen Covey famously said, “Begin with the End in Mind means to begin each
day, task, or project with a clear vision of your desired direction and destination, and
then continue by flexing your proactive muscles to make things happen,” (Marchese
and Rao 2018).
Data governance is usually a line item in the data strategy. Benefits of data strategy-
governance combinations can be divided into two buckets—tangible and intangible as
postulated by Adelman, Moss and Abai in 2005. Tangible benefits include (Adelaman
et al. 2005):
• Revenue enhancement,
• Cash flow acceleration,
3.5 Corporate Strategy, Data Strategy, and Data Governance 79
• Analyst productivity,
• Cost containment,
• Demand chain management,
• Fraud reduction,
• Improved marketing effectiveness,
• Better supplier and customer relationships,
• Customer conversion rates, and
• Customer attrition and retention rates.
Intangible benfits include (Adelaman et al. 2005):
• Better and faster decision making,
• Better public relations and reputation management,
• Better customer service,
• Employee empowerment, and
• Competitive effectiveness.
3.6 Data Governance Strategy
Data governance means nothing to the executive management and leadership unless
it contributes to generating revenue or results in cost savings. Data governance inter-
sects with business initiatives specifically the ones which are data initiatives (for
example, customer relationship management (CRM), enterprise resource planning
(ERP), and compliance) as well as data management initiatives (for example, master
data management, and data integration).
The data governance strategy should contain an answer to the following questions
as illustrated in Fig. 3.4:
• Why are you doing data governance?
• Who are the stakeholders in the data governance program?
• What needs to be done to achieve the “why”?
• Where do you want to start?
• How do you want to achieve data governance?
• When do you want to do what?
The “Why” defines the desired outcomes and goals of the data governance
program, and should be aligned with the organization’s data strategy and corporate
strategy. The “Why” that is, “why are you doing data governance?” should always
be defined before you define “Who”, “When”, “How”, “What”, and “Where” ques-
tions. The “Who” helps in defining the data governance stakeholders. The “When”,
“How”, “What” and “Where” form parts of the roadmap. Data governance strategy
should align with the data strategy and corporate strategy as shown in Fig. 3.5.
In short, the data governance strategy defines the objectives and desired outcomes
of data governance program, the scope of the data governance program, the stake-
holders, and the roadmap. It is driven by the business drivers and uses cases for data
Goals and
Desired
Why? Outcomes
Timelines and
Milestones
When? What?
Data
Governance
Strategy Scope of Data
Governance
How? Who?
DG
Initiatives
Stakeholders
Fig. 3.4 Data governance strategy—the five Ws and how
Aligns Corporate
Strategy
Data Component Aligns

Governance of
Data Strategy
Aligns
Data Governance Strategy
Fig. 3.5 Data governance strategy, data strategy, and corporate strategy alignment
and benefits expected from the same. The objectives and desired outcomes should
be well defined and documented as well. This is because if you do not know what
it is you are aiming to accomplish as an organization, your likelihood of success is
very slim.
The objectives and the desired outcome in the data governance strategy helps
determine the scope of the data governance program, the data governance business use
cases, initiatives, and roadmap activities (high level time-bound plot of when should
the data governance initiatives start, the time sequencing of the data governance
initiatives, and the milestones).
3.6 Data Governance Strategy 81
A data governance strategy map defining the summary of the goals and outcomes,
critical success factors, the core disciplines, supporting disciplines, and showing the
relationships amongst these components on one page can help communicate the data
governance strategy to different levels of the organization. Benefits, risks, success
factors, implementation, and priority should be defined for each of the business use
cases. The scope and roadmap help determine the subsequent on-boarding of the
data governance resources.
A data governance strategy acts as the vision document of the company, and
ensures that the whole organization understands the goal of the program and each
person’s role in achieving success. It defines how data governance initiatives will
be defined, funded, governed, and rooted into enterprise operations. The gover-
nance strategy should also define how the organization will assess, define, plan,
operationalize, monitor, and measure the data governance programs (Addagada
2016).
The data governance maturity model can be used as a tool in planning a data
governance implementation program by using it to establish the current and future
state as well as to track the progress of the data governance implementation program.
Several data governance maturity models have been discussed in Chap. 4.
While the data governance strategy creation typically takes a few weeks and has
some sort of timeframe for executing it—however, it is only high level in terms of
how it will be achieved. The time span of the strategy and roadmap usually ranges
from 18 to 24 months.
The data governance steering committee consisting of C-level executives should
be defined and engaged to support review, and approve the strategy, if necessary. The
data governance strategy should be documented, and walkthrough sessions should
be conducted with stakeholders, to elicit feedback and sign offs.
The data governance strategy should be reviewed every six months or at least once
a year. This is because in order to stay competitive as well as comply with regulations,
an organization’s business objectives and priorities change with time, which requires
the IT strategy, data strategy, and data governance strategy also to be revisited and
revised accordingly. For example, the regulatory landscape is constantly evolving, in
reaction to fraud, scandals, and security breaches, with new laws coming into being
and existing laws being revised, resulting in new requirements in relation to data
whether in the form of increased data security, privacy, protection, restricted access
or more granular reporting. Hence, organizational strategies also need to be revised,
and data governance also needs to evolve to meet these new requirements.
3.7 Building a Business Case for Data Governance
As stated by Dr. John Talburt, Acxiom Chair of Information Quality at the University
of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data
Integration with Noetic Partners Inc. “…every DG program should start with a good
business case projecting the value of the program,” (Mahanti 2021a).
It is important to give careful consideration and invest time in building the business
case for data governance, to present a strong and compelling case that convinces
the executive team to provide the required funding, as well as gain their support
throughout the entire data governance journey. It is important to remember that data
governance is a multi-year effort, and funding should be secured accordingly (Power
2014).
The data governance business case establishes the focus areas, risks, threats, priori-
ties, and benefits for the data governance program. In short, it provides a justification
for doing data governance, and acts as a reference guide before and during data
governance implementation.
Having a business case for data governance has several benefits. The act of creating
a business case forces you to identify the pockets of greatest need. It is important to
identify the areas of greatest need as well as return. This is because the business case
helps in assessing the risks, threats, values, and costs, which in turn can help you to
weight the impacts of not doing it against benefits of doing it. It helps set the right
priorities. It also helps to validate any preconceived assumptions about the strategy,
and direction that your initiative must take (Jones 2015).
Also, data governance ties together other data management initiatives like data
security management, data quality management, and master data management and a
business case for those initiatives would cover the need for data governance. Taking
our earlier example of customer and prospect data to increase revenue, you need high
quality customer and prospect data, and data governance would be needed to ensure
that the said data is of high quality.
Generally, data governance is driven by a small group. However, data governance
implementation affects all business units across the enterprise as data crosses the
business unit boundaries and is not a departmental asset.
A robust data governance business case which outlines the risks and values helps
in gaining cross-departmental agreement as each group has a vested interest in its
outcome. This ensures that all stakeholders have a common understanding of the
value of data governance. Without a business case, business units, and departments
not driving data governance will question “ What is in it for me?”, and there is a like-
lihood of these groups offering resistance to the implementation of data governance
as they see data governance being forced upon them (Jones 2015).
In the absence of a data governance business case, you have no protection when
there is an organizational restructure at the executive and C-suite levels. The backing
by previous leadership and management who supported the data governance program
is no longer there, and the new leadership and management may not perceive the
business benefit of data governance, and may ultimately scrap the initiative (Jones
2015).
A compelling data governance business case which has the risks, values, costs,
and justification outlined for doing data governance can provide a greater degree of
protection from the unexpected management changes. It can also provide justification
to the management to continue with the implementation of the data governance
program (Jones 2015).
3.7 Building a Business Case for Data Governance 83
Data governance is not a technology project or a project for that matter, but a
business program and practice that deals with the data assets of an enterprise. Hence,
creating a business case for data governance is different from creating a business case
for a traditional technology project. Many of these variances revolve around subject
areas, such as business process, change management, business benefit, and holistic
impact (Information Builders 2012).
The data governance business case should establish the high-level understanding
and communication for the business benefits that the governance program will seek
to achieve (use cases), who will be involved (resource types), where governance
disciplines will be applied (processes in the use cases), and the economic value for
applying governance to achieve those outcomes (Fryman 2016a) in a lucid manner
as the subject of data governance might be new to the stakeholders involved. An
effective data governance business case consists of three key components (Fryman
2016a) as shown in Fig. 3.6.
1. Risk.
2. Value.
3. Cost.
What are risks of

doing/not doing data
governance?
Risk
DG Business
Case
Components
Value Cost
What are the What

returns/benefits are costs of doing
versus the costs? data governance?
Fig. 3.6 DG business case-building blocks

Risk
The data governance business case should outline the risks of not doing data gover-
nance and call out the urgency of the problem with data to support the same. In
financial and healthcare organizations, which can be subjected to penalties for non-
compliance, and where there are legal, regulatory, and reputational impacts of not
governing data, the risks of not doing data governance are apparent. With the rest of
the industry sectors, the risk of not doing data governance may not be as obvious.
However, with the enormous amounts of data that the organizations store, there is
a huge risk associated with data, if it is not governed and managed appropriately.
Some of the risks of not doing governance are –
• Fines and penalty because of non-compliance,
• Data security breaches,
• Privacy violation,
• Potential loss of public opinion or negative public opinion that might result in
decrease of revenue, and
• Risk of revenue, regulatory, or capitalization reporting may be in error or
questioned.
Risk factors are often difficult to assign a financial value to (Fryman 2016b). For
example, it is difficult to quantify the brand damage or negative public opinion. The
level of concern associated with the above risk factors, the likelihood and the severity
of the impact may be used to determine the degree of risk. It is best to classify your
risks as high, medium, or low, and if possible associate a dollar value with the risk
factors.
Value
Value is either anticipated cost reduction or benefit expected to be achieved from the
implementation of data governance in the organization. The business case should
call out how the organization will be benefited or improved by implementing data
governance to convince the executive leadership and senior management to give
their blessing to the data governance program. The value you will obtain from data
governance is dictated by the business outcomes and capabilities you want to achieve
by implementing data governance and use cases of data governance. Some examples
of outcomes are as follows:
• Reduce cycle-time searching for data necessary to conduct management reporting
and analytics (Fryman 2016b).
• Improve and align business terminology across the enterprise.
• Improve data quality definition across the enterprise.
• Improve discovery of authoritative data.
• Improve user access to authoritative data sources while ensuring data protection
and security.
• Improve the processes and time to resolution while reducing the cost of issue
management around data (Fryman 2016b).
• Improve business processes to enable data quality improvements and measure-

ments
• Increase the transparency and accountability for data management functions.
• Improve the processes and time to resolution while reducing the cost of issue
management around data.
• Establish traceability and lineage for critical data to increase trust in the data.
• Establish consistent definition and usage of reference and master data across the
enterprise.
Robert Seiner, author of the book “Non-Invasive Data Governance” uses a value
statement which he defines as cause-and-effect relationship between formalizing
existing levels of governance and putting a non-threatening program in place to
govern data and the business value that will be gained by governing data in that
manner (Seiner 2009). The format that he uses is-
Organizations that do (X),
Demonstrate * business value improvements through (Y) * or some other verb,
Where (X) are clearly defined actions and (Y) are the business improvements that
come from the actions.
One example is as follows.
Organizations that makes certain that the appropriate people are involved in
specific tasks related to data management tasks, demonstrate the ability to elimi-
nate replication of data, misuse of data, and improve their ability to integrate data
based on the corporate critical data element standards (Seiner 2009).
Most data intensive projects, such as data warehouses, business intelligence
(BI), master data management (MDM), enterprise resource planning (ERP), and
customer relationship management (CRM) have a business case and an ROI. Histor-
ically, many of these same projects fail to achieve set expectations or meet business
requirements—or fail entirely.
According to some experts in the industry, the failure rate constantly lingers in
the 50% range (Information Builders 2012). The reason for these failures is normally
attributed to the absence of a data governance and quality strategy.
Data-intensive projects require governance to optimize the ROI. In many cases,
it can account for 25% or more of the entire return on investment (Information
Builders 2012). Organizations should examine their individual project business cases
and determine the value governance will bring to their success and ROI. Every
organization has at least one failed project experience, and in many instances, the lack
of data governance has been the cause (Information Builders 2012). These projects
are typically well known to the organization, even though they are not discussed.
As part of the business case, past projects that have underperformed should be used
as examples, and point out the role data governance—or lack thereof—had in the
project (Information Builders 2012).
Cost
Cost is one of the key components of the data governance business case. It is defined
as the financial cost involved in implementing data governance along the following
cost buckets:
1. Resources.
2. Infrastructure and technology.
3. Processes.
You also need to identify your current costs and estimate future costs once the
data governance processes, resources, infrastructure, and technology are in place.
Cost estimation for resources
The following needs to be taken into consideration when conducting cost estimation
for resources:
• The types of resource required.
• Number of resources that are required.
• Number of incidents per week/month/quarter.
• Average effort and cost per incident.
• Impact of improvements and technology on the resource costs.
Cost estimation for processes

Estimating cost for processes will need estimation of the time and resources it takes
to complete processes such as:
• Data discovery—searching and locating the authoritative data.
• Understanding the correct source and usage of the data (Fryman 2016a).
• Standardizing data definitions across the enterprise.
• Defining and aligning business terminology for consistent usage across the
enterprise.
• Generating new reports and enhancing existing ones (Fryman 2016a).
• Managing data migration and data integration processes.
• Data quality issue management (Fryman 2016a).
Cost estimation for infrastructure and technology

While technology and tools do not drive governance, they enable data governance
and therefore, they need to be taken into consideration. The following costs needs to
be taken into consideration when conducting cost estimation for infrastructure and
technology:
• Hardware cost,
• License cost,
• Annual maintenance cost,
• Initial start-up costs, and
• Other recurring costs.
Taking our earlier example, of customer and prospect data, a data quality assess-
ment exercise would tell us how good or bad is the quality of data, and whether it
would be possible to assign a dollar value.
Say, ABC electronics is launching a set of new laptop, camera, and cell phone
models. If 20% of the customer and prospect contacts lead to sales worth approxi-
mately $1500 per lead and the customer and prospect database has 80,000 records out
of which 30,000 records do not have correct addresses, then the lost revenue would
be approximately $9 million. If the cost of improving data quality and implementing
data governance is $2 million, and by doing so, you can correct 90% of the addresses,
then that equals to 72,000 records correct. Hence, you will still get revenue of $7.4
million and $5.4 million of profit.
When constructing a business case for data governance, there are two ways of
going about it- look at the critical data, assess the business impact and cost of bad
data, or look at the business objectives, the data that will be required to fulfill the
business objectives, and how the data is falling short of meeting those business
objectives. In both cases, you need to be able to assign a dollar value towards the
cost of implementing each of the objectives.
3.8 Data Governance Roadmap
Strategy is a commodity, execution is an art. —Peter F. Ducker.

In life, as in football, you won’t go far unless you know where the goalposts are. —Arnold
H. Glasgow.
Once you know your current state of maturity (that is where you are or the ‘as-is’
state), the future state of maturity (that is where you want to be or the ‘to-be’ state or
‘target’ state), and the gap between the ‘as-is’ state and the ‘to-be’ state, a roadmap
can be produced for attaining the ‘to-be’ state. As the king said in Lewis Carroll’s
‘Alice in Wonderland’:
Begin at the beginning and go on till you come to the end: then stop.
A roadmap needs to [Entity]:

• Communicate when key organizational capabilities will be delivered;
• How this translates into costs and tangible business benefit realization over time;
and
• Processes and technologies required to implement the capabilities.
The data strategy defines the key capabilities required, which encompasses people,
process, technology, and culture.
The data governance roadmap will lay out the plans and timelines for imple-
menting these capabilities. A data governance roadmap is needed to help navigate
the pathway to data governance success and set the appropriate priorities for related
projects so that execution can follow. It contains core components and initiatives
with the estimated start and end dates, which will be required to achieve the business
objectives.
The data governance roadmap should define the data governance organization
structure and operating model consisting of roles, responsibilities, decision rights,
rules, controls, and accountabilities across the different business units. The data
governance organizational structure has been discussed in detail in Chap. 5.
The data governance roadmap should also define the change management plan
and should contain steps to integrate with other data initiatives like data quality, data
warehousing, and data security initiatives.
Certain data governance capabilities form the base, and their implementation
should be prioritized to ensure that the structure is in place to support the imple-
mentation of subsequent capabilities. First, organizational roles must be defined
with clearly documented accountabilities and responsibilities in the context of the
underlying governance structure. The accountability established will support the
implementation of the other capabilities [Urso].
It is important that the roadmap has the appropriate level of detail. Roadmaps are
fundamental communication tools, and you’re going to need a significant number of
people within your organization to ‘buy into’ your roadmap [Entity].
3.9 Data Governance Pilot
As discussed in Chap. 2, you should not take the “big bang” approach when imple-
menting data governance in your organization. It is critical to commence any data
governance initiative with a short, high priority, well defined, and well understood
pilot. The prioritization and selection of the pilot phase should be directed by the
area within the business with the greatest need, most pain and/or largest perceived
benefit. This pilot can be selected based on priorities set across one or more of the
following dimensions:
• Critical data domain, critical data sets, and critical data elements.
• The data function or data initiative.
3.9.1 Critical Data Domains and Data Sets
Identify the different data domains in the organization and select the most critical
data domain for a data governance pilot. Depending on the industry sector, there may
be different data domains. A data domain is connected to a number of applications
and business processes, and has a large number of data sets and data elements.
It is important to identify the critical data sets within the critical data domain, and
the critical data elements in the critical data sets in this data domains. Critical data
elements are subsets of critical data sets which are in turn subsets of critical data
3.9 Data Governance Pilot 89
Critical
data domains
Critical
data sets
Critical
data
elements
Fig. 3.7 Critical data domains, data sets, and data elements
domains as shown in Fig. 3.7. Also, while looking for critical data elements, one has
to consider the interrelationships between the data domains.
For example, financial data domain is very critical as it drives accounting, finan-
cial, and regulatory reporting, and is subject to audits. Since, there are huge risks
associated with financial data, financial data domain is the primary domain for finan-
cial data. However, financial data is also driven by other data domains like customer,
product, events, and assets. These are secondary domains in relation to financial data.
Hence, data elements and data sets indirectly associated with financial data in these
secondary domains also become critical.
From a HIPAA compliance perspective, certain patient data elements need to be
of high quality and also need to be adequately protected. However, the address data
associated with a patient also needs to be accurate, current, and complete, so that
medical reports and communication containing sensitive health information do not
fall into wrong hands.
The following criteria can be used to identify the critical data sets and critical data
elements:
• Number of consumers or users of the data.
• Criticality of the business processes consuming the data.
• Number of enterprise obligations that the data set/data elements are used for.
• Risks associated with the data set and data elements; (for example—financial risk,
compliance risk, health risk, and fraud).
• Data classification; (for example, sensitive and confidential).
3.9.2 The Data Function or Data Initiative
Another approach to commencing a data governance pilot is to set up the required

governance structure to support one or more data functions as defined by the Data
Management Association (DAMA) (Zaki 2018) or data initiatives.
For example, if the pilot focuses on the data quality management function,
then data governance would involve setting up the required organizational struc-
tures, roles, responsibilities, accountabilities, decision rights, policies, processes,
standards, rules, and metrics to support the data quality management function.
High priority scope items will naturally be a cross section of the above two dimen-
sions—critical data elements within critical data sets and critical data domains and
data function/data initiative as shown in Fig. 3.8.
Critical
Data
Domains
Critical
Data
Sets
Critical
Data
Elements
Data Security
Management
Fig. 3.8 Data management functions/initiatives and critical data

3.9 Data Governance Pilot 91
For example, the pilot may be data governance to support the product data domain
and the product data set in the product data domain and the master data manage-
ment initiative. While party data or specifically customer data is important across
all industry sectors, certain data domains are relatively more important in certain
industry sectors. For example, for the utilities and telecommunication industry, the
asset data and its quality are specifically important, whereas for the retail sector, the
product data is important.
3.10 Role of the Chief Data Officer in Data Governance
The Chief Data Officer (CDO) is a C-level role to transform the organization into
a data driven organization and with overall accountability for data as an enterprise
asset. There is no universal agreement on the definition and responsibilities of the
CDO. This is because the role of CDO is still evolving. As per Sunil Soares, author
of “The Chief Data Officer Handbook for Data Governance” the definition of the
Chief Data Officer (CDO) and chief data office are as follows:
Chief Data Officer is a C-level executive with overall accountability for data management
in an enterprise.
The chief data office refers to the enterprise data management (EDM) organization or
department, which reports to the CDO.
Dr. John Talburt states in his interview (Mahanti 2021a)—

… the real value a CDO can bring to an organization is leadership in developing a data strategy
and vision. The CDO needs to be an executive-level leader outlining how the organization
will best exploit its data assets and how it should partner with others to combine data for
new products and services. Viewing the CDO as a purely operational role for DG and DQ
limits the role, and can cause organizations to miss out on a large part of the opportunity to
participate in the data revolution.
Data governance is identified as one of the core components of data management

(DM) or enterprise data management (EDM) functions and intiatives tying together
the other data management functions as summarized in Fig. 3.9.
As discussed in Chap. 2 in Data Governance and Data Management (the second
book of the series), the data governance function guides all the other data management
functions by defining, reviewing, communicating, and enforcing policies, processes,
rules, and standards in each of the other data management functions, and identifying,
managing, prioritizing, escalating, resolving issues, and overseeing data management
projects.
The organization must define the overall scope of the chief data office. There are
a number of patterns for the scope of the chief data office (Soares 2014):
Data governance focus
In this pattern, the CDO owns data governance and performs a limited set of functions,
such as data quality and metadata. Other data management functionaries report to the
Fig. 3.9 Data governance tying together the data management functions and initiatives
Chief Information Officer (CIO). In essence, the CDO establishes data policies and
standards around the data management functions in the organization but outsources
the technology aspects to the CIO.
Data governance plus some operational and analytical systems
In this pattern, the CDO owns data governance, data quality, and metadata as well
as other functions such as master data management, reference data management,
business intelligence, and data warehousing. However, the CIO still retains control
over the other functions.
Broad EDM scope
In this pattern, the CDO owns most of the data management functions including data
governance with the exception of some departments such as database management,
which may continue to report to the CIO. The reporting structure for data architecture
and data modeling and design is typically highly sensitive because it may involve
breaking apart the enterprise architecture department.
3.10 Role of the Chief Data Officer in Data Governance 93
In all the above patterns, data governance is within the scope of the CDO. Although
the role of the CDO is still evolving, there are various aspects that are becoming more
steady (Soares 2014). One of them is that data governance is perceived as a critical
function as part of the chief data office, and the intent of the CDO role is to create a
strong executive focus on data governance.
Inderpal Bhandari, Chief Data Officer, Cambia Health in his foreword for Sunil
Soares’s book – “The Chief Data Officer Handbook for Data Governance”states
(Soares 2014):
Since 2006, I have created the role of Chief Data Officer thrice in different healthcare
organizations. My role expanded in scope over time, in keeping with the trend of increasing
importance of data to a business. I went from the leader of a functional unit to the general
manager of a business unit and then to a member of the CEO’s senior leadership team. I had
to reinvent the CDO role at each transition to reflect the expanded scope. But one aspect
remained constant: Every time, I had to implement a data governance program.
There are different viewpoints on the CDO’s relationship to data governance.

“We have a lot of interesting discussions as to what CDOs are supposed to do. Just
one comment (I have) is (that) data governance is specifically owned by the business,”
said Mark Ramsey, CDO of GlaxoSmithKline (GSK) and senior vice president of
GSK’s research division, in a panel discussion titled Dynamics between the CDO
and the CIO: The Case of a Major Pharmaceutical Company. “That’s not a CDO
responsibility that I have.”
“The business owns data governance. That’s not some ‘nobody wants it so give
it to Mikey’ kind of thing,” Ramsey said. “I participate in that but I don’t own it,
and I don’t want to own it because that’s something the business needs to deal with.
Business leaders may struggle with the responsibility for data governance”.
“The business owns the data, and we [as CDOs] are [merely] custodians as it
passes through—and that ownership comes with it ensuring the [data] quality is at
a certain level,” he said. “There’s gonna be a lot of pain [put] back on the business
owners because they’ve gotten away with doing some things in the past that aren’t
going to be acceptable as we move forward. It’s going back to the folks who created
the data—so it’s ‘Wait a minute. If I just do it right, I don’t get all these questions; I
don’t get the overhead.’” (Stanganelli 2016).
“My role as Chief Data Officer has evolved to govern data, curate data, and
convince subject matter experts that the data belongs to the business and not [indi-
vidual] departments,” Stu Gardos, CDO at Memorial Sloan Kettering Cancer Center,
said at the CIO Perspectives conference (Brown 2018).
“The CDO is the best person to drive data governance,” [Monkey Business
Images/Shutterstock].
“Ideally, there should be a CDO to oversee and facilitate the execution of a data
governance program to ensure executive sponsorship,” Emily Washington, senior
vice president of product management and Infogix says. “Other direct participants
should include executive leadership, project management, data stewards (which may
reside in IT or within a more federated model across lines of business and functions),
and subject matter experts. But given the objectives of data governance, all roles
within the organization have a part to play in its implementation success. The key to
data governance is to ensure collaboration across the enterprise (Woodie 2018).”
Dr. John Talburt stresses that for a CDO role to be successful, it should be
implemented correctly. He states (Mahanti 2021a).
…the CDO and DG will not be successful without business participation. The most effective
CDOs report to a business leader such as the CEO, CMO, and the CRO.
According to Dr. John Talburt, “when a CDO reports to the CIO, it is a sign the
organization does not understand the need for business to be accountable for data,
the CDO role is much less effective. As long as organizations see IT as accountable
for data and DG, they will at best have limited success.”
Dr. John Talburt goes on to state that CDO’s are often seen as being mainly
responsible for DG and DQ programs. And while the CDO should definitely oversee
DG and DQ, viewing the CDO as a purely operational role for DG and DQ limits
the role, and can cause organizations to miss out on a large part of the opportunity
to participate in the data revolution (Mahanti 2021a).
As per Christopher Butler, Chief Data Officer, HSBC, UK (Mahanti 2021a),
The Chief Data Officer is critical to aligning business and data areas together. He must fully
understand and be part of the business structure, provide the necessary data governance as
well alignment with IT tools and technology to move forward. The CDO is able to ensure the
right level of ‘C’ Suite support and be in a position to ensure that consistency and standards
apply to the entire organization.
The CDO should effectively communicate the value of data governance and take
the right steps to engage both data practitioners and data users, creating a collabo-
rative environment for managing and governing data. To make the data governance
process work, a CDO should ensure that an operating model for data stewardship and
governance is developed with defined roles, responsibilities, and levels of escalation
to enforce compliance with rules for using business data [Loshin].
The following data governance topics are the keys to the CDO agenda (Soares
2014):
• How do we organize for data governance?
• How do we drive business ownership of data?
• How do we set data policies, standards, and processes?
• How do we monitor the adherence to these data policies, standards, and processes?
• How do we enforce compliance with these data policies, standards, and processes?
• How do we leverage technology, especially in the context of big data?
A Chief Data Officer can be appointed in three different types of organizations in
the context of status of data governance implementation-
Scenario 1: Organizations that have already formalized data governance throughout
the enterprise and have formal data governance roles and responsibilities [Simon].
Scenario 2: Organizations that informally and invisibly practice data gover-
nance. Formal data governance roles are not seen; however, many individuals and
3.10 Role of the Chief Data Officer in Data Governance 95
groups may be fulfilling similar and corresponding functions whether knowingly or

unknowingly [Simon].
Scenario 3: Organizations have minimal data governance practices and there is no
data governance awareness in the organization.
In scenario 1, in organizations that have already formalized data governance, there
is usually an executive who is in charge of data governance, and appointing a Chief
Data Officer will cause him to step on the other executive’s toes.
Organizations for which scenario 2 applies, could benefit the most from the
appointment of a sharp CDO. This is because the culture of a new CDO shock
here should be minimal as the sentiments expressed and actions taken by the CDO
merely formalize what the organization has already been doing [Simon].
In Scenario 3, in case of organizations that have minimal data governance practices
and there is no data governance awareness in the organization, it is up to the CDO
to drive data governance in the organization and bring about a cultural change to
incorporate a data driven culture in the organization.
An effective data governance strategy needs internal acceptance among stakeholders,

on both business and technical sides, an operating model that accounts for the organi-
zational structure, IT infrastructure, and business needs, empowered people who can
make decisions and assign responsibilities, and highly targeted projects that yield
quick wins and establish standard procedures (Accenture 2018).
The Chief Data Officer (CDO) or a similar executive role (for example, Chief
Information Officer or Chief Financial Officer) drives data governance in an
organization.
The ‘one size fits all’ approach does not apply to strategies, be it corporate
strategy, data strategy or data governance strategy, as every organization is unique.
Shannon Fuller, Director of Governance Advisory Services, Gray Matter Analytics,
stressed on organizational culture in his interview, and when asked about inter-
esting thoughts/advice that he’d like to share with the audience with respect to data
governance, he said the following (Mahanti 2021a)—
Your organization’s culture will drive your governance strategy and your governance strategy
will drive culture change.
Every organization will have its own unique strategy to implement data gover-
nance depending on the organizations’ strategic business objectives and future direc-
tion, their data and application landscape, regulatory landscape, business impact
of data issues, the value they want to derive from their data, size of the organiza-
tion, organization structure and hierarchies, organization culture, their current data
maturity, and their readiness to achieve higher maturity levels.
The business case is needed in order to secure sponsorship for a data governance
program (Mahanti 2021a) as well as sustain the support in case of changes in manage-
ment. As highlighted by George Firican, Director of Data Governance & Business
Intelligence at UBC DAE and Founder of www.lightsondata.com (Mahanti 2021a),
The overall strategy needs to address the business needs, deliverables, objectives, framework,
and best practices as well as change management accompanying it all. Both the strategy and
business case should help identify the risks, gaps, assumptions, constraints, and benefits,
tie them to the goals of the organization and determine why and how data governance can
support them.
You need a good data governance strategy to kick start your data governance
journey, and strategy should be followed by execution. As stated by Morris Chang-
Without strategy, execution is aimless. Without execution, strategy is useless.
In response to the question relating to any other interesting thoughts/advice that

Jill Dyché would like to share with the audience of the book with respect to data
governance, this what she had to say (Mahanti 2021a)—
Data governance is changing. It’s no longer a separate effort but rather it’s ‘baked in’ to
every strategic project. The good news is that data has a seat at the strategy table now.
It should have been invited sooner!
References
Accenture (2018) Data governance strategy. Last accessed on 01 Dec 2018 from https://capitalma
rketsblog.accenture.com/data-governance-strategy
Addagada T (2016) Is this the right time to create a maturity model for your Data Governance Divi-
sion? Finextra blog. Last accessed on 20 Dec 2016 from https://www.finextra.com/blogposting/
12192/is-this-the-right-time-to-create-a-maturity-model-for-your-data-governance-division
Adelman S, Moss L, Abai, M (2005) Data Strategy. Addison-Wesley
Askham N The 9 biggest mistakes companies make when implementing data governance. Last
accessed on 16th July 2018 from http://static1.squarespace.com/static/52ed2570e4b02079a82e6
ff3/t/56111545e4b0890ee92b5901/1443960146356/Nicola+Askham+-+9+biggest+data+gov
ernance+mistakes.pdf
Barth P (2018a) The 4 principles of a successful data strategy, CIO Update. https://cioupdate.com/
the-4-principles-of-a-successful-data-strategy-2/
Barth P (2018b) The 4 principles of a successful data strategy, CIO update. https://cioupdate.com/
the-4-principles-of-a-successful-data-strategy/
Brown ED (2018) You need a chief data officer. Here’s Why. Eric D. Brown, Last accessed on 24
Dec 2018 from https://ericbrown.com/you-need-a-chief-data-officer-heres-why.htm
Daniel DR (1961) Management information crisis. Harvard Bus Rev September–October 1961
Daniell M (2007) The elements of strategy, pp 1–110
Dontha R (2018) December 16, 2016 Data strategy—What, why, when, who, where, digital trans-
formation pro. Last accessed on December 3, 2018 from https://digitaltransformationpro.com/
data-strategy-5ws/
Eckerson, Wayne, June, (2011) Creating an enterprise data strategy: Managing Data as a Corporate
Asset. http://docs.media.bitpipe.com/io_10x/io_100166/item_417254/Creating%20an%20Ente
rprise%20Data%20Strategy_final.pdf. Last accessed 1 June 2014
References 97
Entity The 12 step data governance road map to business success, entity white paper. Last accessed
on 22 Dec 2018 from https://www.entitygroup.com/12-step-data-governance-road-map/
Fryman L (2016a) Data governance business case journey begins with the first step, collibra
blog. https://www.collibra.com/blog/data-governance-business-case-a-journey-begins-with-the-
first-step/
Fryman L (2016b) Business glossaries and metadata: building the data governance business
case. The Data Administration Newsletter. http://tdan.com/business-glossaries-and-metadata-bui
lding-the-data-governance-business-case/19874
Gallant J, Fleet K (2018) The data strategy playbook: A CIO’s practical guide to driving
change, Informatica. https://static1.squarespace.com/static/5d529586daa0e30001b91b58/t/5d8
0e340809d981c12b885b8/1568727874802/TheDataStrategyPlaybook.pdf
Gow B (2006) Case study: Data governance & compliance for financial services, IBM corporation,
CDISP 2007. Last accessed on 22 Dec 2018. http://www.sourcemediaconferences.com/CDISP07/
pdf/Gow_Brett.pdf
Gurevich A, Dey S (2018) Defining a data strategy: an essential component of your digital
transformation journey, DXC.Technology White Paper
Henry, ND (2015) What is strategy? https://blackwells.co.uk/extracts/9780199288304_henry.pdf.
Accessed 25 Feb. 2015
Information Builders (2012) Building a business case for data governance: Ten critical steps, A
White Paper, iway Software
Izquierdo R (2020) Successful growth strategy examples from real-world companies. Last accessed
on 1 June 2020 from https://www.fool.com/the-blueprint/growth-strategy/
Jones D (2015) Justifying the need for a data governance business case. The Data RoundTable,
SAS Blog, https://blogs.sas.com/content/datamanagement/2015/08/10/justifying-need-data-gov
ernance-business-case/
Kaplan R, Norton D (2004) Strategy maps: converting intangible assets into tangible outcomes,
Harvard Business School Press
Kaplan RS, Norton DP (1996) The balanced scorecard: translating strategy into action. Harvard
Business School Press, Boston
Kimberlee L (2018) Examples of corporate business strategies, Chron. Last accessed on 1 June
2020 from https://smallbusiness.chron.com/examples-corporate-business-strategies-4755.html
Lafley AG, Martin RL (2018) Customer Loyalty Is Overrated, HBR’s 10 Must Reads series 2018.
Harvard Business Review Press, Boston, Massachusetts
Liddell HG, Scott R (1999) A greek-english lexicon, on Perseus
Loshin D, CDO should take lead on data governance process, info strategy, Search Data Manage-
ment, Techtarget. Last accessed on 24 Dec 2018 from https://searchdatamanagement.techtarget.
com/tip/CDO-should-take-lead-on-data-governance-process-info-strategy
Mahanti R (2021a) Data governance and compliance, Springer Books, Springer, number 978-981-
33-6877-4
Marchese, J, Rao N (2018) Data strategy begins governance, Collibra Blog. https://www.collibra.
com/blog/data-strategy-begins-governance/
Mauzy D, Bull B, Gould T (2016) Avoid the pitfalls: benefits of formal Part C data system
governance. SRI International, Menlo Park, CA
Mintzberg H (1978) Patterns in strategy formation. Manage Sci 24(9):1–15
Neilson GL, Martin KL, Powers E (2020) The secrets to successful strategy execution, HBR’s 10
must reads on strategy 2-volume Collection Harvard Business Review Press
Pastore M (2018) GDPR, compliance concerns driving data governance strategies, erwin Expert
Blog, Last accessed on 10 Sept 2018 from https://erwin.com/blog/driving-data-governance/
Power (2014) Building a data governance organization, information governance Blog-
Eckerson.com, eckerson.com/articles/building-a-data-governance-organization
Rockart JF (1989) A primer on critical success factors. In: Bullen CV (ed) The rise of managerial
computing: the best of the center for information systems research. Dow Jones-Irwin, Homewood,
IL
SAS (2018) 5 essential components of data strategy. https://www.sas.com/content/dam/SAS/en_

us/doc/whitepaper1/5-essential-components-of-data-strategy-108109.pdf
Seiner R (2009) Data governance value statements, the data administration newsletter. http://tdan.
com/data-governance-value-statements/10360
Sebastian-Coleman L (2012) Measuring data quality for ongoing improvement: a data quality assess-
ment framework. Morgan Kaufmann, 2012. Print. The Morgan Kaufmann Series on Business
Intelligence.
Simon P, Chief data officer role shakes up traditional data governance, SAS Insti-
tute Inc. https://www.sas.com/en_au/insights/articles/data-management/chief-data-officer-role-
shakes-up-traditional-data-governance.html
Siviy J, Ismail N, What is your strategy? The FAST Goals© Methodology. SDLC Partners Insight
Siviy J, Kirwan P (2008) Harmonization in multimodel environments. SEI Webinar 18 July 2008
Siviy J, Kirwan P, Marino L, Morley J (May 2008) Strategic technology selection and classification
in multimodel environments. Copyright 2008 Carnegie Mellon University, White Paper
Siviy JM, Lynn Penn M, Stoddard RW (2007) CMMI & six sigma: partners in process improvement.
Addison-Wesley, Dec 2007
Soares S (2014) The chief data officer handbook for data governance. MC Press, Canada, ISBN:
978-1-58347-417-4
Stanganelli J (2016) Is data governance the CDO’s responsibility? Enterprise apps today. Last
accessed on 24 Dec 2018 from http://www.enterpriseappstoday.com/data-management/data-gov
ernance-cdos-responsibility.html
Thalanki N (2017) Data strategy vs data governance, linkedIn. Last accessed on 1 June 2020. https://
www.linkedin.com/pulse/data-strategy-vs-governance-naveen-thalanki-ms-mba-pmp
The Burnie Group Good Corporate Strategy-Everything you need to know. Last accessed on 1 June
2020 from https://burniegroup.com/good-corporate-strategy/
The Data Governance Institute (2017) Data governance: the basic information. Last accessed on 3
Dec 2018 http://www.datagovernance.com/adg_data_governance_basics/
Tilles S (1963) How to evaluate corporate strategy. Harvard Business Review. https://hbr.org/1963/
07/how-to-evaluate-corporate-strategy
Urso V, Leveraging data governance in financial services, Perficient. Last accessed on 22 Dec 2018
from https://www.perficient.com/insights/guides/2018/leveraging-data-governance-in-financial-
services
Woodie A (1 February, 2018) Five tips for winning at data governance. Datanami. https://www.dat
anami.com/2018/02/01/five-tips-winning-data-governance/. Last accessed 14 Oct 2018
Zaki A (2018) Making data governance successful—5 key principles, Altis. https://altis.com.au/
making-data-governance-successful-5-key-principles/
Chapter 4
Data Governance Maturity Models
We mature with the damage, not with the years—Mateus

William
Maturity is a high price to pay for growing up—Tom Stoppard
Abstract It is very important to understand an organization’s current data gover-

nance maturity when planning to implement formal data governance. This chapter
discusses the concept of data governance maturity and data governance maturity
model. Several data governance maturity models have been proposed by different
industry practitioners, which can be used as a guiding framework to baseline an orga-
nization’s data governance maturity, and set goals to move up the data governance
maturity curve. In this chapter, the data governance models developed by Kalido,
DataFlux, Informatica, Oracle, Microsoft, and IBM are discussed and compared.
In addition, a new data governance maturity model consisting of ten dimensions is
discussed in this chapter.
4.1 Introduction
In the context of the organization as a whole, the term maturity relates to the measure
of the capability of an organization around different disciplines including people,
processes, data, technologies, and measurement practices.
The term ‘maturity’ when used in the context of processes relates to the extent of
sophistication and optimization of processes, from chaotic and ad-hoc practices at the
lowest level, to documented repeatable steps, to standard processes, to quantitatively
managed processes with result-oriented metrics, and to active optimization of the
processes, with increasing levels of maturity.
In the context of an organization’s software processes, maturity relates to the
degree of predictability, effectiveness, optimization, and control of the software
processes.
https://doi.org/10.1007/978-981-16-5086-4_4
100 4 Data Governance Maturity Models
In the context of data governance, maturity relates to the sophistication of

processes and structures to oversee the management of data, and moves from
ungoverned data to governed data, with increasing levels of maturity.
The status of implementation of data governance and the sophistication of data
governance practices vary greatly from organization to organization. Any organi-
zation that captures, processes, stores, and uses data has some capabilities around
data governance already in place. Hence, the organizations which implement data
governance formally, rarely begin from nothing.
While highly regulated industries tend to have more mature data governance
processes, structures, and practices, owing to the negative implications of compli-
ance, quite a lot of organizations (specifically those that are not highly regulated) have
low levels of data governance maturity characterized by pockets of data governance
that run in silos, limited and / or stagnant data policies, haphazard data standards,
no formally defined data governance roles, informal data ownership and steward-
ship, no formal conflict resolution process, and no formally defined data governance
metrics with limited measurement and tracking.
It is very important to understand an organization’s current data governance matu-
rity when planning to implement formal data governance and prior to the development
of a data governance strategy. Assessing and determining your organization’s data
governance maturity will ensure that you are able to establish the current state and
create a baseline for measurement. It is also important to do a gap analysis between
the current state and the future state, and plan for attaining the future state, keeping
in mind the existing capabilities.
4.2 Data Governance Maturity Models
All rising to great places is by a winding stair—Gautam Buddha
Maturity models represent a distinct class of models, dealing entirely with the
organizational and information systems related to change and development processes
(Becker et al. 2010; Crosby 1979; Gibson and Nolan 1974; Mettler 2010; Nolan
1973).
A maturity model is a tool or a guiding framework that provides a means for
organizations to determine the current effectiveness and capabilities in a particular
discipline. It assists in figuring out what needs to be done, or what capabilities and
improvements are needed to acquire the future state that the organization desires to
achieve.
Maturity models are structured as a sequential level of capabilities, predictability,
and effectiveness, along a single dimension or multiple dimensions, with higher matu-
rity levels associated with higher levels of capabilities, predictability, and effective-
ness. Each level in the maturity model builds on top of a lower level. It is not possible
to jump to a higher level before conquering the lower ones as shown in Fig. 4.1.
4.2 Data Governance Maturity Models 101
Fig. 4.1 Maturity model structure

Greater the number of dimensions, more complex is the model. It is recommended

to keep the model simple to get the maximum value out of it.
The data governance maturity models can be used to assess an organization’s
maturity from a data governance perspective. There are a number of data governance
maturity models that have been developed by industry professionals, which can assist
in the planning and implementation of data governance.
Some of these have been modeled after the Capability Maturity Model (CMM)
developed by the Software Engineering Institute at Carnegie Mellon University, USA
in 1984, to assess maturity in application domains, including software development,
program development, IT service management processes, and project management
domains. The CMM model has been summarized in Fig. 4.2.
Data governance has several dimensions associated with it, but the CMM model
for all intents and purposes is one-dimensional, because, while the CMM model
makes it possible to work with different key areas, the progression from a lower level
to the next higher level is only possible, if all key areas satisfy specific criteria.
By reducing the data governance maturity model to a one-dimensional concept,
it is not possible to capture and assess all the required elements. This is because the
organization might find that its maturity level differs across different dimensions.
For example, it might be at the lowest level with respect to a certain dimension but
at a higher level with respect to another dimension.
4.3 Data Governance Maturity Model Metamodel
Each data governance maturity model has a metamodel that comprises of the
following elements:
• Levels or stages—These are progressive stages in maturity.
• Subject areas—These are capabilities (key areas, components, functions, or
dimensions).
• Subject sub areas—These are areas or components or dimensions under the
subject areas. Subject areas might or might not be broken into sub areas.
• Subject area/subject sub area dimensions—These are assessment criteria for
each of the subject areas and/or subject sub areas which help determine their
maturity level.
While levels and the names assigned to levels are usually available for all the
different data governance maturity models, the subject areas are not available for all
of them. Subject sub areas as well as subject area/subject sub area dimensions are
rarely publicized.
Level 5 - OpƟmized
Level 4 - Managed Focus is on
conƟnuously
Level 3 - Defined Processes are improving process
measured & performance
Level 2 - Repeatable Sets of standard process capability
processes defined is established
4.3 Data Governance Maturity Model Metamodel
Level 1 - IniƟal & documented

Some processes
are repeatable
Process driven in an
adhoc, uncontrolled
& reacƟve fashion
Fig. 4.2 Capability maturity model

103
4.4 Data Governance Maturity Models by Different

Industry Practitioners
The data governance maturity model is modeled after the CMM defines four, five,
or six levels of maturity, ranging from an initial or chaotic level where practices and
policies are ad hoc to the highest level in which processes and practices lead to contin-
uous measurement, assessment, improvement, and optimization. Many industry prac-
titioners have modeled the data governance maturity model after CMM, and have
altered the five levels. In this section, we will discuss and compare data governance
models developed by Kalido, DataFlux, Informatica, Oracle, Microsoft, and IBM.
The number of levels and process areas in the maturity models defined by each of
these practitioners is summarized in Table 4.1. It is not possible to compare the DG
maturity models in Table 4.1 as the levels and/or subject areas are not aligned.
4.4.1 Kalido
Based on market research with more than 40 companies at varying stages of maturity,
Kalido has defined a data governance maturity model with four levels or stages—
application centric, enterprise-repository centric, policy centric, and fully governed,
with maturity at each level being gauged along three key areas—organization,
process, and technology as follows (Chen 2010).
Stage 1—Application Centric
From an organization’s perspective, the business sees data as an IT responsibility with
no or little collaboration between business and IT. This stage is characterized by an
absence of data authority or data stewardship. There is no process for data governance
in the organization. From a technology perspective, at this stage, business process
models, data models, as well as rules, are completely embedded in applications. Data
quality or data modeling tools do not exist, and enterprise-wide, cross-functional
views of data are not available.
Stage 2—Enterprise-Repository Centric
At this stage, from an organization’s perspective, some data stewardship is performed
by informal data experts, but there is no formal acknowledgment of the role and
definition of responsibilities, with the authority of data lying in the hands of IT.
Collaboration between business and IT is consistent. From a process perspective,
loosely defined governance processes are siloed by enterprise repositories like data
warehouse, a master data hub, and ERP systems, with data issues being tackled
reactively without addressing the root cause of the problem. From a technology
perspective, data quality tools and metadata tools exist for enterprise repositories.
4.4 Data Governance Maturity Models … 105
Table 4.1 Data governance maturity models—practitioners, maturity levels, and subject areas
Practitioner Maturity levels Subject area
Kalido 4 maturity levels— 3 key areas—
• application centric; • organization;
• enterprise repository centric; • process;
• policy centric; • technology
• fully governed
DataFlux 4 maturity levels— 5 components—
• undisciplined; • people;
• reactive; • policies;
• proactive; • technology;
• governed • risk and reward;
• advancing to the next stage
Microsoft 4 maturity levels— 3 key areas—
• basic; • people;
• standardized; • process;
• rationalized; • technology
• dynamic
Informatica 5 maturity levels— 4 dimensions—
• reactive; • driver;
• repeatable; • scope;
• structured; • how measured;
• proactive; • how managed
• embedded
Oracle 6 maturity levels— Subject areas not available
• none;
• initial;
• managed;
• standardized;
• advanced;
• optimized
IBM 5 maturity levels— 11 domains—
• initial; • organizational structures and awareness;
• managing; • stewardship;
• defined; • policy;
• quantitatively managed; • value creation;
• optimizing • data risk management and compliance;
• information security and privacy;
• data architecture;
• data quality management;
• classification and metadata;
• information lifecycle management;
• audit information, logging and reporting
Stage 3—Policy Centric

At this stage, there is a shift from an IT centric approach to a business centric
and policy centric approach to data. Data is recognized as a corporate asset. From
an organization’s perspective, business is involved in managing data with a cross-
functional council as the central authority, and data stewards with clearly defined
responsibilities. From a process perspective, there is a shift from siloed processes
to a streamlined set of processes governing the key enterprise repositories in the
organization.
The processes for defining policies, communication, and enforcements are estab-
lished at this stage, and there is a defined process for reporting and tracking data
issues. From a technology perspective, data quality is monitored regularly and there is
automated workflow to support the data governance process. A centralized repository
of data policies is set up to define policies in a top-down approach.
Stage 4—Fully Governed
Organizations operating at this stage have an organization wide firmly rooted data
driven culture, which values data as a strategic asset. From an organization’s perspec-
tive, at this stage, the data governance organizational structure is viewed as critical,
and is established as a stable business function with the business taking full ownership
of data content and defining data policies.
From a process perspective, data governance is a core business process, and
decisions are made with quantifiable benefit-cost-risk analysis. From a technology
perspective, business policies for data model, data quality, security, and lifecycle
management are integrated with user interactions with data, with centrally defined
policies and rules driving system behavior where feasible.
Data at rest as well in motion are monitored with issues being addressed before
any adverse impacts to the business.
4.4.2 DataFlux
DataFlux has defined a data governance maturity model with four levels—undis-
ciplined, reactive, proactive, and governed with the maturity at each level being
gauged along four key areas or components—people, policies, technology, and risk
and reward. In addition, DataFlux also has a component “advancing to the next stage”,
which outlines the actions required to move to higher levels (DataFlux Corporation).
Level 1—Undisciplined
As the name suggests, chaos reigns at this level.
From a people perspective, at this level, success is dependent on the competence
of a few individuals, with no executive awareness of data issues, and no management
buy-in for data quality.
From a policies perspective, at this level, data problems are addressed reactively
in a firefighting mode, with no defined data quality processes, and a lot of data silos.
From a technology perspective, at this level, data analysis, profiling, and auditing
are not done, with data cleansing and standardization only applied to isolated data
sources, and data improvement focused on solitary applications.
From a risk and reward perspective, at this level, risks are extremely high, like
lost customers and opportunities due to data issues, while the rewards are low and
driven by the individual degree of success.
The first stage is often characterized by events that show the impact of bad data
quality like lost customers. This results in organizations to recognize the problems
at a departmental level, and start to quantify the effects of poor data quality in the
organization, and take steps to progress towards the next level of maturity. In order
to move to the next higher maturity level, organizations have to establish their data
governance objectives, baseline their data governance maturity, identify their critical
data assets, and have technology components in place for data quality and data
integration.
Level 2—Reactive
As the name suggests, organizations that operate at this level of maturity recognize
and address data issues only after the occurrence.
From a people perspective, at this level, success is dependent on the group of
database administrators while a useful data quality process is developed by individ-
uals. There are no standard processes across functions, and there is little management
buy-in for data quality.
From a policies perspective, while data governance rules start emerging at
this maturity level, the focus is still on correcting data issues, and processes are
built to address current data issues. Roles and responsibilities are standardized by
departments.
From a technology perspective, tactical data quality tools are used at this level,
with ERP and CRM systems using data quality technology, and data integration
attempted by departments in isolation.
From a risk and reward perspective, risks are high due to a lack of data integration,
and rewards are limited and anecdotal, with return on investments coming from
individual processes.
At this level, applications in the organizations are still non-integrated across
departments and business units. In order to move from the reactive stage to the
proactive stage, the organizations need to have a strategy to have a more unified
view of enterprise data across the departments for specific domains, which requires a
significant cultural change. Data stewards need to be established, and organizations
need to start using data monitoring technologies to proactively uncover data issues.
Level 3—Proactive
The organizations operating at this level are able to avoid risks and reduce uncertainty.
From a people perspective, at this level, management views data as a strategic
asset, understands the value of data governance, and commits resources for the
same. Data stewards are responsible for enacting and maintaining data quality
standards, business rules, and implementing the data management strategy.
From a policies perspective, at this level, the focus is on prevention of data issues
rather than correction, and to this effect, preventive data quality processes emerge,
with metrics sometimes used to provide insights into areas for improvement.
From a technology perspective, service-oriented architecture becomes an industry
standard. The data quality functionality is shared across different operation modes,
and data quality monitoring is in place to maintain the data quality.
From a risk and reward perspective, the risks range from medium to low level
because of the availability of better quality data that enables more reliable decision
making. The rewards range from medium to high as the data quality improves because
of a wider adoption in different functional areas across the organization.
At the proactive level, the organizations start unifying the data for a particular
domain like customers or products Movement to the next level (that is, the highest
maturity level) requires a unification approach for all corporate data, with the business
playing a key role in the data management process and IT playing a supporting role.
The movement to the highest maturity level also requires technology capability to
automate the business processes.
Level 4—Governed
The organizations operating at this level have an organization wide unified data
governance strategy.
From a people perspective, at this level, the data governance program has an
executive sponsorship with direct support from the Chief Executive Officer. The
business users play an active role in data strategy, with data governance groups
working actively with data stewards.
From a policies perspective, automated policies are in place to ensure that the
data continues to be of high quality throughout the organization. The business rules
for data quality and identity management are encapsulated in a service orientated
architecture (SOA). New data initiatives are only approved after impact analysis of
the existing data infrastructure has been carefully deliberated.
From a technology perspective, the data quality tools are standardized across the
organization. Data models capture the business and technical metadata for all data
elements.
From a risk and reward perspective, at the highest level of maturity, the risk is
low with the availability of high-quality data, and the rewards are high because of a
better understanding of the organization’s business and data driven decisions.
4.4.3 Microsoft
Microsoft has defined a data governance maturity model for data governance for
privacy, confidentiality, and compliance (abbreviated as DGPC). The model has four
progressive levels of maturity: basic, standardized, rationalized, and dynamic, with
maturity at each level being gauged in three core capability areas namely, people,
process, and technology.
The people area is organized around three layers namely, executive management,
DGPC organization and workforce, and trusted business partners.
The process area is organized around five aspects of the data governance process—
guiding principles, manage DPGC organization, manage requirements, manage
strategy and policies, and manage control environment.
The technology area is organized around the sub categories—information life-
cycle, technology domains, and DGPC risk/gap analysis matrix (Salido and Patrick
2010).
Level 1—Basic
At this level, from a people perspective, the executive management is not aware
of data governance for privacy, confidentiality, and compliance (DGPC) needs and
capabilities. The DGPC organization comprises of localized disparate groups, which
do not include representation from cross-functional business units to address DGPC
needs in siloed fashion in their specific areas of responsibilities. No formal DGPC
roles and responsibilities are defined.
Workforce and trusted partners are not required to complete data governance
awareness training, and are not aware of their roles and responsibilities. They report
issues on an adhoc basis as the DGPC controls are limited and not well known.
From a process perspective, the DGPC processes are executed in an adhoc
fashion. An autonomous DGPC process is used by disparate localized groups,
with localized adhoc translation of requirements into business data and compli-
ance requirements, with neither a defined DGPC strategy nor defined data policies
in place. Adhoc controls are formulated, reviewed, approved, implemented, and
monitored by disparate groups in a siloed fashion based on their respective area of
responsibilities.
From a technology domain perspective, the information life cycle of confiden-
tial data is inconsistently examined and documented. Security technology domains
are implemented in an adhoc and reactive manner, with adhoc tools used to test
the security infrastructure. Adhoc data quality tools and adhoc monitoring technolo-
gies are also used. From a privacy, confidentiality, and compliance risk/gap analysis
perspective, no gap analysis exercise is undertaken, and there are no data privacy and
confidentiality principles.
Level 2—Standardized
At this level, from a people perspective, the executive management is supportive of
DGPC and communicates the importance of DGPC, formally designates the data
governance leaders from different groups to address the DGPC needs, defines and
communicates the DGPC roles and responsibilities to them, as well as receives the
DGPC status reports from the designated business leaders.
The DGPC organization consists of individual governing bodies having appro-
priate representation from cross-functional business units. Roles and responsibilities
are formally defined for each governing body, and data stewards are assigned to
each governing body. Workforce and trusted business partner areas are required to
complete data governance awareness training. They have a clear understanding of
their roles and responsibilities, and report issues related to data governance controls.
From a process perspective, the processes are structured, localized, and repeatable
based on institutional guiding principles. Disparate localized groups are responsible
for maintaining standard processes. Data governance committees and working groups
use standard processes for goal definition, to measure performance and reporting
progress against defined goals, for member selection, to define member roles and
responsibilities, to develop their data governance policies and strategies based on
their respective area of responsibility, to review, implement and monitor compliance
to their data governance policies.
A standard process is used for the translation of regulations into data compliance
requirements. All groups use a standard process to develop, review, and approve
data governance controls implementation plans, processes, and technical controls,
to implement data governance control standards and data governance controls effec-
tiveness action plans as well as monitor, report, review, and respond to their data
governance controls effectiveness status.
From a technology domain perspective, the information life cycle of confi-
dential data is examined and documented as a standard practice. IT collaborates
with business units to understand the security and privacy needs, identity access
management requirements, data protection requirements, auditing, and reporting
needs in order to develop a comprehensive strategy and roadmap for the security
infrastructure, identity access management requirements (which are deployed selec-
tively), data protection, and monitoring technologies (which are deployed selectively)
respectively.
The standard tools are used to test and validate security infrastructure components,
and standard data quality tools are used for data monitoring and cleansing. From
a privacy, confidentiality, and compliance risk/gap analysis perspective, disparate
groups subscribe to their own set of data privacy and confidential principles, with
focused working groups conducting their own data risk and gap analysis.
Level 3—Rationalized
At this level, from a people perspective, the executive management communicates
the importance of data governance, designates an executive leader to guide different
DGPC group leaders, receives and responds to consolidated data governance status
reports from the designated executive leader, and defines and communicates DGPC
roles and responsibilities to the designated executive leader as well as the DGPC
group leaders.
The DGPC organization consists of individual governing bodies having appro-
priate representation from cross-functional business units, with roles and responsi-
bilities formally defined for each governing body, and data stewards assigned to each
governing body as in level 2.
However, in addition, there is a central governing body which includes lead-
ership representation from cross-functional business units that provides guidance
to, coordinates, consolidates efforts of individual data governance committees, and
formally and clearly defines roles and responsibilities for the committees which in
turn define roles and responsibilities for the working groups, ultimately defining and
communicating a unified DGPC strategy to the DGPC committees.
The committees and working groups have a unified hierarchical reporting struc-
ture. Workforce and trusted business partner area are required to complete data gover-
nance awareness training. They have a clear understanding of their roles and respon-
sibilities and report issues related to data governance controls as in level 2. In addition
to this, acknowledgment by workforce and trusted business partners is documented,
and performance, issues, and violations are tracked.
At this level, from a process perspective, processes are structured, localized, and
repeatable based on institutional guiding principles as in level 2. In addition to this,
duplicate processes are removed, and complex processes are simplified to make
them more manageable. A standard process is used to manage the hierarchical data
governance structure, including member selection and definition of member roles
and responsibilities. Standard processes are used to develop, review, and approve
data governance policies and strategies. DGPC committees and working groups use
standard processes for goal definition, to measure performance, and to report progress
against defined goals like in level 2; but in addition, the GRC council uses a process
to define goals and objectives for the DGPC committee, measure, and report on the
performance of the GRC council’s DGPC strategy.
A standard process is used for translation of regulations into data compliance
requirements as in level 2. In addition, efforts are made to ensure that the processes
are working as intended. All groups use a standard process to develop, review,
and approve data governance controls implementation plans, process and technical
controls, and implement data governance control standards and data governance
controls effectiveness action plans, as well as monitor, report, review, and respond
to their data governance controls effectiveness status as in level 2. In addition to
this, efforts are made to ensure that data governance controls implementation plans,
process and technical controls definition, data governance control standards, and data
governance controls effectiveness action plans are working as intended.
From a technology perspective, the information life cycle of confidential data is
examined and documented as a standard practice as in level 2. In addition to this,
lessons learned from the assessment of each information life cycle are also applied.
IT collaborates with business units to do the following:
• understand security and privacy needs as in level 2, and uses standard technology
and capabilities to gain a holistic view of all security infrastructure components;
• understand identity access management requirements, data protection require-
ments, auditing, and reporting needs, which are deployed extensively throughout
the organization;
• use the above to develop a comprehensive strategy and roadmap for the secu-
rity infrastructure, identity access management, data protection, and monitoring
technologies respectively.
Standard tools are used and automated to test and validate security infrastructure
components. Standard data quality tools are used for data monitoring and cleansing as
in level 3. From a privacy, confidentiality, and compliance risk/gap analysis perspec-

tive, all groups subscribe to a standard set of data privacy and confidential principles,
which are rationalized on a periodic basis. The DGPC gap analysis is embedded in
the confidential information risk assessment and management process.
Level 4—Dynamic
At this level, from a people perspective, the executive management communicates the
importance of data governance, designates an executive leader to guide the different
DGPC group leaders, receives and responds to consolidated data governance status
reports from the designated executive leader, and defines and communicates the
DGPC roles and responsibilities to the designated executive leader as well as the
DGPC group leaders as in level 3. In addition, the executive management engages
with the DGPC leaders from different groups on a routine basis and provides guidance
as required.
The DGPC roles and responsibilities are reviewed and adjusted by the exec-
utive management as need be. The DGPC organization consists of individual
governing bodies having appropriate representation from cross-functional business
units, with roles and responsibilities formally defined, reviewed, and adjusted for each
governing body. Data stewards are assigned to each governing body with a central
governing body, which includes leadership representation from cross-functional busi-
ness units, which provides guidance to, coordinates, and consolidates efforts of indi-
vidual data governance committees and formally and clearly defines roles and respon-
sibilities for the committees. The committees in turn define roles and responsibilities
for the working groups, and defines and communicates a unified DGPC strategy to
the DGPC committees. Roles and responsibilities are reviewed and adjusted to meet
the changing requirements.
The committees and working groups have a unified hierarchical reporting struc-
ture as in level 3. Workforce and trusted business partner area are required to complete
data governance awareness training. They have a clear understanding of their roles
and responsibilities, and report issues related to data governance controls. Acknowl-
edgment by the workforce and trusted business partners is documented. The perfor-
mance, issues, and violations are tracked as in level 3. In addition to this, results are
reviewed, adjustments are made, and action plans are implemented and developed
to improve effectiveness and compliance.
At this level, from a process perspective, processes are structured, localized, and
repeatable based on institutional guiding principles. Duplicate processes are removed
and complex processes are simplified to make them more manageable as in level 3.
A standard process is used to manage the hierarchical data governance structure,
including member selection, and definition of member roles and responsibilities.
Standard processes are used to develop, review, and approve data governance policies
and strategies as in level 3. In addition to this, processes are continuously improved
to optimize efficiency or effectiveness.
The DGPC committees and working groups use standard processes for goal defini-
tion, to measure performance and for reporting the progress against defined goals. The
GRC council uses a process to define goals and objectives for the DGPC committee,
and measure and report on the performance of the GRC council’s DGPC strategy as
in level 3. A standard process is used for translation of regulations into data compli-
ance requirements and efforts are made to ensure that the processes are working as
intended. All groups use a standard process to develop, review, and approve data
governance controls implementation plans, process and technical controls, imple-
ment data governance control standards and data governance controls effectiveness
action plans as well as monitor, report, review, and respond to their data governance
controls effectiveness status. Efforts are made to ensure that the data governance
controls implementation plans, process and technical controls implement data gover-
nance control standards, and data governance controls effectiveness action plans are
working as intended as in level 3. In addition to this, continuous process improvement
techniques are used to optimize the processes.
From a technology perspective, the information life cycle of confidential data
is examined and documented as a standard practice and lessons learned from the
assessment of each information life cycle are applied as in level 3. IT collaborates
with business units to do the following:
• to understand the security and privacy needs, and use standard technologies and
capabilities to gain a holistic view of all security infrastructure components as in
level 3. In addition to this, centralized capabilities are used to regularly manage
configurable security policies across all infrastructure components.
• to understand the IAM requirements, data protection requirements, auditing, and
reporting needs, which are deployed extensively throughout the organization as
in level 3. In addition to this, enhanced IAM services are used at this level.
• to use the above to develop a comprehensive strategy and roadmap for the security
infrastructure, IAM, data protection, and monitoring technologies respectively as
in level 3. In addition, automated preventive action is enabled in response to
specific critical alerts.
Standard tools are used and automated to test and validate the security infras-
tructure components. Standard data quality tools are used for data monitoring and
cleansing as in level 3. From a privacy, confidentiality, and compliance risk/gap anal-
ysis perspective, all groups subscribe to a standard set of data privacy and confidential
principles, which are rationalized on a periodic basis, and the DGPC gap analysis is
embedded in the confidential information risk assessment and management process.
4.4.4 Informatica
Informatica has defined a data governance maturity model with five stages—reactive,
repeatable, structured, proactive, and embedded, with data governance being an IT
centric effort at the lowest level, and gradually moving to a business centric effort
with increasing stages of data governance maturity. Informatica assesses maturity
at each stage along four dimensions—driver, scope, “how measured”, and “how
managed” (Informatica Professional Services 2015).
Stage 1—Reactive
At this stage, data governance is at the grassroot level, being driven by a few
passionate individuals. Adhoc rules, policies, and/or standards are implemented into
IT projects as a part of their functional requirements from a scope perspective, with
success being measured by the success of the technology release. Management of
data governance can be best described as “Adhoc” at this stage.
Stage 2—Repeatable
At this stage, data governance still prevails at the grassroot level but is driven by
enterprise architecture (EA) or IT management. The scope of data governance is
limited to documented IT governance and EA standards. This results in metadata
reuse and improved collaboration across IT projects, with success being primarily
measured in terms of improved IT efficiencies. The management of data governance
can be best described as “Pilot” at this stage.
Stage 3—Structured
At this stage, data governance has a more top down sponsorship, though data gover-
nance is primarily driven by senior IT. The scope extends to establishing competency
centers and centers of excellence. Though the data governance efforts are still IT led,
but the business is more involved at this stage. Success is primarily measured at this
stage on operational metrics and SLAs. The management of data governance can be
described as “Project” at this stage.
Stage 4—Proactive
At this stage, the data governance program is sponsored by the business leaders. From
a scope perspective, the data governance program is initiated as a part of the wider
strategic enterprise information management program. The success is measured by
the success of the program with the data governance program being a multiphase
effort spread over a few years. The management of data governance can be best
described as a “Program” at this stage.
Stage 5—Embedded
At this stage, the data governance program is sponsored and supported by the top
executives or the executive board. With respect to scope, data governance is contained
as a self-sustaining core business function that manages data as an enterprise asset.
The measurement of success is not restricted to specific programs but is evaluated on
the basis of the overall impact on the business. The management of data governance
can be best described as a “Function” at this stage.
4.4.5 Oracle
Oracle has defined a data governance maturity model with six levels or milestones—
none, initial, managed, standardized, advanced, and optimized (Sun 2011).
Level 0/Milestone 1—None
The organizations operating at this level tend to view and treat data as a by-product
of application, and formal governance processes do not exist in the organization.
Level 1/Milestone 2—Initial
At this level, IT is responsible for the data with collaboration between business and IT
being inconsistent and strongly dependent on the presence of individual data-savvy
champions in the different business functions across the organization.
Level 2/Milestone 3—Managed
While standardized processes are in a nascent stage of development at this level,
it is mainly characterized by loosely defined processes that exist around crucial
applications in the business functions. Data issues are tackled reactively without
addressing the root cause of the problem. Ownership and stewardship may be defined
in silos in the business functions.
Level 3/Milestone 4—Standardized
As the name of this level suggests, standardized processes are established across
business functions. The business is involved in data governance. A cross-functional
team is established, and data stewards are appointed, with their roles and responsi-
bilities clearly defined. At this level, a centralized repository of data policies, which
is easily accessible is also established, and the data quality is regularly monitored
and assessed.
Level 4/Milestone 5—Advanced
At this level, the data governance organizational structure is entrenched and is viewed
as a critical business function, with business taking full ownership for data content and
defining data policies. Quantitative process and maintenance quality goals are also
set.
Level 5/Milestone 6—Optimized
At this level, data governance is a core business process. The decisions are driven by
quantifiable, benefit-cost-risk analysis results with quantitative process-improvement
objectives which are used as benchmarks to manage process improvement, being
resolutely established and constantly revised to keep up with the changing business
goals.
4.4.6 IBM
IBM created a data governance council which in turn defined a data governance
council maturity model which has 5 levels—initial, managing, defined, quantitatively
managed, and optimizing.
It measures the data governance competencies of organizations based on the 11
crucial domains of data governance maturity namely—organizational structures and
awareness; stewardship, policy, value creation, data risk management and compli-
ance information security and privacy data architecture, data quality management,
classification and metadata information lifecycle management and audit informa-
tion, logging and reporting (IBM 2007). Each of these category domains also has
five levels of maturity and is assessed as follows (Alder 2006):
Initial: At the first level, the elements of practice in a specific category domain may
be present but are contained in individual departments, and are mostly implemented
in an adhoc fashion.
Managing: At the second level, the elements of practice in a specific category
domain are mostly defined at an enterprise level. However, the implementation is
not comprehensive across the enterprise.
Defined: At the third level of maturity, the elements of practice in a specific category
domain are defined as well as implemented across the enterprise. However, there are
no formal processes established to ensure continuous improvement.
Quantitatively Managed: At this level, the elements of practice in a specific category
domain are defined and implemented across the enterprise. Repeatable processes and
metrics are in place to monitor and track progress to ensure continuous improvement.
Optimizing: At the highest level of maturity, the elements of practice in a specific
category domain are implemented, monitored, and used in a proactive manner
across the enterprise to decrease risk and continuously improve the data governance
practices.
Each data governance maturity model has its own characteristics and strengths. A
data governance maturity model provides the foundation for subsequently planning a
data governance delivery process. Reviewing and evaluating data governance matu-
rity models should occur early in the process in order to establish an understanding
of the end state.
The data governance program differs from organization to organization, and the
data governance program needs to be tailored to suit the organizational needs. Simi-
larly, if none of the available data governance maturity models suit your needs,
you can tailor any of the existing data governance maturity model so that it meets
your organizational needs. The elements in the data governance maturity model will
be determined by what the organization is trying to achieve by implementing data
governance and how the data assets can facilitate that intent.
The progression from the bottom level to the top level of maturity is character-
ized by changes in people, processes, behaviors, attitudes, tools, and technology.
For people, there is increasing ownership and stewardship with increasing levels of
maturity. There is a marked difference in attitudes and perceptions, with a shift from
data governance being viewed less as an overhead at lower maturity levels to more
as a return on investment, with progression towards higher levels of maturity.
For processes, with increasing levels of data governance maturity, data governance
becomes a part of the standard business practices and with data policies and standards
developed, maintained, and distributed, data governance processes are monitored,
rather than being looked at on an adhoc basis for quick fixes.
From a tools and technology perspective, the increasing levels of maturity are
characterized by transition from a manual way of doing things to enterprise wide
sophisticated tools to manage data. As you move from lower to higher levels of
maturity, there is a gradual reduction of risks and greater benefits to be reaped from
data governance practices at higher levels of maturity. The level of maturity varies
dramatically amongst organizations, with different organizations being at different
levels of data governance maturity.
The organizations that want to plan their data governance journey in an organized
manner can use data governance maturity models to manage change by determining
their current data governance maturity level (as-is level) and understand WHY they
are at that level, and then establishing WHAT level is appropriate for their business
(that is the should be/to-be or future state they wish to attain) and HOW, WHEN,
and WHERE in the organization to move from one level to the next level.
Moving from a lower level to a higher level requires investment in terms of time and
effort from business subject matter experts, IT teams, as well as technology. As the
organization proceeds through each level of maturity, the organization reaps greater
benefits and reduces risks from more effective data ownership and data stewardship,
better controls around the data, more comprehensive data policies and data standards,
formal conflict resolution process, increased degrees of formalization around devel-
opment and maintenance of data policies and data standards, greater enforcement
of data policies and data standards, and increased formalization of data governance
roles and responsibilities.
In short, the data governance maturity model can be used as a benchmarking tool
to assess the organization’s current data maturity, and determine where you want to
see your organization in terms of data maturity in the next year or two.
4.5 Data Governance Maturity Model Proposal
The data governance maturity model that we propose in this section, for the purposes
of assessment of data governance maturity has five levels and nine dimensions. Each
of these dimensions in turn have further five levels of maturity in alignment with the
CMM model. The five levels of data governance maturity are described succinctly
below:
Level 1—Initial or Chaotic

As the name suggests, this level is characterized by chaos with no or limited data
governance awareness, limited management support, informal roles and respon-
sibilities, and no processes or adhoc processes around data governance. The
comprehensiveness of data governance implementation can be described as almost
nil.
Level 2—Repeatable
At this level, the senior management is only aware of data governance, and
provides some support; some roles and responsibilities have been established
but are not comprehensive; informal processes are siloed by departments. The
comprehensiveness of data governance implementation can be described as limited.
Level 3—Defined
At this level, the senior management understands the data governance impacts, and
the middle and lower management are aware of the data governance program. There
is an executive sponsor, though he may not be involved or might not hail from
the business. At this level, the extent and formalization of role definition is greater
than in level 2, though not comprehensive. Formal processes exist though are not
always followed, and comprehensiveness of data governance implementation can be
described as spread across several business units.
Level 4—Managed
At this level, there is a high level of data governance awareness with the senior
management aware of the long-term strategy of data governance. The middle and
lower management are cognizant of the data governance objectives and impacts, and
there is an executive sponsor, who is involved in the process. At this level, there is a
comprehensive data governance organization throughout the enterprise, but not all of
the roles are formally defined. Formal processes exist and are extensively followed.
The comprehensiveness of data governance implementation can be described as
spread across almost throughout the enterprise.
Level 5—Optimized
At this level, there is an organization wise awareness of data governance and there is
an executive sponsor who is involved in the process. The C-suite executives are also
supportive of data governance. At this level, there is a comprehensive data gover-
nance organization throughout the enterprise. Formal processes exist and are followed
across the organization. The comprehensiveness of data governance implementation
can be described as established throughout the enterprise.
Dimensions
The nine dimensions of the data governance maturity model are as follows:
• Overall data governance;
• Data policies;
4.5 Data Governance Maturity Model Proposal 119
• Data standards;
• Data ownership;
• Data stewardship;
• Data compliance;
• Data architecture—data access and security;
• Data quality; and
• Metadata.
The descriptions for data governance dimensions with respect to maturity are
summarized in Table 4.2.
As we see in Table 4.2, each of the data governance dimensions has several aspects
to them, which can be considered as sub-dimensions. For example, the extent of
awareness, comprehensiveness of the data governance program, senior management
support, roles and responsibilities to govern data, data governance metrics, the rigor of
conflict resolution, the involvement of supporting organizations in data governance,
and identification of data publishers/producers and data consumers are all subdimen-
sions of the overall data governance dimension. Each of these subdimensions need
to be defined and assessed, when data governance maturity is assessed.
For example, at the lowest level of maturity, that is, level 1, no data governance
roles exist. At the next maturity level, that is, at level 2, some data governance
roles exist, though they are not formally defined. At level 3, some pockets of data
governance roles are defined but not throughout the enterprise. At level 4, many
data governance roles are extensively and formally defined throughout the organiza-
tion, and at level 5, there is a comprehensive data governance structure established
throughout the organization.
With respect to data governance metrics subdimensions, at the lowest level, there
are no formally defined data governance metrics. At the next maturity level, that
is, at level 2, a few data governance metrics may be defined and measured in small
pockets on an adhoc basis. At level 3, more data governance metrics are defined and
measured at predefined intervals, but results are not published or tracked. At level 4,
there is an extensive set of data governance metrics defined and measured with results
being published but not tracked. At the highest level of maturity, that is, at level 5,
there is a comprehensive formal set of data governance metrics that are measured at
pre-defined intervals and the results are published and tracked.
The data governance maturity assessment is an exercise that organizations need to

carry out in order to be able to benchmark their capabilities in the current state and
determine the current maturity of the organization’s data governance program by
establishing a maturity level, and also establish what level an organization wants to
achieve for each of the dimensions as shown in Table 4.3. You need to baseline your
current maturity—that is, “where are you now?”.
Table 4.2 Data governance dimensions and descriptions with respect to maturity
120
Dimensions Description
A Overall data governance Overall data governance maturity describes the extent of awareness, comprehensiveness of the
data governance program, senior management support, roles and responsibilities to govern data,
data governance metrics, rigor of conflict resolution, involvement of supporting organizations in
data governance, identification of data publishers/producers, and data consumers
As the organization matures, the data governance program awareness grows, data governance
programs spread from few business units to across the organizations, management support for
data governance increases, roles become more formalized, supporting organization’s
involvement in data governance grows, data governance metrics evolve, and conflict resolution
process evolves and becomes more formal
B Data policies Data policies are a set of documented guidelines, principles, and rules for ensuring proper
management and use of metadata and data during the lifecycle of the data
Data policies maturity describes the extent of data policies’ comprehensiveness, adherence,
enforcement, distribution, data policies development and change, and ease of understanding of
data policies
As the organization matures, the comprehensive formalization of data policies increases, the
process for developing, changing, and approving data policies, the distribution and enforcement
of data standards also evolve and mature, and the quality of data policies in terms of ease of
understanding and currency also increases
C Data standards Data standards contain specific low-level mandatory controls for supporting and enforcing data
policies
Data standards maturity describes the extent of data standards’ comprehensiveness, adherence,
enforcement, distribution, development, change, and ease of understanding of data standards
As the organization matures, the comprehensive formalization of data standards increases, the
process for developing, changing, and approving data standards, the distribution and
enforcement of the data standards also evolve and mature, and the quality of data standards in
terms of ease of understanding and currency also increases
(continued)
4 Data Governance Maturity Models
Table 4.2 (continued)
D Data ownership Data ownership is the accountability for the data including data capture and enforcement of
business rules related to the data
Data ownership maturity describes the extent of data ownership comprehensiveness, definition
of data ownership roles and responsibilities, business understanding of data, training, familiarity
with and use of tools, and data users’ familiarity with data owners
As the organization matures, data ownership also evolves in lines of formalization of roles and
responsibilities, comprehensiveness, understanding of data, training, their level of expertise and
ease of accessibility of the data owners
E Data stewardship Data stewardship relates to managing data sets in an organization, which do not belong to the
stewards themselves. Data stewardship is the operational facet of a data governance program
that involves the actual routine work of governing the enterprise’s data (Plotkin 2013)
Data stewardship maturity describes the extent of data stewardship comprehensiveness,
definition of data stewardship roles and responsibilities, relevant experience, training,

familiarity with and use of tools, and data users’ familiarity with data stewards
As the organization matures, data stewardship also evolves in lines of formalization of roles and
responsibilities, comprehensiveness, their level of expertise, training, and ease of accessibility
of the data stewards
F Data compliance Data compliance is the adherence of data to internal organization regulations as well external
laws and regulations
Data compliance maturity describes the extent of internal compliance drivers, adherence to
external compliance rules and regulations, controls, segregation of duties, and understanding of
compliance
As the organization matures, data compliance also evolves in lines of extent of definition of
internal compliance drivers, extent of compliance to external rules and regulations, extent of
understanding of applicable compliance laws, segregation of duties, extent of deployment of
effective control mechanisms, and formalization of communication regarding compliance laws
(continued)
121
Table 4.2 (continued)
122
G Data architecture—data access and Data architecture—data access and security refers to mechanisms to allow secure access to data
security for read, write, delete, and modify actions for ensuring security in data access and transfer
Data architecture—data access and security maturity describes the extent of security imposed
for data access and transfer, system interfaces, and maturity of data access middleware
components in the organization
As the organization matures, the architecture around data access and transfer matures in terms
of restricted direct access and restrictions on system interfaces; comprehensiveness of
middleware components; and evolution of policies and guidelines around the same
H Data quality Data quality discipline relates to the effective management of data assets in an organization by
assessing the quality of data, cleansing data, improving processes around capture, processing,
storage, and maintenance of data
Data quality maturity describes the extent of assessing and addressing quality of data prior to
application design, use of data quality metrics, standardization of data fields, the extent and
maturity of the data quality tools
As the organization matures, data quality also evolves along the lines of data quality awareness,
knowledge of data quality dimensions and their usage, usage of data quality metrics,
standardization of data fields, comprehensiveness and usage of data quality tools, and data
quality activities shift from reactive to proactive where possible with increasing levels of
maturity
I Metadata Metadata is data about data or data which is used to understand the data
Metadata maturity describes the extent of metadata capture and content, metadata access,
metadata maintenance, and integration of metadata repositories with other tools
As the organization matures, metadata also evolves in lines of extent of capture and management
of metadata in the enterprise, metadata repositories, metadata maintenance, and access
4 Data Governance Maturity Models
4.6 Data Governance Maturity Assessment 123
Table 4.3 Data governance dimensions and maturity levels

Dimensions Maturity level
A Data governance—overall 1 2 3 4 5
B Data policies 1 2 3 4 5
C Data standards 1 2 3 4 5
D Data ownership 1 2 3 4 5
E Data stewardship 1 2 3 4 5
F Data compliance 1 2 3 4 5
G Data architecture—data access and 1 2 3 4 5
security
H Data quality 1 2 3 4 5
I Metadata 1 2 3 4 5
Establishing the current maturity levels involves conducting a series of work-

shops, one-on-one meetings, brainstorming sessions with the respective stakeholders,
review of any existing models and documentation, data analysis to understand the
current state, and using the mapping model for each data governance dimension—
data governance—overall, data policies, data standards, data ownership, data stew-
ardship, data compliance, data architecture—data access and security, data quality,
and metadata as described in the previous section to assign the maturity level based
on responses and analysis findings.
The observations and findings that support the current maturity assignment should
be documented and shared with the stakeholders, and documents analyzed should
be referenced. All these should be stored in a common repository.
Once you have established the current state maturity levels for each of the dimen-
sions, you would then need to establish the target state maturity, analyze the gaps, put
an action plan to define initiatives and milestones to achieve the target state, under-
stand the interdependencies amongst the initiatives, establish the expected outcomes,
and define the metrics to track progress.
This information can be captured using the format as depicted in Table 4.4, and
an example is also shown in Table 4.5. Establishing an enterprise wise data standard
is one of the dimensions along which the effectiveness of data governance can be
measured. However, how do you measure progress? The example in Table 4.5 shows
quantifiable metrics to measure progress and quantifiable outcomes, with respect to
achieving higher level of maturity for the data standard dimension.
Embracing and aligning data with data standards should result in a decrease in
data inconsistency which would, in turn, should result in an increase in regulatory
compliance.
It is importance to note that you cannot skip a level and take a giant leap.
Depending on the organization’s culture and maturity, it may not be ready to start
the ascent up the steps or even if ready, only be able to take baby steps.
You would have to understand what needs to be accomplished to move to the
next step, even though it is a small step. For example, having one enterprise data
Table 4.4 Table format for recording the current and future state for data governance
Dimensions Current maturity Target maturity Metrics Expected
level level outcomes
A Data
governance—overall
B Data policies
C Data standards
D Data ownership
E Data stewardship
F Data compliance
G Data architecture—data
access and security
H Data quality
I Metadata
Table 4.5 Sample table for recording the current and future state for data governance
Dimensions Current maturity Target maturity Metrics Expected
level level outcomes
B Data standards 2 3 50% reduction in 25% increase in
data regulatory
inconsistency compliance
quality issue log would be the ideal state, but for a large and complex organization
whose culture is to solve data quality issues on an adhoc basis, getting all groups
in the organization to work together to maintain a single DQ issue log is a huge
cultural change, which is likely to fail. Instead, a short term goal would be to get
one group to maintain a DQ issue log, establishing governance processes around
tracking data quality issues, establishing roles, responsibilities, and accountabilities
around capturing, analyzing, tracking, and resolving data quality issues, getting all
stakeholders to agree on the process, and then follow the process. The next steps
would be to expand it across other groups, so that each group has a DQ issue log,
with a group data governance office reporting into the CDO, and then progress to
have a single enterprise issue log.
4.7 Summary
Several data governance maturity models, which focus on the data governance aspects
have been discussed in this chapter. Some maturity models like DCAM and CMMI
apply to data management. What is common across all these maturity models is the
advanced maturity from strictly reactive to predictive as you move from the bottom
4.7 Summary 125
level to the top level. It is not possible to compare these models, as their metamodels
are different.
While data governance maturity models provide milestones at each level, which
need to be aligned in order to ascend the data governance maturity ladder, it should
be kept in mind that these maturity models are not a prescription but a guiding
framework, that you can use to baseline your organization’s data governance maturity,
and set goals to move up the data governance maturity curve.
Also, depending on your organization’s size, structure, culture, resourcing, and
budget, your organization might be in a position to take only baby steps. While the
journey up the data maturity curve is not an easy one and cannot happen overnight,
the benefits can be monumental. As an organization climbs slowly up the maturity
ladder, it becomes more data driven, and its data risks decrease while operational
efficiency and ROI increases.
The results of maturity assessment carried out using one data governance maturity
model should not be compared with the results of maturity assessment carried out
with another maturity model as their subject areas and the content within the subject
areas are not the same. An organization should consistently use the same maturity
model that is aligned with its data governance practices to assess its DG maturity.
While one of the data governance maturity models discussed in this chapter may
suit your needs and be a 100% fit, depending on your organization context, strategy,
and business goals, you might need to tailor the data governance maturity model
dimensions to suit your needs.
Also, each organization has its unique culture and nuances. The elements in the
data governance maturity model will depend largely on what the organization is trying
to accomplish and how the data assets can enable that intent. You can create your own
maturity model from the mix of several data governance maturity models presented
in this chapter. Also, it is important to keep in mind that the data governance maturity
model is not static, and continues to evolve and mature as the data governance field
continues to evolve, and organizations continue to learn how to manage and leverage
data and act on the learning.
In response to the question regarding the association of the data governance matu-
rity levels with business benefits, John A. Zachman, author of “The Framework for
Enterprise Architecture” (The “Zachman Framework”), Zachman International and
Shannon Fuller, Director of Governance Advisory Services, Gray Matter Analytics
had to say the following (Mahanti 2021):
John A. Zachman: “… I would associate the business benefits of the data governance
maturity levels precisely the same as the business benefits of the Capability Maturity
Model pattern …”.
Shannon Fuller: “The key is to demonstrate how the data governance processes
enable/support the strategic initiatives of the organization.”
He went on to explain with an example of master provider data to improve on-
demand care in the healthcare domain as follows—“in healthcare, most providers
are moving to provide more on-demand care. That program cannot be successful
without knowing who your providers are, what they can do, and where they practice
i.e. Mastering Provider, …” (Mahanti 2021).
As highlighted by George Firican, Director of Data Governance and Business
Intelligence at UBC DAE and Founder of www.lightsondata.com, in his interview
(Mahanti 2021),
There is a direct correlation between the maturity of the data governance program and the
business benefits. At early maturity stages, the organizations reap few, if any, benefits from
their data. As data governance emerges, ROIs become more apparent, until the highest
maturity state of the program when the organizations only rely on data-based decisions and
treat this asset as a means to gain a competitive advantage.
References
Alder SB (2006) The six questions every organization should ask about data governance,
IBM Corporation. http://globalforum.items-int.com/gf/gf-content/uploads/2014/04/GF_2007_S
teven_Adler.pdf. Accessed 10 Apr 2018
Becker J, Knackstedt R, Poppelbu¨ss J (2010) Developing maturity models for IT management? A
procedure model and its application. Bus Inform Syst Eng 1(3):213–222
Chen W (2010) Kalido data governance maturity model, Kalido white paper
Crosby, PB (1979) Quality is free: the art of making quality certain. McGraw-Hill, New York
DataFlux Corporation, The data governance maturity model establishing the people, policies and
technology that manage enterprise data. A dataflux white paper
Gibson CF, Nolan RL (1974) Managing the four stages of EDP growth. Harv Bus Rev 52(1):76–88
IBM Corporation (2007) The IBM data governance council maturity model: building a
roadmap for effective data governance. https://www-935.ibm.com/services/uk/cio/pdf/leverage_
wp_data_gov_council_maturity_model.pdf. Accessed 31 July 2018
Informatica Professional Services (2015) Data governance assessment discover the business value
behind data governance, service offering. https://www.informatica.com/content/dam/inform
atica-com/global/amer/us/collateral/service-offering/en_data-governance-assement_service-off
ering_2804.pdf. Accessed on 31 July 2018
Mahanti R (2021) Data governance and compliance, Springer Books, Springer, number 978-981-
33-6877-4
Mettler T (2010) Maturity assessment models: a design science research approach. Int J Soc Syst
Sci 3(1):81–98
Nolan RL (1973) Managing the computer resource: a stage hypothesis. Commun ACM 16(7):399–
405
Salido J, Patrick V (2010) A guide to data governance for privacy, confidentiality, and compliance
part 4: a capability maturity model, Microsoft white paper
Sun H (2011) Enterprise information management: best practices in data governance. Oracle
Corporation, An Oracle white paper on enterprise architecture
Chapter 5
Data Governance Components
and Framework
You don’t have to be a genius or a visionary or even a college

graduate to be successful. You just need a framework and a
dream.
—Michael Dell
Abstract Data governance framework (DGF) is one of the key factors in the
successful implementation of data governance. The three main components of data
governance are people (roles, responsibilities, working groups and committees),
processes, and tools and technology. In this chapter we will discuss each of these
components and how they interact with each other. The common functional titles used
in data governance are defined in this chapter. This chapter discusses the different data
governance roles and responsibilities, data stewardship, data ownership, processes,
standards, and policies. The different data governance bodies and committees have
also been discussed briefly in this chapter. Data stewards often fail and the failure
reasons have been discussed in a separate section. Different types of data stewards
have been discussed in succinct fashion in this chapter. There are different data
stewardship models and these have been discussed in this chapter. The different
characteristics of a data policy and the components of a data policy document have
been discussed in a lucid fashion in this chapter.
5.1 Data Governance—People, Process, and Tools

and Technology
Data governance is a function that provides policies, processes, guidelines, standards,

rules, roles, responsibilities, accountabilities, controls, and decision rights. It also
ensures that appropriate metrices are in place to oversee the effective capture and
management of data across the enterprise, and encourages appropriate behaviors in
the usage of data. Hence, we can see that the data governance execution has several
interacting components, which can be grouped under three broad heads:
• People;
• Processes; and
https://doi.org/10.1007/978-981-16-5086-4_5
128 5 Data Governance Components and Framework
Fig. 5.1 Interacting components of data governance—high level
• Tools and technology.

In this chapter, we will discuss each of these components and how they interact
with each other. Figure 5.1 shows the interactions between these broad categories at
a high level.
All these components need to work together to yield benefits. Even one missing
component would make your data governance journey a failure. Impact of a missing
component (that is, people, process, or technology) has been outlined by Kim
Jackson, Vice President, Strategy, Products and Governance, Providence St. Joseph
Health, in HIMSS 2018 (see Fig. 5.2).
• Process and technology without people result in systems that do not meet require-
ments and remain as under-used systems. This is because it is the people who use
the systems, and if people are not involved, the systems would not be built right
and would not be used.
• People and process without technology lead to frustration, inefficiency, and higher
operational cost. For example, while profiling large amounts of data using tools
and technology correctly might take a few minutes, a manual exercise would
require a lot of human resources, and still be time-consuming, inefficient, and
error-prone.
5.1 Data Governance—People, Process, and Tools and Technology 129
Sub-opƟmal
Process and Technology without People
and under-used systems
FrustraƟon, ineĸciency,
People and Process without Technology and high operaƟonal cost
People and Technology without Process AutomaƟon chaos, inconsistency,

and poor service delivery
Fig. 5.2 People, process, and technology components impacts
• People and technology without process result in automation chaos, inconsistency,

and delivery of poor service. This is because it is the process that determines what
activities need to be done, when, and by whom to produce timely, predictable,
and consistent outcomes. Hence, it introduces a level of control. If there is no
established process, people can use the technology to automate requirements, but
it would result in a lot of confusion, poor service delivery (for example, long lead
times and delays) and increased costs.
Figure 5.3 shows the typical trajectory of data in an organization. Looking at the
figure, we can see that the data flows through a multitude of systems and applications,
after being captured, and each of these systems process and transform the data.
The different systems and applications are maintained by different application
and system development teams and support teams, and are accessed and used by a
large number of users.
With data being captured, manipulated, and processed by different systems and
business processes, stored in different repositories in different formats and trans-
ported through different systems in different forms, and acted upon in different
ways by an increasing number of stakeholders, the process of managing data and
overseeing the management of data is convoluted. All these stakeholders may have
different needs and expectations from the same data. So, in short, there are too many
cooks in the kitchen.
Questions that arise are:
• Which systems and groups handle the data? Who owns the data and makes the
ultimate decision regarding the data? Is it:
– The system owners who are accountable for capture of the data and storing the
data in the system?
– The owners of the system who provision data to the downstream systems?
– Teams who manage the data capture?
– The teams that manipulate the data?
– The intermediate system owners?
– The target data system owners?
– Consumers of the data?
– Business or IT?
• Who can do what with the data, and under what circumstances, that is, what are
the boundaries regarding the access and usage of data?
• Who should define and approve, what can be done with the data?
Supply Chain
CRM Management
System
Data warehouse
Nomenclature
- Touchpoints
- User
- DataMart - Source System
- IT Application/ Systems - Legacy System
- Data flowing between systems
- Manual Report - System Generated Report
Fig. 5.3 Typical trajectory of data

5.1 Data Governance—People, Process, and Tools and Technology 131
There needs to be collaboration, alignment, and consensus regarding the data and
the related aspects around data (like data access, data security, data uses, and data
related roles), amongst these stakeholders which needs an adequate framework as
well as organizational structures for the data governance program with roles and
responsibilities at different levels, working groups, committees, policies, processes,
operating model, and rhythms that are best suited for the specific organization.
In this chapter, we will discuss the data governance framework, the data gover-
nance organizational structures, policies and processes, data ownership, data stew-
ardship, the different models of data stewardship, and the different data governance
operating models.
5.2 Data Governance Framework
As per the Oxford dictionary, “a framework is a basic structure underlying a system,

concept, or text”.
A framework helps us to outline how we plan and communicate about abstract,
convoluted, and ambiguous concepts, and their interrelationships. Frameworks also
help lend clarity to the concepts and objectives.
In other words, a framework provides structure to the various interacting elements
and provides clarity of purpose. The use of a framework can help the management
and the staff in making good decisions—that is, decisions that stick.
When we talk about governance, the term framework is commonly used. Data
governance has various components or elements—policies, processes, metrics, stan-
dards, people, and technology, and a data governance framework provides a way to
manage all these elements.
A data governance framework is a structure that is designed so that the organi-
zations can reactively as well as proactively capture and manage the data and the
interactions between different data stakeholders to ensure that the data is fit for
purpose and meets the needs of all the data stakeholders.
On a broad level, it consists of the people, processes, and technology to ensure
that the data is managed effectively as an enterprise asset. The data governance
framework is in a way the backbone of an effective data governance program. Table
5.1 lists some of the definitions of data governance framework found in literature.
The data governance framework can help data stakeholders from different business
units (such as information technology, data operations and data management, risk
management, legal and compliance) come together to achieve clarity of thought and
purpose, and also reach consensus on decisions related to why, what, who, how, and
when of data governance.
That way, they can create processes, policies, rules, and standards more efficiently,
and can also ensure that these are being enforced and followed, and simultaneously
deal with noncompliance, ambiguities, and issues.
Factors such as organizational size, organizational structure, hierarchies, organi-
zational culture, data landscape, and business objectives of data governance need to
Table 5.1 Definitions of data governance framework (DGF)

Technopedia defines data governance framework as follows:
A data governance framework refers to the process of building a model for managing enterprise
data. The framework or system sets the guidelines and rules of engagement for business and
management activities, especially those that deal with or result in the creation and manipulation
of data.
Stanford University defines data governance framework as follows:
A data governance framework is a cross-functional set of roles, policies, and enabling
technologies that work together to ensure that an organization is getting the maximum net
benefit out of its data assets (Stanford 2013, para 1).
The Data Governance Institute defines data governance framework as follows:
The DGI data governance framework is a logical structure for classifying, organizing, and
communicating complex activities involved in making decisions about and taking action on
enterprise data [The Data Governance Institute].
Mustimuhw Information Solutions Inc. defines data governance framework as follows:
The data governance framework is a collection of strategy, structure, legislation, policy, and
related tools. Components of the Mustimuhw Information Solutions Inc’s data governance
framework are data governance vision and principles, governance structure, stewardship,
accountability mechanisms, data governance policy, privacy and security policy, and legal
instruments. Mustimuhw Information Solutions Inc uses a spiral to illustrate the dynamic and
evolving nature of the framework in line with changing needs and capacities with the spiral
beginning with data governance vision and principles (Mustimuhw Information Solutions Inc,
2015).
be taken into consideration when deciding on a data governance framework. Hence,

a data governance framework that is suitable for one organization may not work for
another organization; the framework needs to be tailored for an organization.
Several frameworks exist for related governance topics like COSO ERM for corpo-
rate governance, Zachman Framework and TOGAF for enterprise architecture, ITIL
for IT service management, and COBIT for IT governance.
While there are no standardized frameworks for data governance and no standard-
ized definitions, a few organizations (The Data Governance Institute, Informatica,
Mustimuhw Information Solutions Inc, and SAS) have developed their own data
governance frameworks.
The DGI data governance framework has 10 components under three major heads
as below:
Rules and Rules of Engagement
• Mission and vision;
• Goals, governance metrics, success measures, and funding strategies;
• Data rules and definitions;
• Decision rights;
• Accountabilities; and
• Controls.
5.2 Data Governance Framework 133
People and Organizational Bodies

• Data stakeholders;
• A data governance office (DGO); and
• Data stewards.
Processes
• Proactive;
• Reactive; and
• Ongoing data governance processes.
5.3 Data Governance Components—Broad Categories
Data governance has several interacting components, which can be grouped under
three broad heads:
• People;
• Process; and
• Tools and technology.
Figure 5.4 shows the interactions and relationships between these high-level
components.
5.4 Data Governance—The People Component
The people are at the heart of a data governance program. People collaborate to create
formal, standard and consistent policies, processes, rules, and standards across the
organization.
In order to achieve this, you need to define your data governance operating model,
the organization structures and bodies, define and assign clear roles, responsibilities,
accountabilities and decision rights, and establish the operating rhythm. There are
some functional titles in data governance that are commonly in use (See Fig. 5.5).
Data Producer
The data producer is an individual, organization, system, interface, device, or service,
who/which is responsible for generating, capturing, or providing data according to
the data consumers’ requirements.
Data Publisher
The data publisher is an individual, organization, system, interface, or service
who/which provisions data, and makes it available for consumption or for use in
the enterprise.
134
Roles and
responsibilities Establish and follow
People component Principles

Align and
Organizational elaborate
structure
Policies Drive Guidelines

Leverage
Rules
Process
component Standards
Tools and Enable and
Measure technology automate Processes
component
Measure/
monitor
Automate
Metrics &
controls Measure/
monitor
Fig. 5.4 Data governance—interaction of the people, process, and technology components
5 Data Governance Components and Framework
5.4 Data Governance—The People Component 135
Responsible for generating, capturing or

providing data according to the data
consumers’ requirements.
Provisions data and makes

Responsible for technical Data the data available for use
activities related to data. Producer in the enterprise.
Data
Data
Publisher
Custodian
DG
Functional
Titles
Data Data
Steward Consumer
Subject matter experts responsible for Defines requirements

taking care of specific data assets including related to the data, use
critical data elements identification, data Data data and verify that data
issue resolution, data access and usage Owner is fit for purpose.
management, metadata management, data
Has ultimate accountability
definition management, establishing data
quality metrics. and approving authority for
specific data sets.
Fig. 5.5 DG functional titles
For example, in case of external data, the data producer is outside the organization;
the data publisher acquires, stores the data, and makes it available and accessible to
systems and people within the organization. The data producer and the data publisher
can be a single entity when the data is created as well as provisioned by the same
entity.
Data Consumer
The data consumer is a person (or group) who uses data for a specific purpose. The
data consumer is responsible for defining and prioritizing the uses of data, defining
the business and quality requirements in relation to the data, and verifying whether
the data is fit for use.
Data Owner
The data owner is an individual who has ultimate accountability and approving
authority for specific data sets, and usually holds a position in the senior management
to ensure that they have the power to make decisions for their specific data sets. The
data ownership is discussed in the section—“Data Ownership” in this chapter.
Data Steward
The data stewards are individuals responsible for the day to day management of data
sets in their specific business units or as per their assigned processes. We will discuss
data stewards and data stewardship in detail in the section—“Data Stewards and
Data Stewardship” in this chapter.
Data Custodian
The data custodians typically belong to the information technology area, and are
responsible for technical activities related to data including data storage, making
changes to the physical data models, IT infrastructure, data transfer, technical imple-
mentation of business rules and data quality rules, implementing technical controls
for ensuring data quality, and data protection. The common job titles for data custo-
dians are data designers, data modelers, database administrators (DBA), and ETL
developers.
The data stewards and data custodians work closely to ensure that their organi-
zation complies with the enterprise data management standards/policies, and that,
critical data-related issues are escalated to the appropriate data governance boards,
in a timely manner (Zaidi 2012).
It is important to understand the responsibilities, that each title is bestowed with

respect to data and data governance, as it is easier for people to agree on what they
are supposed to do. Also, some titles are known by different names in different
organizations. For example, the title ‘Data Stewards’ in an organization is equivalent
to the titles- ‘Data Caretaker’ or ‘Data Subject Matter Expert’ in other organizations
(Firican 2019).
In addition to the common functional titles discussed above, depending on the
focus of the data governance program and/or organization structure and complexity,
there are other titles and designations that an organization might establish. For
example, GDPR compliance requires appointment of a ‘Data Protection Officer’
whose responsibilities include advising the organization about GDPR, monitoring
compliance, and training staff. Complex organizations adopting a federated model,
generally have a ‘Group Data Officer’ reporting to a ‘Chief Data Officer’. Also, as
data and data governance continue to evolve, new titles also come into picture.
For example, George Firican in his article “3 surprising data roles you should
know about” published on Lightsondata.com discusses three data roles—Data Savvy
Manager, Data Influencer, and Data Facilitator. The Data Savvy Manager is respon-
sible for defining and guiding data initiatives across data acquisition, integration,
analysis, and delivery to improve business performance, with the right fit being the
individuals who have a good understanding of the business impacts of data (Firican
2019).
The Data Influencer (or Data Evangelizer) is responsible for spreading the impor-
tance of data within an organization as well as influencing the adoption of data
management and data governance best practices. The Data Facilitator (or Data Coach)
is responsible for guiding stakeholders in data-informed decision-making (Firican
2019).
5.4.1 Data Governance Organization Structures, Roles,

Responsibilities, and Operating Rhythms
While the data governance program structures and bodies are rarely the same across
organizations, there are some common component structures at different levels
(namely, executive, strategic, tactical, and operational) and support teams to facilitate
and coordinate activities across these different levels (see Fig. 5.6).
It is a good practice to have an executive steering committee for large orga-
nizations. The executive steering committee which is at the top data governance
organization chart, is the ultimate decision-making body and consists of the exec-
utive sponsor, C-level executives, IT leadership, and business leadership from all
key areas in the organization such as marketing, finance, human resources, and the
data governance manager. The executive steering committee provides strategic direc-
tion, defines roles, prioritizes data initiatives, ensures resourcing, facilitates overall
collaboration, and oversees the progress and success of a data governance program.
At the strategic level, the data governance council makes high-level decisions
in relation to data governance. It is a cross-functional group consisting of the data
owners from the key business areas and representatives from IT depending upon the
objectives of the organization’s data governance program.
In organizations that do not have an executive steering committee, the data gover-
nance council will also have executives. The data governance council is responsible
for reviewing and approving the data policies, data processes, data roles, and resolve
conflicts that cannot be solved at a data stewardship level.
At the tactical level is the data stewardship council which makes the data related
decisions. As the name suggests, the data stewardship council is made up of business
data stewards in the organization, and is headed by the enterprise data steward. The
responsibilities of the data stewardship council include driving data quality improve-
ments, acting as an advisory body for enterprise-level data standards, guiding princi-
ples and policies with the authority to approve new standards and changes to existing
standards, managing and resolving data issues, communicating the data governance
vision and objectives across the organization, communicating business rules using
data, communicating data related decisions of the data stewardship council and data
governance board to the data consumers, defining, designing and fine-tuning data
governance processes, reviewing and evaluating data governance performance and
effectiveness, providing a forum to collaborate and obtain consensus on definitions,
data quality issue resolution, policies, and processes, and enforcing uses of agreed
on business terminology (Plotkin 2013).
At the operational level, it is the data stewards who are responsible for the day
to day management of data in their specific business unit or as per their assigned
processes, such as identification of data that will be used by the business unit
and creating data definitions for the data, definition of rules around management,
usage, retention, access of data in line with the data policies, classifying data, identi-
fying, documenting data issues, and communicating the issues to right people in the
organization when necessary.
Executive Steering Committee
138
• consists of the executive sponsor, C-level

executives, IT leadership and business
leadership
• ultimate decision making body, provides
strategic direction, oversees progress and
Executive success of a data governance program
Data Governance Council

• consists of data owners from the key
business areas and representatives
Strategic from IT
• makes high-level decisions in relation
to data governance
Data Stewardship Council

• is composed of business data stewards
Tactical • makes data related decisions
Data Stewards
SMEs responsible for taking care of specific
data assets including CDEs identification, data
Operational issue resolution, data access and usage
management, metadata management, data
definition management, establishing DQ
metrics.
• facilitate and support data governance and
data stewardship activities
• coordinate activities of the different data
governance structures at the different levels
provide technical support for data governance
Fig. 5.6 DG program structures and bodies

The data governance office (DGO) and information technology partners are two
structures that act as support teams when implementing data governance.
Gwen Thomas in her article “Establishing a Data Governance Office” likens the
data governance office to a project management office, and states that a DGO would
be to data, what a PMO (project management office) is to projects.
The Data Governance Office (DGO) or data governance team facilitates and
supports data governance and data stewardship activities including running the data
governance program, keeping track of data stakeholders and stewards, providing
liaisons to other data initiatives like data quality, data security, data warehousing,
and other programs, such as compliance [TDGI], providing timely communication
to all stakeholders, and establishing and tracking data governance metrics.
The DGO facilitates and coordinates activities of the different data governance
structures at different levels. The DGO is headed by the data governance lead. The
composition of the DGO is driven by the focus and goals of the organization’s data
governance program and the size of the organization.
For small organizations, the data governance office may have only one person,
the data governance lead who is a data expert, has a strong political acumen as well
as understands the culture of the organization. However, finding all these skills in
one person is a rare feat and hence, the data governance office is often headed by
an individual, who has an understanding of the information management discipline,
with strong influencing and political skills to handle people issues, supported by data
architects and data analysts to help with the technical details.
Large organizations might need to have an enterprise data governance office
[EDGO] and departmental data governance office (DDGO) for each department,
which reports into the enterprise data governance office. The departmental data
governance offices headed by their respective department data officers handle data
governance activities at the departmental level, and work with the data stewards and
data owners in their department to resolve issues, institute data policies, processes,
and also interact with the other DDGOs.
Not all organizations elect to introduce a formal DGO structure. Instead, they
employ individuals such as data architects and data analysts who perform the
functions that would typically be assigned to a DGO [TDGI].
The information technology partner is the IT peer to the data governance lead
(O’Neal 2011) and is responsible for the implementation of the data governance
technical roadmap, securing the IT infrastructure on behalf of the business units
that own or have responsibility for data, and assuring that sensitive data, regardless
of format, is protected at all times by using approved equipment, networks, and
other controls, implementing business and data quality rules for maintaining and
improving data quality, automating the capture and tracking of data governance
metrics, automating the creation, capture, and maintenance of metadata, and ensuring
that all “strategic” data is modeled, named, and defined consistently.
An activity matrix which defines the activities that should be performed and with
what frequency, the deliverables, which groups, committees, teams or individuals are
responsible, accountable, consulted and informed, who needs to know about them
and how often they should be reviewed, not only helps create a mapping between the
data related activities and the stakeholders, but also helps the organization understand
the amount of work involved in terms of the time and effort of the involved groups
and stakeholders.
When you design your data governance program, it is important to decide on
an operating model and understand the data governance structures and bodies that
you will need, how these structures will fit into your operating model, and what
their responsibilities are with respect to data governance. Data governance operating
models will be discussed in the section - “Data Governance Operating Models” in
this chapter.
The composition of the data governance bodies and their responsibilities will be
driven by what data governance program is set to achieve in the organization. For
example, the data governance council composition will be different for an organi-
zation aiming at improving data quality, from another organization that is focused
on ensuring data privacy. The time commitment that will be needed, and what is
expected of the participants will also need to be clearly defined to set appropriate
expectations.
Most organizations will already have certain structures and will already be imple-
menting data governance to a certain extent. It is best to leverage these structures
and see how the additional responsibilities or new ways of working can be imple-
mented while causing minimum disruption. It is also necessary to define an operating
rhythm, which refers to the set of meetings with clear defined agendas that need to
be scheduled to drive, manage, and sustain the data governance implementation in
an organization. Without an operating rhythm, there is a high chance that activities
that need to sustain a data governance program will stop. A right mix of weekly,
monthly, quarterly, and annual meetings with clearly defined agendas need to sched-
uled with the right mix of people with the right focus. For example, there should be
a process associated with data issues management and a regular operating rhythm
should be established for managing data issues. The register that tracks issues should
be maintained and weekly meetings with the right stakeholders (data producers, data
stewards, data custodians, and data consumers) should be scheduled and take place
to track progress and help resolve issues. Quarterly meetings can be held with the
data owners to highlight the results.
5.4.2 Data Ownership
Ownership is referred to as the “state of owning something”. Anything that people

“own or possess” gives them the quality of ownership.
Another way of looking at ownership is: “attitude of accepting responsibility for
something and taking control of how it develops” [Macmillan Dictionary].
The first definition which alludes to possession and hence, refers to having exclu-
sive right over something, does not apply when we define ownership with respect to
data. This is because data is a shared enterprise asset, which means that, data does not
belong to any one individual in the organization, but is under the collective ownership
of the enterprise. Organizations generally store data that belongs to someone else,
for example, employees, customers, suppliers, and vendors. The data are used by
different business functions to meet their respective needs.
While an organization captures a lot of data, it sometimes also acquires data sets
from external vendors; for example, financial services organizations acquire credit
risk data from organizations like Experian.
In the past, individuals or departments have equated data ownership with exclusive
possession, and with this perception of entitlement, power, and control, they have
made changes to the data, and business rules involved in the transformation of data
or its underlying data architecture to satisfy their business needs, without consulting
or even notifying other stakeholders, who have dependencies on the original data,
which have resulted in adverse impacts (example, production failures, delay in the
production of critical reports, and broken business processes). The same perception
of possession and control has led to the departments maintaining duplicate copies of
the same data and transforming data to suit their unique needs resulting in data silos
and inconsistencies (Talburt and Zhou 2015).
From a data perspective, the second definition applies with respect to ownership-
data ownership is the attitude of accepting responsibility for data and taking control
of how it develops.
In the words of Shannon Fuller, Director of Governance Advisory Services, Gray
Matter Analytics, “Data ownership is ultimately about assigning accountability for
making decisions about data.” (Mahanti 2021). Taking these factors into considera-
tion, with respect to data, ownership is accepting responsibility for the data, taking
control, and making decisions regarding how data is managed, shared, transformed,
accessed, and used.
The data does not belong to a single individual in an organization, and hence, clear
accountabilities in relation to data must be assigned to roles in the organization, and
individuals (or teams) may fill these roles, and these individuals or teams are called
the data owners.
The data owners can be thought of as approving authorities. The data owners
approve rules to create and capture data that are made by the data stewards, authorize
changes to data and/or its definitions that are proposed by data stewards or data
stakeholders, and have a final say on the quality of the data, as well as in the conflict
resolution process.
Establishing and enforcing data ownership can be challenging as the data moves
through different systems in an organization and are transformed to meet busi-
ness requirements. While business units who are subject matters experts for their
respective business functions and corresponding data that are used by their business
processes and have the official accountability for the data quality, there are other
business units who use the data and might require the data to be transformed in a
certain way, and then there are technical teams who actually implement the business
rules for data to be stored and reported as per business requirements.
The technical teams might implement business rules to transform the data based
on requirements of the business unit who is not ultimately accountable for the data
and without approval from the data owners, it could result in a lot of confusion as
the data owners cannot be held accountable for the data quality.
The data governance team needs to ensure that the processes are in place for
making changes to the data and also to educate teams on the approval authorities.
5.4.3 Data Stewards and Data Stewardship
Data stewards is one of the key roles in data governance and data-driven organiza-
tions. Data governance is the exercise and enforcement of rules, processes, policies,
practices, standards, controls, metrics and decision rights, and people accountabili-
ties to manage data as a strategic enterprise asset; hence, people have a critical role to
play in data governance with the data stewards representing the largest proportion of
those people, with most cumulative knowledge about the enterprise data, including
uses of the data and the problems associated with data. As stated by David Plotkin
in his book “Data Stewardship”
The data stewards represent the largest population of those people, as well as the most
knowledgeable about data. They are, therefore, the keystone of the data governance program.
One of the most critical parts of the organization are the data stewards, who must work
together to determine ownership, meaning, and quality requirements for their data.
Given data stewards is one of the key data governance roles, one question that
frequently gets asked is the number of data stewards needed in an organization. Dan
Power states “A rule of thumb I’ve used is ‘one data steward per $1 billion in annual
revenue’ but of course that can’t be a hard and fast rule.”
The number of data stewards would vary depending on a number of factors such
as the complexity of the business processes and data landscape in the organization,
the extent to which processes are automated, the data quality tools, and the data
governance tools available for use (Power 2014).
Data stewardship is “the set of activities that ensure data-related work is performed
according to the policies and practices as established through governance” [The Data
Governance Institute [b]]. Data stewardship is the operational facet of a data gover-
nance program that involves the actual routine work of governing the enterprise’s
data (Plotkin 2013).
David Plotkin states (Plotkin 2013):
Data stewardship consists of the people, organization, and processes to ensure that the
appropriately designated stewards are responsible for the governed data.
Data governance is often confused with data stewardship but they are not the
same. Data stewardship implements policies and standards that are created by data
governance, while data governance oversees the enforcement of the data stewardship
activities. Without data governance, data stewardship would have no policies or stan-
dards to implement across the organization (Smith 2016), and data stewards would
be forced to develop policies and standards in a tactical fashion, and manage their
enforcement, resulting in inconsistent standards and policies across the organization.
The responsibilities of a data steward include data issue resolution, data access,
and usage management in accordance with data access and data usage policies respec-
tively, metadata management, data definition management, assisting in the assess-
ment, creation, and modification of data policies and standards, ensuring compli-
ance with data governance policies, identification of critical data elements, and
establishing comparative importance of data elements to prioritize initiatives, under-
standing the data quality needs for specific business requirements and defining data
quality rules, and assisting in definition, management, and implementation of data
governance metrics (Plotkin 2013).
A data steward would need to act as a mediator between the business and IT, and
in this- a data steward satisfies the core definition of the steward that is—a person
who is responsible for managing something on behalf of someone else. Hence, a data
steward should have good interpersonal skills- collaboration, relationship building,
and negotiation skills.
5.4.3.1 Data Owner Versus Data Steward
While the data owner is ultimately accountable for the data, its definition and quality,
has final approval rights regarding the data, and has a role in the construction of data
policies, a data steward takes care of the data so that they are fit for purpose.
There is a perception that these two roles are the same, though that is not the case.
The perception perhaps stems from the fact, that in some small organizations, data
owners and data stewardship responsibilities are fulfilled by the same individual.
While data owners may delegate some of their responsibilities to the data stewards
assigned for the specific data set, the ultimate accountability of those responsibilities
being fulfilled rests with the data owner. Also, in the absence of a data steward, the
data owner is required to carry out the data stewardship duties in addition to his own
responsibilities.
5.4.3.2 Why Data Stewards Fail
While data stewardship is one of the key people components of data governance, data
stewards often fail. This is because data stewards are often assigned hastily, without
proper focus in situations such as a central point of contact is required for distributed
systems with heterogeneous large volumes of data [Dyché and Polsky]. They are
often not empowered to make decisions, or do not have the authority to resolve, and
are reduced to just being figureheads.
As pointed out by Andres Perez, Information Management Consultant and
President of IRM Consulting, Ltd. Co. (Mahanti 2021),
The job of the data steward is complex and requires proper leadership, organizational capa-
bility, and training. The complexity comes from the fact that a steward must learn to work
across the organization with a keen focus on collaboration and compromise (negotiation).
Organizations either create a full time role for data stewards or select data stewards
from existing staff in related subject areas, and give them responsibilities for data
stewardship, in addition to their existing responsibilities. In the latter case, data
stewardship responsibilities come secondary to their existing responsibilities. With
the vast volumes of data to be dealt with, data stewardship responsibilities can be
overwhelming, and the staff is not able to find time to execute their data stewardship
responsibilities. Also, the data stewards are often appointed without training them
regarding the roles, responsibilities, and accountabilities, and thus setting them up
for failure.
Data stewards are subject matter experts who understand the organization’s data,
the business context, and the usages of data. They consist of individuals who already
have good working relationships with other teams. Since each organization’s data
landscape is very unique, hiring data stewards would not work, as understanding the
data landscape and building relationships takes time, but sometimes the organizations
do hire data stewards owing to the resource shortage setting them up for failure.
Another reason for the failure of data stewardship is the appointment of too many
stewards or too few data stewards.
Dr. Anne Marie Smith, in her article—“Foundations of Data Stewardship” states
five reasons for data stewardship failure, namely-lack of enterprise data management
that is responsible for coordinating the various data management disciplines, lack of
enterprise data governance resulting in lack of policies and standards that guide data
stewards, corporate culture that does not embrace enterprise wide data stewardship
characterized by absence of executive sponsorship and senior management support,
lack of defined roles and responsibilities for data stewards, and lack of measurements
and metrics for the data stewards’ success (Smith 2011).
The data stewardship role involves a great degree of collaboration and negotiation
with different business units, which is directly proportional to the degree to which
the data is shared. Data is a shareable enterprise asset with data related to certain
entities like ‘customer’ shared more than the others. More the data is shared, the
higher are the chances of conflicts, and greater collaboration and negotiations are
needed on part of the data stewards.
5.4.4 Data Stewardship Models
Jill Dyché and Analise Polsky in their SAS Best Practices white paper—“5 Models
for Data Stewardship” provide 5 frameworks to choose from when launching data
stewardship as shown in Fig. 5.7.
Examples:
Product, Events,
Data Party, …
Stewards by
Subject
Examples:
Examples:
Area Sales,
ERP, CRM, … AccounƟng,
Data Data MarkeƟng, …
Stewards by Stewards by
Systems Data Functions
stewardship
model
Examples: Examples:
Data Order-To-Bill,
warehousing Data Customer Service,
project, … Data Stewards by Procurement, …
Stewards by
Projects Business
Processes
Fig. 5.7 Data stewardship models
5.4.4.1 Data Steward by Subject Area
Organizations typically have a large number of subject areas or data domains like
party, product, finance, and events. Each data domain can have subdomains; for
example, the party domain can be divided into customers, employees, vendors, and
suppliers.
In the “data steward by subject area” model, the data stewards are appointed by
data domain or subdomain or specific subject area which they manage and have
expertise in, and are known as the data domain stewards or the data object stewards
[Dyché and Polsky].
Advantages of this model are that there is a clear delineation with each data
steward being responsible for their data domains or sub data domains, there is a one
go-to person with regards to questions related to the respective subject areas and
data stewards gain a greater understanding of their respective subject area with time
in relation to business and data quality rules. However, the cons of this model are
that, it can be difficult to find an individual with expertise in a data domain, with
the likelihood of finding such a person is less, when the domains are complex and
very large. Other challenges include difficulty in tying the data stewards to business
initiatives and unwillingness to assign a single point of control for a subject area to
a single role [Dyché and Polsky].
5.4.4.2 Data Steward by Function
Organizations have different business units and departments like sales, accounting,
marketing, legal, risk, and human resources, with each business unit/department
being in charge of the specific business functions.
In the data stewardship model by function, the data stewards are appointed from the
business units/departments. They have an understanding of the departmental business
processes and an established relationship with the business users, and understand how
these processes work and how business users use the data. These stewards are known
as the business or functional data stewards. Hence, they have a good understanding
of the context and uses of data.
However, departments or business units typically touch more than one subject area
or data domain, and while each data steward has a good understanding of the data
requirements in his/her respective department, they do not have an understanding of
the data requirements of other departments. They typically work in isolation without
collaborating with the other departments and business units, thus resulting in silos of
data, inconsistent models, and conflicting definitions and standards. This can become
a serious bottleneck when organization try to move towards a single view of data,
and would need a strong data governance model to resolve the difference between
the departments, and achieve consensus, consistency, and standardization.
5.4.4.3 Data Steward by Business Process
This stewardship model is suitable for organizations that have mature enterprise
level business processes, and at the same time have a strong sense of their enterprise
level business processes from start to finish, and understanding of how these business
process touch and use data. Data stewards are assigned to discrete business processes
in this stewardship model and are known as process stewards.
The number of data stewards assigned to the business process depends on the
complexity of the business process. It is not uncommon to have several data stewards
for complex business processes. Typically, a business process touches multiple data
domains and hence, the data stewards assigned to a specific business process would
also be responsible for multiple data domains, the specific business process touches.
Also, since there is a likelihood of more than one data domain being touched by these
processes, like in the “data steward by function” model, the data stewards typically
work in isolation when it comes to data requirements for the business process that they
are assigned to. Hence, without strong data governance, there will be inconsistent
data definitions and data models.
5.4.4.4 Data Steward by Systems
This data stewardship model is an IT centric approach to data stewardship in which

the data stewards are assigned to the systems or applications that generate the data
they manage. These stewards are known as the technical data stewards or system
data stewards. They are usually IT professionals and are technology subject matter
experts, and specialize in one or more information management areas like ETL,
data warehousing, metadata management, database administration, data quality, and
master data management.
This approach results in improving the quality of the data that the system gener-
ates, and is useful where the business does not have knowledge of data stewardship
and data governance with IT educating the business about rules and policies for busi-
ness to make better use of data. The risks with this approach are that, the business
might confuse data stewardship with data ownership and hence, may pull back from
conversations about policies and usage.
5.4.4.5 Data Steward by Project
This model of data stewardship is a practical and quick method to introduce data
stewardship by using the project as a base to develop the data skill sets and then
ramp up to a broader scale beyond the project boundaries. In case of failure to ramp
up, it will end with the project which will have a finite end date [Dyché and Polsky].
In large organizations and complex data landscapes with mature data governance
and data stewardship, data stewardship might have a mix of models and consists of all
the five types of data stewards—business data stewards, technical data stewards, data
domain stewards, process data stewards, and project data stewards. The business data
stewards understand the needs of the business stakeholders and work with technical
data stewards, data domain stewards, process data stewards, and project data stewards.
The project data stewards bring the data related issues or queries originating in the
project to the business data stewards whose responsibility is to resolve and answer
them. The technical data stewards answer system related queries of the business and
data domain stewards. The process data stewards answer process specific queries of
business data stewards.
In addition to these roles, organizations can have additional stewardship roles like
the operational data steward who assists business data stewards with research and
analysis, the coordinating data steward who coordinate activities of the different
types of data stewards, the enterprise data steward who leads the team of data
stewards, the executive data steward who serves on the data governance council,
and the chief data steward who chairs the data governance bodies in lieu of the chief
data officer.
Alternatingly, an organization could have only two types of stewards- the business
data steward and the technical data steward who work together with data owners to
ensure that the data is fit for purpose. In smaller organizations, the data steward
and the data owner can be seen to merge into one role. The data stewardship and the
data ownership strategy adopted by the organization is determined by the resourcing,
skill set, the IT budget, the organization’s data landscape, and the data risks that need
to be addressed. Figure 5.8 summarizes the different types of data stewards that an
organization can have.
Chairs the DG
bodies in lieu Serve on the data
of the CDO governance council
Appointed by the
specific data domains
that they manage
Chief Executive
Data Leads the data
Answer process Data steward team
Data Steward Steward
specific queries of
Domain
business data
Steward
stewards
Enterprise
Data
Process Steward
Data
Steward
Types of
Data
Stewards Coordinating
Data
Technical Steward
Data Coordinates activities
Steward of different types of
data stewards.
Answer technical
queries related to Business Operational
data. Data Project Data
Steward Data Steward
SMEs who are Steward
Assists business
authorities on the Acts as intermediary stewards
data sets they between the project and
manage business data stewards
Fig. 5.8 Types of data stewards

5.5 Data Governance—The Process Component 149
5.5 Data Governance—The Process Component
Under this broad category, we will discuss the following elements of data governance:
• Principles or data principles;
• Policies or data policies;
• Guidelines;
• Processes;
• Rules; and
• Standards or data standards.
5.5.1 Data Principles
Data principles are high-level statements about what an organization wants to achieve
by implementing data governance. They should not be confused with goals or poli-
cies. Goals are desired results, whereas principles guide an organization throughout
its life.
The data principles are more basic than data policies, and should be brief and to the
point, while having clarity. Dr. Anne-Marie Smith in her article “Data Governance
Guiding Principles” states that it is important to establish a set of points (which she
calls guiding principles) in a continuing program like data governance which enables
the organization to focus on the fundamental value of data management within the
organization, and how it will support its business goals (Smith 2016). Some examples
of data principles are as follows:
• Data must be treated as a strategic enterprise asset.
• The quality of critical data assets should be defined, assessed, managed, and
monitored throughout the data life cycle.
• Data must be managed so that the data complies with internal and external laws
and regulations.
• There should be clear accountabilities around data.
• Enterprise data should be standardized.
5.5.2 Data Policies
Policies form the building blocks of corporate governance and its sub-disciplines.
Similarly, data policies are building blocks of data governance. There is a common
misunderstanding that data governance is all about creating and enforcing policies
around data. However, while policies are an important component of data gover-
nance, data governance is not only about documented policies. Data governance is
much more than just policy making, with systematic audits, reconciliations, metrics,
processes, compliance reviews, and quality control activities.
The data policies are a collection of statements of an organization’s intent or
rules controlling the several data related activities and operations—creation, capture
and/or acquisition, retrieval/requests, transformation, management, quality, protec-
tion, sharing, and usage of data throughout its lifecycle. Data policies are formal,
brief, and describe the do’s and the don’ts at a high level in relation to these data
related activities in a clear and concise manner, so that those executing the policies
can make an informed decision.
However, data policies do not provide implementation details or solutions for
issues. In other words, data policies outline “what to do” and “what not to do”,
but NOT “how to do”. Failure to adhere to data policies may result in disciplinary
action. The data policies are further defined by data standards, rules, and processes.
The data policies should not be written in isolation, but should be written by engaging
all the relevant data stakeholders, and should align with the data principles as well as
elaborate on the data principles. For example, drafting a data security policy requires
a collaborative effort of the data owners, chief security officer, security architects,
and chief data officer.
Becky Metivier in her article—“Seven Characteristics of a Successful Information
Security Policy” outlines seven characteristics of a successful information security
policy, namely, endorsed, relevant, realistic, attainable, adaptable, enforceable, and
inclusive (Greene 2014). These characteristics are applicable to all data policies and
have been described in Fig. 5.9.
Every organization has a different data and technology landscape, has different
business needs of data, and is impacted differently by laws and regulations (both
internal and external), and hence, the data policies are not the same across all orga-
nizations. This is reinforced by Nicola Askham, in her article “How to Write a Good
Data Governance Policy”.
For a policy to be really useful (i.e. help you implement data governance successfully) it
needs to be written with your organization in mind…
The changes in the business needs of data, organizational changes, new laws,
regulations, and changes in existing laws and regulations may need data policies to
be revised. Hence, the data policies need to be reviewed from time to time, and the
review frequency of each data policy needs to be defined and noted in the respective
data policy. The updates to existing policies should be made only after proper assess-
ment and understanding of the impact of the changes, and how revising the existing
policies would address the same. The data governance committees should evaluate
and approve all modifications.
The data policies are generally created and maintained as electronic documents,
and maintained in document and content management systems (for example, Docu-
mentum and SharePoint) through the inbuilt version control mechanisms in these
systems and access controlled through the document classification. In addition, there
should be a version history in the policy document that indicates who made what
changes to the policy and when.
Policy must align
with the principles
and goals of the
organizaƟon
Policy has support
of the Relevant
management
Policy must make
Endorsed Realistic sense and reflect
reality
Policy includes all

impacted Data Policy -
5.5 Data Governance—The Process Component
stakeholders Characteristics
Policy can be
Inclusive AƩainable successfully
implemented
Controls can be Policy can be

put into place to Enforceable revised to
Adaptable accommodate
ensure compliance
with policy changes
Fig. 5.9 Characteristics of data policy

151
Overview/
Summary/
Background
Reference Information
Documents Policy Purpose
Policy
Maintenance & Data Policy
Review Components Policy Scope
Frequency
Enforcement &
Implementation Definitions
Policy
Principles
Fig. 5.10 Data policy sections/components
Data policies should typically have the following components (summarized in

Fig. 5.10):
• Overview/Summary/Background Information—This section contains an
explanation of the status of the data related activity that the policy is about.
• Policy Purpose—This section explains the need for the policy and what the policy
would address.
• Policy Scope—This section answers questions like—whether it will impact all
data in the organization, who in the organization will the policy apply to, the
situations when the policy will come into play, and hence, need to be enforced.
• Definitions—This section contains an explanation of acronyms or uncommon
terms that are contained in the policy.
• Policy Principles—This section describes the framework and the guiding
principles with respect to the data related activity that the policy is about.
• Enforcement and Implementation—This section describes the roles, responsi-
bilities, accountabilities around implementation, enforcement, and consequences
of violation.
• Policy Maintenance and Review Frequency—This section discusses frequency
and/or situations when the policy should be reviewed. The data policies need to
be reviewed from time to time to see if they still meet business and regulatory
requirements. The policies might need to be revised as business, regulations, and
data evolve.
• Reference Documents—This section provides names and/or links to related poli-
cies and standards. For example, data classification drives data access and data
retention. Hence, the data access, and data retention policies would have links to
the data classification policy and data classification standards in the “Reference
Documents” section.
The data policies typically address the areas such as data classification, data
security, data access, data usage, compliance, and data governance structure as
follows:
5.5.2.1 Data Governance Structure Policy
The policy outlining the data governance structures in the organization is known as the
data governance structure policy. The data governance function is generally shared
amongst executive sponsors, data governance office headed by a C-level executive,
data governance committees and working groups, data owners, data stewards, data
custodians, and data consumers. The data governance structure policy outlines the
structures and the key data related roles and responsibilities with respect to the
management of the organization’s data assets. It essentially outlines the roles and
responsibilities around data (for example, data access, retrieval and usage, storage,
destruction, and backup to ensure adequate management and protection of data) best
practices.
5.5.2.2 Data Classification Policy
All data assets are not equal. Organizations store data that have different levels of
sensitivity, criticality, confidentiality, and privacy requirements, which drive access,
storage, security, usage, and quality requirements.
The data classification policy classifies an organization’s data based on their sensi-
tivity and risk profiles and encompasses all data acquired, owned, created, managed,
stored, and disseminated (both internally and externally) by the organization. The
data classification policy and the data classification schemes have been discussed
in detail in Chap. 3 in the second book of the series—Data Governance and Data
Management.
5.5.2.3 Data Access Policy
The data access policy ensures that the authorized individuals have appropriate access
to organizational data and information in alignment with the organization’s data
security and privacy policies, internal and external regulations, and data classification
policy. The data access is driven by a number of factors as follows:
• Level of confidentiality needed;

• Data sensitivity;
• Legal and regulatory requirements;

• Contractual obligations;
• Business impacts of misuse, modification, deletion, or theft of data;
• Data protection requirements; and
• Other business requirements.
Organizations should take these factors into account when defining data access
policies. The data access should be in accordance with data access policies. While the
data access policy should recognize that data access should not compromise security,
and should take into account the data classification at the same time, it should also
recognize that processes to secure data should not intervene unduly with the efficient
operation of the organization’s business. This policy applies to all business units in
the organization and all organizational data. The data stewards are responsible for
processes for requesting, approving, and revoking access.
5.5.2.4 Data Usage Policy
Organizations generally store data related to entities external to the organization,

and the data should be used for intended purposes only in accordance with privacy
policies. The data should not be used for personal gain or used inappropriately.
The data usage falls into the categories of create, update, read-only, and external
distribution (Smith 2016).
The data usage policy is a, set of guidelines that ensure that the data acquired
by an organization are used for intended purposes in an ethical manner and shared
appropriately in accordance with privacy and protection laws to facilitate the associate
services for which they were collected in the first place, and that the data are not
misused or abused.
The individuals in the organizations who have access to data will have to abide
by the data usage policy. The consequences of the use of data for purposes other
than intended purposes should be clearly stated in the data usage policy. Depending
on the sensitivity of the data and damages caused due to misuse, a violation might
result in termination of access privileges, or even termination of employment, or
other disciplinary or legal actions.
5.5.2.5 Data Retention Policy
Organizations by nature are data hoarders. However, storing data longer than needed,
not only takes up storage, requires maintenance, and has associated costs, but also
might conflict with the compliance requirements.
The data should be only retained for the timeframes that are needed for business
reasons in compliance with legal, contractual, and regulatory requirements. Not all
data have the same retention requirements. The data retention policy is a set of
guidelines that describes what data will be kept for how long, guidelines related
to backup, and whether data is archived or destroyed at the end of the retention
period, business reasons for retaining data, and other factors relating to the retention
of the data. There are various factors like compliance, legal, contractual, regulatory,
and operational requirements that can have conflicting needs when it comes to the
retention of data.
5.5.2.6 Data Records Management Policy
The data records management policy outlines guidelines around how data records
are created/captured, maintained, and deleted.
5.5.2.7 Data Quality Policy
The data quality policy defines the organization’s approach to data quality and
outlines the guidelines in terms of roles and responsibilities and processes for main-
taining high quality data in order to manage activities, and meet internal and external
requirements to demonstrate accountability through accurate reporting and data
quality dimensions. The data quality policy should include the in-scope data and
should include the data quality threshold for critical data.
5.5.2.8 Data Integration Policy
Data integration, or the ability of data to be assimilated across information systems, is

contingent upon the integrity of data, the development of a data model, corresponding
data structures, and data domains (Smith 2016).
The purpose of the data integration policy is to ensure that the organization’s data
have a high degree of integrity, and that the critical data elements can be integrated
across functional units and electronic systems, so that the staff, contractors, and
management may rely on data to meet their business needs. It is the responsibility
of each data steward, in conjunction with the data governance committee and the
enterprise data architect, to determine the critical data elements and data sets (Smith
2016).
5.5.3 Guidelines
Guidelines consist of recommendations and best practices designed to achieve the

policy’s objectives, by providing a background to design standards and implement
processes. Unlike policies that are mandatory, guidelines are not mandatory, but
recommended, and may not apply in all situations. Like policies, guidelines need to
be reviewed periodically too, but more frequently, as changes in environments can
trigger a change in guidelines.
5.5.4 Processes
Processes are methods or set of steps to support the various activities needed to
govern data as well as implement the data policies in the organization. While policies
define what to do, processes establish how to do. It is highly recommended to have
formal, documented, consistent, and repeatable processes for governing data, which
includes establishing processes for implementation of data policies, identification
and prioritization of critical data elements, naming and data definitions, business
rules documentation, changes to the data model, assessing data risks, reporting, data
quality issue management (including raising, escalating, tracking, and resolution
of data quality issues), establishing data ownership and data stewardship, decision
rights and conflict resolution, defining data governance council membership changes,
incorporation of controls, and monitoring metrics.
Processes should also be defined for capture/acquisition, processing, storage,
maintenance, access, distribution, deletion, archival, and purging of data. Both
reactive and proactive processes need to be defined when governing data.
Controls are used to mitigate risks associated with data or processes that can
adversely impact data. Controls can be both manual and/or automated. The descrip-
tion of the control, frequency or event triggering the control, and who is in charge
of the control needs to be established and documented. When there are changes to
the processes, controls need to be reviewed and modified as necessary. Changes to
processes might also necessitate new controls to be incorporated.
Risks can be found throughout the data life cycle, starting from creation or acqui-
sition of data to the end of the data lifecycle characterized by deletion or purging of
data.
For example, the errors might happen during manual data entry, and validation
controls can be implemented to prevent these from happening. If certain fields on
the form are mandatory, then validation controls can be implemented to prompt the
user to enter a value, before he is allowed to submit the form, or the submit button
can be disabled with a message on the screen, prompting users to enter values for the
empty fields. Additional controls can be implemented to prevent junk values. Another
example of control is when data are transferred between systems, count of records
and audit logs can help check the completeness of the data records. Manual controls
would involve someone manually checking the number of records on the source
and destination side and in case of missing records, someone manually sending the
missing records as a part of remediation.
Automated controls involve both the data file and control file containing file
specifics like name, date, time of transfer, number of records, and an automated
process comparing the number of records in the control file and the number of records
in the data file sent; rejecting the file and triggering the source system to send the data
again, if the number of records mentioned in the control file do not match with the
number of records in the data file. Sometimes, the controls cannot be implemented
for a risk or the controls may not be effective, in which case remediation activities
need to be defined, to correct the issue.
Like policies, processes need to be reviewed from time to time, and revised as
needed. The changes in organization structure, revision of existing data policies, new
laws, and new regulations or modifications of existing laws and regulations are some
reasons that might need a change in the processes.
Rob Karel categorizes data governance processes in his article “Data Governance:
The 4 Process Stages” into four different process stages (Karel 2014) (see Fig. 5.11):
• Discover,
• Define,
• Apply, and
• Measure and monitor.
As the name suggests, discover processes document the current or as-is state of
the organization’s data governance maturity, and helps define policies, standards,
and processes based on the future state of the organization. The gaps between the
current state and future state are also documented. Hence, the discover process stage
outcomes drive the define process stage (Karel 2014).
The define processes document data definitions, naming conventions, taxonomies,
relationships, as well as the policies, rules, standards, processes, measurement
strategy and metrics that must be defined to operationalize data governance (Karel
2014).
The apply processes operationalize and ensure compliance with all the data
governance policies, business rules, stewardship processes, workflows, and cross-
functional roles and responsibilities captured through the discover and define process
stages (Karel 2014).
The measure and monitor processes capture the effectiveness and progress of data
governance implementation. These processes help in identifying whether the data
governance implementation is moving towards the intended goal. If the measure-
ments indicate an issue, then an assessment needs to be carried out to discover the
problem spaces and leads to the discover process stage.
While processes detail the “how to” support activities needed to govern data, they
might not be sufficiently detailed, in which care step by step instructions in the form
of procedures are needed.
Define current state of data
158
governance maturity and discovery of

problems
Discover
process
Measure Document data definitions, roles

Capture progress and Define
& Monitor and responsibilities that are required
effectiveness of data governance process
process to operationalize data governance
implementation
Apply
process
Operationalize data governance

elements such as data ownership,
roles and responsibilities, captured
through discover and define stages
Fig. 5.11 Data governance process stages

5.5.5 Rules and Standards
Rules encompass the business rules and the data quality rules. Standards allude to data
standards. Rules and standards ensure consistent results from people and processes
using them.
Data standards define a frame of reference on representation, format, meaning,
structuring, transmission, and management of data elements. Examples of data
standards include data naming standards, data modeling standards, data transfer
standards, and data security standards.
Like the data policies and processes, the data standards must be adhered to across
the enterprise, and there should be a review process defined to ensure that the data
standards are up-to-date.
Adherence to data standards and rules can be measured by defining thresholds, and
assessing data against these thresholds to gauge conformance and quality. However,
enforcing data standards consistently and standardizing data across systems is not as
simple as it seems. First, you need all the relevant stakeholders to help define these
standards. Then you need to define the processes and rules, and implement controls
to make these happen. If your organization has operations in multiple countries then
this complicates matters even further.
For example, consider the standardization of addresses. At the grassroot levels,
you would need all stakeholders to agree on how you want different address compo-
nents captured. These would then be converted into business rules for data capture
and rules to map existing values to the standardized values. For example, the decision
may be to capture the state name in full without abbreviations. However, while some
countries like the US have states, some like the UK have county and hence, this needs
to be taken into consideration when planning for standardization.
It is important that individuals across the organization have a common under-
standing of the enterprise data, what the data represents, and the business terms that
represent this data (Mahanti 2019).
A Business Glossary also known as data glossary, and is a repository that has a
definition of terms across business domains, specific to the industry and organization,
which is shared across the organization. A business glossary is not just a list of
terms and definitions. Other valuable metadata such as transformation rules, data
owners, data stewards, description of any exceptions, and variations are also included
(Mahanti 2019).
5.6 Data Governance—The Tools and Technology

Component
While data governance is mostly about people and processes, tools and technology
facilitate and enable data governance through automation, scaling, augmentation,
and auditability. Organizations store large volumes of data, and data governance
and stewardship activities should be automated wherever possible to achieve speed

and accuracy. We have discussed more about technologies and tools, and how they
can facilitate data governance in Chap. 4 of the second book of this series—Data
Governance and Data Management.
5.7 Data Governance Operating Models
Before delving into data governance operating models, let us understand, what oper-
ating model and governance operating model mean. As per Wikipedia, an operating
model is both an abstract or visual representation (model) of how an organization
delivers value to its customers or beneficiaries, as well as, how an organization
actually runs itself [Wiki- Operating Model].
Scott Baret, partner, Governance, Regulatory and Risk Strategies, Deloitte &
Touche LLP, who also serves as a global leader, Financial Services Enterprise Risk
Service, Deloitte Touche Tohmatsu Limited defines the governance operating model
as follows:
A governance operating model is the mechanism used by the board and management to
translate the elements of the governance framework and policies into practices, procedures,
and job responsibilities within the corporate governance infrastructure.
If the above definition of governance operating model is applied in relation to data,

the data governance operating model is the mechanism used by the board and manage-
ment to translate the elements of the data governance framework and data poli-
cies into practices, procedures, and job responsibilities within the data governance
infrastructure.
In short, the data governance operating model is the model that the organization
adopts to operationalize data governance. The data governance operating models are
also known as data governance models. Having the right model is crucial to sustaining
data governance in an organization. Also, the data governance operating model should
be defined prior to establishing the data governance organization structures. The data
governance operating model should not be mistaken for an organization chart.
There are various factors that need to be considered when choosing a data
governance operating model for an organization such as:
• Size of the organization;
• Organization structures and hierarchies;
• Organizational maturity;
• Organizational culture;
• Business drivers;
• Whether organizational operations are centralized or distributed across different
geographic locations; and
• Complexity of an organization’s business and technical environment.
5.7 Data Governance Operating Models 161
When asked about factors that should be taken into consideration while choosing
a data governance operating model for an organization, Jill Dyché, Principal, Jill
Dyché, LLC. stresses on culture while George Firican, Director of Data Governance
& Business Intelligence at UBC DAE and Founder ofwww.lightsondata.com, stresses
on the size of the organization, the organizational structure and that of its operations,
the main drivers, and complexity of its business, and technical environment (Mahanti
2021).
The data governance operating models can be of the following types (see
Fig. 5.12):
• Top Down;
• Centralized;
• Decentralized;
• Hybrid;
• Federated; and
• Crowdsourced.
5.7.1 Top Down
This operating model is adopted in organizations, which have a traditional hierarchy

structure, where the top level has the maximum power and makes decisions that are
communicated through the hierarchies below, with each level adding the appropriate
level of details as the decision is cascaded to the lower levels of hierarchy to the
business units. The decisions are final and the execution is the only option in this type
of model. For data governance to be successful, there needs to be a clear relationship
between the executive-level data governance council and other elements of the data
governance program [Thomas].
5.7.2 Centralized
In this model, the decisions are made by a dedicated centralized group at the enter-
prise level who consider all the options, impacts, value, and risks before making a
decision that best suits the organization, and the business units are responsible for the
implementation. As stated by George Firican in his interview statement, this model
works for small organizations (Mahanti 2021).
Adopted in organizations with a
162
traditional hierarchy with top level

making decisions and lower levels
executing them
Top Down
Crowdsourced Centralized
Decisions are made by a

dedicated centralized
Collaborative approach to DG group at the enterprise
DG but has no control. Operating level
Models
Federated Decentralized
No single point of data

A mix of both the centralized Hybrid governance ownership
and the decentralized models
with additional layers of
centralization/decentralization. A mix of both centralized
and decentralized models
Fig. 5.12 DG operating models

5.7 Data Governance Operating Models 163
5.7.3 Decentralized
This model is the direct opposite of the centralized model, with no single point of
data governance ownership. Most data governance programs start in this fashion and
have a relatively flat structure with informal data governance bodies. This model is
relatively quick to establish and implement. However, the informality of the data
governance bodies makes it difficult to sustain the program long term. Also, there
are issues with the shared data ownership and reaching consensus on shared data
issues is also difficult (O’Neal 2015). As stated by George Firican in his interview
statement, a decentralized model work well for an organization that has dispersed its
operations to several remote locations (Mahanti 2021).
5.7.4 Hybrid
A hybrid data governance model is a mix of both centralized and decentralized

models with a centralized data governance office and steering committee with deci-
sion making at the enterprise level, and the data governance structures consisting of
decentralized working groups in the business units or the functional areas facilitating
collaboration and gaining consensus.
5.7.5 Federated
This model is very closely related to the hybrid model and is a mix of both
the centralized and the decentralized models with additional layers of centraliza-
tion/decentralization. The data governance execution and implementation are decen-
tralized, with a single point of contact and accountability at an enterprise level. While
the federated model empowers divisions with differing requirements and provides the
ability to focus on specific data entities, divisional challenges, or regional priorities, it
has the disadvantages of having too many layers and autonomy at the business level,
and can be a challenge to coordinate across the organization. Also, it is difficult to
find a balance between the line of business priorities and enterprise priorities (O’Neal
2015). As stated by George Firican in his interview statement, the federated model
is suitable for organizations that have complex business and technical environments
(Mahanti 2021).
5.7.6 Crowdsourced
The term crowdsourcing was coined by Jeff Howe in his article “The Rise of Crowd-
sourcing” published in the June, 2006 issue of the Wired magazine. It is a combination
of the words – “crowds” and”outsourcing “ (Goodrich 2013).
Crowdsourcing can be described as getting work done from the crowd (a commu-
nity that is willing to participate and agrees to do work voluntarily) by using their
concepts, skills, and ideas to create content or facilitate the creation of content. When
applied in relation to data, each individual has equal and full rights as a data citizen
and is encouraged to participate freely (Christiaens 2016).
Phil Watt, Director, Elait Australia, states that (Mahanti 2021),
Over the last 2-3 years, a new approach to data governance has emerged and it is gaining
traction focused on a crowd-sourced or collaborative approach to governance.
With the self-service model, more and more business users have direct access to
the data and have a very good understanding of the data, as well as its context. While
the top down and the centralized approach to data governance offer stricter control,
these approaches will fail to capture this distributed data community knowledge into
the policies, processes, and standards for data governance.
Crowdsourcing data governance helps tap into this community which has exten-
sive knowledge and understanding of the data, but has no control. Crowdsourcing is a
good method to gather information. However, as individuals have different contexts
of data usage and different understanding of the same data, depending on different
levels of users involved, some level control is needed to ensure that the data is fit for
purpose and compliance requirements are also met.
Phil Watt, Director, Elait Australia is a strong advocate of the crowdsourced
approach with a layer of oversight to ensure regulatory compliance. In his inter-
view, Phil states the companies that he has seen adopting this approach (including
Airbnb and eBay), success had been sustained by allowing the community of analysts
to govern themselves, with a layer of oversight for privacy and security to ensure
regulatory compliance. In his words (Mahanti 2021):
I prefer the crowd-sourced approach driven by automation and collaboration capability…
For this to succeed; it must also have a layer of oversight to ensure regulatory compliance.
There is no single approach, framework, or a right way of doing data governance. The
different components of data governance—people, roles and responsibilities, organi-
zational structures, principles, policies, processes, rules, standards, and metrics will
always be there, irrespective of organizations when implementing data governance.
However, these components will be different for each organization. Hence, the data
governance approach consisting of these components, for any two organizations
could be very different, or somewhat similar, but can never be exactly the same.
An organization will have organizational structures, bodies, and working groups

that practice data governance. It is best to see how these structures can be leveraged,
and how new data governance processes can be introduced or overlaid on top of
the existing structures, so as to cause minimum disruption and contention. Also, as
organizations get more mature, or in case, changes are carried out in the organiza-
tion’s structure and hierarchies, and as data continues to evolve, the data governance
framework and operating model that was initially established may no longer apply,
and a different framework and model might need to be established.
For example, a small organization in a single geographic location might start
with a centralized operating model, but as the organization establishes new offices
in different geographic locations, the centralized model might no longer work, and
a federated model might become necessary.
References
Christiaens S (18 Aug 2016) Crowdsourcing data governance. Last accessed on 10 April 2020,
from https://www.collibra.com/blog/crowdsourcing-data-governance
Dyché J, Polsky A 5 Models for data stewardship, SAS best practices white paper
Frican G (April 2019) Surprising data roles you should know about. Lights on data blog. Last
accessed on 10 April 2020, from https://www.lightsondata.com/3-surprising-data-roles/
Goodrich R (Feb 2013) What is crowdsourcing? Business news daily. Last accessed on 10 April
2020, from https://www.businessnewsdaily.com/4025-what-is-crowdsourcing.html
Greene S (29 Mar 2014) Security program and policies: principles and practices, 2nd edn. Pearson
IT Certification
Howe J (2006) The rise of crowdsourcing. Wired Magazine 14(6):1–4
https://deloitte.wsj.com/riskandcompliance/2013/06/11/governance-operating-model-a-tool-for-
more-effective-board-oversight/
Jackson K (8 Mar 2018) Breaking down barriers with master data management and data governance,
session #249, HIMSS18. Last accessed on 10 April 2020, from https://365.himss.org/sites/him
ss365/files/365/handouts/550234736/handout-249.pdf
Karel R (2 Jan 2014) Data governance: the 4 process stages, informatica blog, https://blogs.inform
atica.com/2014/01/02/the-process-stages-of-data-governance/#fbid=iE2S7g10MP2
Macmillan Dictionary, ownership definition. Last accessed on 10 April 2020, from https://www.
macmillandictionary.com/dictionary/british/ownership
Mahanti R (2019) Data quality: dimensions, measurement, strategy, management and governance.
ASQ quality press, Milwaukee WI. pp. 526. ISBN: 9780873899772
33-6877-4
Metivier B (8 Feb 2016) Seven characteristics of a successful information security policy”, Sage
advice—cybersecurity blog. Last accessed on 10 April 2020, from https://www.sagedatasecurity.
com/blog/seven-characteristics-of-a-successful-information-security-policy
Mustimuhw Information Solutions Inc., (2015) Data governance framework. Last accessed on 10
April 2018, from https://static1.squarespace.com/static/558c624de4b0574c94d62a61/t/558c75
a5e4b0391692159c81/1435268517023/BCFNDGI-Data-Governance-Framework.pdf
O’Neal K (2011) The role of IT in business-led data governance, b-eye-network. Last accessed on
10 April 2020, from http://www.b-eye-network.com/view/15165
O’Neal K (July 2015) Identifying the right operating model for your organization: a step toward
sustainable data governance. Last accessed on 10 April 2020, from http://www.b-eye-network.
com/blogs/oneal/archives/2015/07/the_right_operating_model.php
Plotkin D (2013) Data stewardship, Elsevier Science Publication

Power D (2014) Building a data governance organization, Eckerson Group, https://www.eckerson.
com/articles/building-a-data-governance-organization Last accessed 1 June 2020
Smith AM (Aug 2011) Foundations of data stewardship. Last accessed on 10 April 2020, from
https://www.ewsolutions.com/foundations-data-stewardship
Smith A-M (5 Oct 2016a) Four foundational data governance policies, EWSolutions. Last accessed
on 10 April 2018, from https://www.ewsolutions.com/basic-data-governance-policies/
Smith A-M (5 May 2016b) Data governance guiding principles, EW Solutions. Last accessed on
10 April 2018, from https://www.ewsolutions.com/data-governance-guiding-principles/
Stanford University (2013) What is data governance? DG @ Stanford. Retrieved from http://www.
stanford.edu/dept/pres-provost/cgi-bin/dg/wordpress/
[TDGI] The data governance institute, component #8: data governance office. Last accessed on 10
April 2018, from http://www.datagovernance.com/fwk_c08_data_governance_office/
The Data Governance Institute [b], data governance and stewardship. Last accessed on 10 April 2020,
from http://www.datagovernance.com/adg_data_governance_governance_and_stewardship/
The Data Governance Institute. Last accessed on 10 April 2018, from http://www.datagovernance.
com/the-dgi-framework/
Thomas G, Choosing governance models. Last accessed on 10 April 2018, from http://www.datago
vernance.com/choosing-governance-models/
Thomas G, Establishing a data governance office. Last accessed on 10 April 2018, from http://www.
datagovernance.com/establishing-a-data-governance-office/
Wiki- Operating Model. Last accessed on 10 April 2018, from https://en.wikipedia.org/wiki/Ope
rating_model
Talburt JR, Zhou Y (2015) Entity information life cycle for big data. Morgan Kaufmann
Zaidi J (2012) Data governance demystified–lessons from the trenches, Dataversity, https://www.
dataversity.net/data-governance-demystified-lessons-from-the-trenches/ Last accessed 10 June
2019
Chapter 6
Data Governance—Metrics
However beautiful the strategy, you should occasionally look at

the results.
—Sir Winston Churchill
Count what is countable, measure what is measurable, and what
is not measurable, make measurable.
—Galileo Galilei
If you cannot measure it, you cannot improve it.
—William Thomson, Lord Kelvin
Abstract Data governance metrics is one of the key factors in the success of data
governance. Data governance is often seen as a lot of overhead and hence, you need
meaningful metrics to show progress periodically. A section in this chapter has been
dedicated to discussing the characteristics of a good data governance metric. Organi-
zations often do not realize that they are measuring a wrong metric. A few indicators
that serve as warning signs and tell you that you need to revisit and revaluate your
data governance metrics are discussed in this chapter. This chapter also describes a
few data governance metrics categories, provides guidance on choosing and docu-
menting metrics, and provides some examples of data governance metrics for readers
to choose from, and track their data governance program. It is important to give a
relevant and compelling view of the data to the top management and stakeholders
to communicate the metrics and progress of data governance in an effective manner.
Dashboards and scorecards have been discussed briefly in this chapter too.
6.1 Data Governance Metrics—Introduction
You have a data governance strategy in place, you have set up organizational struc-
tures to implement data governance and you are to set to embark on the journey
of implementing data governance. Now what you need is to define the right data
governance metrics to track the progress and effectiveness of your data governance
program!
In legendary mananagement thinker, Peter Drucker’s words, “You cannot manage
what you can’t measure,” applies to data governance too, and this view is also
resonated by Tony Epler, Chief Data Strategist, PricewaterhouseCoopers, and Dr.
https://doi.org/10.1007/978-981-16-5086-4_6
168 6 Data Governance—Metrics
John Talburt, Acxiom Chair of Information Quality at the University of Arkansas

at Little Rock, and Lead Consultant for Data Governance and Data Integration with
Noetic Partners Inc. in their interview statements as below (Mahanti 2021).
Tony Epler: “Like many organizations, we believe that programs, projects, and initiatives
cannot be effectively managed unless they are measured.”
Dr. John Talburt: “As with any program, DG can’t be effectively managed without
measurement.”
A metric refers to a standard for measuring something. It has roots in the Greek
word “metron”, which relates to measurement. The management axiom “what gets
measured gets managed” (Willcocks and Lester 1996) applies to data governance
too. Gartner analyst Ted Friedman states (TechTarget and RSD)
Organizations have to develop data quality metrics and scorecards, and they have to have a
repeatable approach for measuring the degree to which data conforms to their policies, and
they need to make the results visible to people so they can take action.
Metrics are critical to measuring, monitoring, and managing the effectiveness,

progress, impact, and value of a data governance program, and for demonstrating
success. It is important to identify and document the performance metrics at the
very start of the data governance program to be able to measure the impact of the
data governance efforts, and to track consistently to ensure the effectiveness of the
processes in the future.
However, organizations struggle to define meaningful and relevant data gover-
nance metrics that are aligned with the business goals. Many organizations do not
even use metrics to track progress or to demonstrate the effectiveness of their data
governance program. This is because there are no standard set of metrics in data
governance. Kelle O’Neal, Founder, and CEO of First San Francisco Partners at the
Enterprise Data Governance Online 2017 stated (Dennis 2017)
Metrics are one of the hardest aspects of data governance (to grasp) and also one of the most
important.
This is because data governance like data is intangible. With respect to the data
governance metrics, it is important to understand what to measure, why you are
measuring it, how to measure it, and how these metrics would help the organization
to take adequate preventive or corrective actions to stay on course to attain business
objectives.
There needs to be an agreement on the metrics to be measured from all the data
governance stakeholders. The metrics should be driven by the goals that data gover-
nance is set to achieve and the context in which they are applied. Metric measurement
and review should be a periodic process and not a one-off event. At the heart of metrics
is data. Metrics are derived from data either already sitting in repositories or gathered
through surveys.
In Chap. 2, we established “Data Governance Metrics” as one of the critical
success factors for successfully implementing data governance in an organization.
A data governance program is a systematic and continuous improvement program,
and measurement not only establishes the effectiveness, impact as well as value, and
6.1 Data Governance Metrics—Introduction 169
enables the reporting progress of the program to your senior management and key
stakeholders, but also maintains control over the data governance processes.
In order to show that the data governance program is benefiting the business,
you need appropriate metrics—both to measure the results of the data governance
program as well as activities of those involved in data governance- for example, data
stewards and data management professionals.
A single metric rarely gives you a complete picture in relation to the progress
or value of data governance; generally, a set of metrics is required to collectively
evaluate the progress and impacts. Data governance is often seen as a lot of overhead
and hence, you need meaningful metrics to show progress periodically, and when
senior management asks questions like (also see Fig. 6.1)
Where are we at with data governance?
Is the data governance program working?
Is the data governance program making a difference?
What have we achieved so far?
How close are we to attaining our business goals?
How will we know that we have achieved our business goals?
Is the data governance progress being measured?
How is the data governance progress being measured?
Are we heading in the right direction?
Laura Sebastian-Coleman, Data Quality Lead, Finance Data Governance Center

of Excellence, CVS Health when discussing data governance metrics stated (Mahanti
2021)
…One reason why we are focusing on producing metrics is that, without them, other people
do not have a clear picture of what the data governance team is actually accomplishing.
With them, we can show that we are making headway on our initiatives. People get more
interested when they feel like there is something concrete to learn about.
As with any program, DG can’t be effectively managed without metrics in place

to measure impact and progress. In this chapter, we will discuss the characteristics of
good data governance metrics, data governance metric categories, data governance
metric selection and documentation, and a few examples of data governance metrics,
that will give you some guidance when choosing the metrics to track your data
governance program. Dashboards and scorecards which can be used to visualize and
present metrics have also been discussed briefly in this chapter.
6.2 Desired Characteristics of Data Governance Metrics
While a lot of things can be measured, it is important to keep in mind that not
all measurements are value-adds, and hence, you should not measure everything.
As stated by Kelle O’Neal, Founder and CEO of First San Francisco Partners in a
How will we know that
170
we have achieved our

business goals? Is the data governance
program working?
Where are we at with
data governance
What have we achieved

so far?
Is the data governance
program making a
difference?
Are we headed in the

correct direction?
How close are we to
attaining our business
goals?
How is data governance

Is data governance progress being
progress being measured?
measured?
6 Data Governance—Metrics
Fig. 6.1 Data governance questions to which metrics can provide answers
6.2 Desired Characteristics of Data Governance Metrics 171
presentation related to metrics at Dataversity® Enterprise Data Governance Online

2017 (O’Neal 2017; Dennis 2017).
Less is more; you don’t have to measure everything. You just have to choose what’s important
and meaningful to your stakeholder group and your program.
Metrics should be related to the business objectives and at the same time be able
to provide meaningful insights that management can relate to and understand.
Data governance metrics should have the following characteristics (see Fig. 6.2).
Meaningful
A data governance metric should be meaningful, and assist stakeholders to understand
important aspects of their processes. It is important to ensure that measurements are
translated into a value statement that the stakeholders can use as key performance
indicators.
Measurable
Meaningful Relevant
Aligned Owned
DG Metrics
Characteristics
Time
Trackable,
Actionable Repeatable,
&
Comparable
Transparent Accessible
Auditable
Fig. 6.2 Desirable characteristics of data governance metrics

A metric that is meaningful to one group of stakeholders might be meaningless

to another group of stakeholders. Hence, the target audience should be kept in mind
while deciding on a metric.
For example, the percentage of customer records with missing address data
elements (for example, missing street address, city, and postcode) will be mean-
ingful to the data management team and data stewards to understand the current state
of customer data, but this metric is not meaningful to senior executives. Similarly,
the percentage of additional costs or the percentage of missed opportunities would
make sense to the management, but not to the technical teams.
Measurable
Data governance metrics should be relatively easy to measure, with measurements
being accurate and consistent.
If a new system or a complex process needs to be devised and implemented just
for the sake of measuring the metric, then it is possibly not worth measuring it
in the first place. Also, if the metrics involve complex calculations, then it would
be difficult to measure as well as understand and hence, would not be a value-
add. Also, what needs to be considered is, whether the metrics can be measured
objectively or subjectively, and whether the metric capture is automated or has to be
done manually. Automated metric capture is preferred over manual metric capture
as system generated data is more accurate. However, the requirements should be
captured, designed, and implemented correctly, otherwise automation will not yield
right results.
Aligned
Data governance metrics have no value if they are not aligned to the business goals
and the stakeholders needs. Therefore, it is important to ensure that there is some
way of measuring how data governance is helping the stakeholders move closer to
their goals, and translate the metrics into a value statement that they are able to relate
to.
Actionable
A data governance metric should be actionable, as in, if the metric results are below
the threshold, there should be a set of remedial actions that would be able to change
the outcome in such a way, that post-implementation of the actions would result in a
positive trend in the metric when measured. There is no use of measuring something,
if you cannot influence or change the outcome.
Relevant
The data governance metrics should be relevant to the business goals and industry,
and should be within the business context. You should not measure something just
because it has always been measured. Also, as the data governance program evolves,
goals might change and you might need to stop measuring metrics that are no longer
relevant.
6.2 Desired Characteristics of Data Governance Metrics 173
Metrics would need to be revised or new metrics would need to be defined to be

relevant and aligned with the new business goals and business context.
Transparent
A data governance metric must be transparent, and there should be a clear under-
standing as to what is being measured, how are the calculations being done, whether
there are any assumptions and, if there are any assumptions, what those assumptions
are, what the targets are, and how they affect the outcome in a positive direction, and
what is the frequency of measurement.
Time-trackable, repeatable, and comparable
A data governance metric should not be restricted to a one-time snapshot of an
activity. A good metric must be repeatable, and should be able to be measured over a
period of time, so that the metrics can be tracked and graphed to analyze the weekly
trend, monthly, quarterly trend, or for a longer interval, as need be. The frequency
of reporting will be different for different metrics.
It should be possible to compare metrics at different points in time or across user
groups, to be able to assess comparative progress or setback.
Owned
Every data governance metric needs an owner, who is held accountable for its
outcome. Without establishing accountability, metrics would be meaningless, and
not serve the purpose. Metrics should be reviewed and approved by the data owner
and/or data stewards. The data owners and data stewards should be notified, if the
metric value does not meet the threshold value. While the data owners are account-
able for the metric in question, data stewards are responsible for remediation and
corrective action.
Accessible
A data governance metric needs to be accessible, that is, it should be easily retrievable
by the targeted audience. Accessibility might need be controlled as not all people
should have access to a particular metric. For example, if the metrics contain sensitive
information, only authorized persons should have access to them. As Ries wrote for
the Harvard Business Review (Ries 2010),
Key data should be available to any employee, anytime, in a matter of minutes.
Auditable
A data governance metric should be auditable. Auditable means that it should be
possible to examine and verify the metric. In order for a metric to be auditable, it
should be easy to find and examine the source data, the metadata, and the calculations
involved in producing the metric results. Metrics that can stand inspection result in
greater trust and confidence.
6.3 Data Governance Metrics—Health Check
Often, the data governance teams do not realize that they are measuring the wrong
metrics. Below are a few indicators that serve as warning signs, and tell you that you
need to revisit and reevaluate your data governance metrics.
• Metrics are difficult to measure and require a lot of effort.
• Metrics are ambiguous and misinterpreted by the stakeholders.
• Metrics collection is a time consuming and costly exercise.
• You have too many metrics, and you cannot figure out what is important, and if
and how these metrics are linked.
• Measurements are either inaccurate or inconsistent, or the underlying data used
to derive the metrics are inaccurate or inconsistent.
• Metrics involves complex calculations and are difficult to understand or use by
stakeholders.
• While metrics do show progress, they are not aligned with the business goals or
are not within the business context.
• Stakeholders cannot relate to the metrics.
• Absence of common understanding of a particular metric amongst the different
stakeholders.
• There is no clarity as to how metrics are calculated.
• Metrics do not influence outcomes; that is, you cannot control the outcomes, as
there is no action plan for improvement, if the metrics show a downwards trend.
If you cannot drive any improvements, then there is no use measuring it.
• Metrics are not easily accessible.
• Metrics are not driving the intended action.
• Metrics are not linked to decision making.
6.4 Data Governance Metrics—Don’ts
• Do not measure just for the sake of measuring.

• Do not create a lot of metrics.
• Do not have a metric without a benchmark or a threshold value defined and agreed
with the stakeholders.
• Do not underestimate the data extraction involved in the creation of metrics.
• Do not use data that is not consistent to devise metrics.
• Do not forget to have a record of the methodology to capture metrics.
6.5 Data Governance Metrics Identification and Selection
An organization should outline the objectives and requirements for measuring and
reporting on the statistics and progress of the data governance program. The data
6.5 Data Governance Metrics Identification and Selection 175
governance metrics should be identified based on the business goals you want to
achieve, and the metrics should be agreed with the stakeholders, before implementing
the data governance program. There are several methodogies that tie goal with metrics
such as Goal Question Metric (GQM) and FAST Goals approach [adapted from the
Function Analysis Systems Technique (FAST)], for alignment, prioritization and
value (Basili et al. 1994; Siviy et al. 2008; Siviy; McAllister; Siviy and Ismail).
The metrics identified should directly or indirectly be able to measure the health
and progress of the data governance program. This is because you need to know where
you are at, before implementing the data governance program, in order to define where
you want to be, and what is the threshold for the metric—as in the minimum and/or
maximum value the metric can have without adverse impacts. Hence, data governance
metrics should be defined at the beginning of the data governance program.
The data stewards who are subject matter experts and analysts with detailed knowl-
edge of the data should generate ideas for quantitative and qualitative metrics. The
data stewards can propose metrics to the data governance council. The data gover-
nance council should review and approve the metrics. Steps should be taken to
ensure that all business units or departments in the organization have a common
understanding of the metric. There should be documented standards for the metrics,
which should be shared with the stakeholders to avoid confusion and misleading
decisions arising from false assumptions.
The threshold should be established for each metric in the approved list of metrics
keeping in mind that business units or departments have different thresholds and
weightings.
Metrics should be captured and tracked regularly to review progress against the
threshold. You need to analyze the gap, as in the difference between the actual
value and the threshold value, perform root cause analysis to understand underlying
causes, and accordingly outline an action plan consisting of a mix of tactical, strategic,
corrective, preventive, short term, and long-term activities to attain the desired metric
results.
While the corrective activities are reactive and are used to resolve the problem
after the occurrence, preventive actions are focused on preventing the problem from
surfacing in the first place. Figure 6.3 shows the high-level steps involved in the data
governance metric measurement.
Six Sigma is a quality improvement technique that was adopted by Motorola in
1985, to improve its product quality and improve customer satisfaction.
If we look at Fig. 6.3 carefully, then we can say that it very closely aligns with
the Six Sigma DMAIC methodology that has 5 phases- define, measure, analyze,
improve, and control.
As the names suggest, the define phase involves defining the problem, the future
desired state, and the dimensions for measurement (in this case metrics); the measure
phase involves measuring the current state, and the gap between the current state and
future state for the metrics defined in the define phase; the analyze phase involves
using techniques like root cause analysis and pareto charts to analyze the gaps to
understand and prioritize the causes of the problem, and propose recommendations
and solutions; the improve phase involves implementing solution options; and the
control phase involves implementing controls to sustain the solution, through moni-
toring and measurement, creating a cyclic process. If the controls are not effective,
1
176
Monitor and
Get Establish measure
Identify metric at
stakeholder metric
metrics regular
agreement threshold
intervals YES
Does metric
meet
threshold
requirements
?
1
NO
Perform root
Execute action Devise action
cause Analyse gap
plan plan
analysis
6 Data Governance—Metrics
Fig. 6.3 Data governance metric measurement—high level steps

6.5 Data Governance Metrics Identification and Selection 177
the root causes need to be investigated and addressed, with control improvement
plans defined, agreed, and implemented.
Once you have identified all the metrics, you would also need to establish the
frequency with which you need to capture and monitor these metrics, and publish
and store all the metrics in a secure and centralized repository, to track the progress
with the metrics over an extended period of time and for audit purposes. If the metric
trends downward and falls below the defined threshold, you would need to investigate
and find the underlying causes and have action items to address the same. It is also
important to identify which metrics contain confidential or sensitive information,
and the audience who should be exposed to the metric, and who should be restricted
from having access to the metric.
The data governance metrics will continue to evolve as the data governance
program gains momentum, evolves, and/or its scope changes. Metrics need to be
reviewed from time to time for appropriateness and uniqueness, so that the metrics
that are no longer needed, and the ones that are duplicate or similar, can be removed
from the repository. A data governance program will have different components, and
metrics need to be categorized and prioritized. Figure 6.4 shows the high-level steps
in the maintenance of data governance metrics.
When selecting a data governance metric, it is important to consider whether the
metric covers a single business unit, multiple business units, or the entire organization,
or parts of a process, or end to end processes. It is recommended to focus on the
complete process rather than the parts of a process. When you choose data governance
metrics, it is important to consider, whether the metric is addressing a high-risk area,
Store all
metrics in a
secure
repository
De- Review Remove

duplicate and metrics no
similar analyse longer
metrics metrics relevant
Categorize
and prioritize
metrics
Fig. 6.4 Maintenance of data governance metrics

or is it related to compliance, or does it help measure the effectiveness of the data

governance program.
In other words, when you are choosing data governance metrics, it is important
to ask and answer the question “so what?” For example, I may be measuring the
percentage completeness of customer address records, but how is this helping me
move closer or achieve my business goal? What business outcome is this metric
driving? How will the change in the metric value impact the outcome, as in what
is a negative trend and what is the positive trend? How do I convert the metric
to a value statement or a language that my customer can relate to? Is the effort
required to measure the metric worth the ROI or the benefits? Who is the metric
audience? For example, percentage completeness of customer records may make
sense to the data management team and the business executives who are close to the
problem statement, but senior management would like to see the value in terms of
cost savings or revenue generation or risk reduction and hence, you should have a
conversion formula in place. Figure 6.5 summarizes some of these considerations.
It is important to keep in mind, that “one size fits all” approach should not be
applied to metrics selection; that is a set of metrics used to track data governance
in one organization is most likely not going to suit another organization’s needs and
situation.
What business outcomes

will the metrics drive?
What is the coverage of the

metric? Is the effort required to
capture and monitor the
metric worth ROI?
How do I convert the

metric into a value
statement?
Is the metric related to
compliance?
Does the metric address a

high risk area?
Who are the metric
Does the metric help audience/ users?
measure the data
governance program
performance?
Fig. 6.5 Considerations when choosing data governance metrics

6.6 Data Governance Metrics—Categories and Examples 179
6.6 Data Governance Metrics—Categories and Examples
Data governance metrics can be classified into different group sets with an overlap
of metrics between these categories as shown in Fig. 6.6. These group sets are as
follows:
• Quantitative and Qualitative.
• Progress, Verification, and Impact/Value.
• People, Process, Technology, and Data.
• Efficiency, Enablement, and Enforcement.
6.6.1 Quantitative and Qualitative Metrics
These are two basic broad categories of data governance metrics based on objective
versus subjective measurements as summarized in Fig. 6.7.
People
Metrics
Process Data
Metrics Metrics
Technology
Metrics
Efficiency
Metrics
Enablement Enforcement
Metrics Metrics
Fig. 6.6 Data governance metric categorization

Qualitative Quantitative
Metrics Metrics
Example Metrics: Example Metrics:

• Decrease in cost of
regulatory fines and
• Customer loyalty penalties
• Customer satisfaction • Percentage of critical data
elements that cannot be
traced back to the source
of origin
Fig. 6.7 Data governance quantitative and qualitative metrics with examples
6.6.1.1 Quantitative Metrics
Quantitative metrics are tangible, concrete, and objective measurements indepen-

dent of individual judgement and standpoints, and can be expressed as numerical
measures with a direct mapping between action and outcome. They are based on
objective data and numbers, that is data that can be counted. Examples of quantita-
tive metrics are hard savings and data centric metrics like savings in mailing cost as
a result of deduplication of customer records, decrease in the cost of regulatory fines
and penalties, the number of unauthorized modification or deletions of critical data
residing in data repositories, and the percentage of critical data elements that cannot
be traced back to the source of origin or where the source of origin is unknown.
6.6.1.2 Qualitative Metrics
Qualitative metrics are intangible, abstract, and subjective measurements based on

individual judgment, standpoint, and/or anecdotal evidence that are used to measure
the soft benefits. Qualitative metrics are separated from the data to a certain degree,
and a direct relationship cannot be established between the action and the outcomes.
They are based on intangible or subjective data.
While quantitative metrics are transparent, auditable, and more credible as they are
backed by data, not everything can be quantified, and qualitative measurements are
the only feasible option in these scenarios. For example, customer loyalty, customer
Table 6.1 Quantitative and qualitative metrics—comparison

Quantitative metrics Qualitative metrics
Tangible Intangible
Concrete Abstract
Objective Subjective
Independent of individual judgement and Dependent on individual judgement and
standpoint standpoint
Closely tied with data Separated from the data by a certain degree
satisfaction, team collaboration, and expert judgment cannot be measured quanti-

tatively, but through feedbacks or surveys. Likert scale is used to assign a score
to the parameters. However, transparency, auditability, and credibility of qualitative
metrics can be improved by using examples to support the assessment results and
scores, clearly stating the assumptions and guidelines used to arrive at the scores and
results, and highlighting the constraints and risks.
Table 6.1 shows the comparisons between quantitative and qualitative metrics.
6.6.2 Progress, Verification, and Impact/Value Metrics
There are three broad categories of metrics to measure the development of the
data governance program—the extent to which the data governance program is
functioning as per the design, the value being generated by the data governance
program, the impact it is making, and the extent to which the data governance
program is achieving business goals as summarized in Fig. 6.8. This metrics cate-
Progress Verification Impact/Value

Metrics Metrics Metrics
Example Metrics: Example Metrics: Example Metrics:

• Number of processes • Percentage of employees • Decrease in cost of
with RACI defined not compliant with regulatory fines and
versus the targeted policies and standards penalties
number of processes • Percentage of processes • Customer retention rates
• Number of standards not compliant with
developed versus target policies and standards
[Talburt]
Fig. 6.8 Data governance progress, verification, and impact/value metrics with example metrics
gory is in line with Jeannine Siviy’s FAST Goals approach which uses progress,
technical/operational/quality, and success metrics (Siviy 2017).
6.6.2.1 Data Governance Progress Metrics
Data governance progress metrics track the development of the data governance
program (Mahanti 2021), as in how much is accomplished when compared to a
targeted value. Some examples include:
• Number of domains that have data owners identified versus the targeted number
of domains.
• Number of standards developed versus target (as per Dr. John Talburt’s interview
statement in Mahanti 2021).
• Number of lines of business/functional areas/departments/system areas that
have committed stewardship resources versus the targeted number of lines of
business/functional areas/departments/system areas.
• Number of processes with RACI defined versus the targeted number of processes.
• Number of datasets/ data elements catalogued (as per Dr. John Talburt’s interview
statement in Mahanti 2021).
There may have been milestones that you have set at the beginning of the program,
and you might want to see how you are tracking on these milestones at defined
intervals.
6.6.2.2 Data Governance Verification Metrics
As stated by Dr. John Talburt, Acxiom Chair of Information Quality at the University
of Arkansas at Little Rock, and Lead Consultant for Data Governance and Data
Integration with Noetic Partners Inc., data governance verification metrics track the
degree to which the data governance program is actually working as designed. “These
are usually measured by policy and standards reviews and the degree to which they are
enforced and adhered to. The extent to which employees and processes are compliant
to policies and standards and deviations from the policies and standards is the key
here. Examples of verification metrics would include the number or percentage of
employees and processes not compliant with policies and standards (Mahanti 2021).”
In Dr. John Talburt’s words, verification metrics are very much DG quality measure-
ments in the sense that they measure the degree to which the data management
processes conform to the DG policy and standards, just as data quality is the degree
to which the data conform to the data quality requirements (Mahanti 2021).
6.6.2.3 Data Governance Impact/Value Metrics
Data governance impact/value metrics measure the value the data governance
program is generating, the impact it is making, and the extent to which the data
governance program is helpful in achieving business goals (Mahanti 2021). These
are also known as validation or success metrics. The business goal should be tracked
and measured (Mahanti 2021). As stated by Dr. John Talburt—“Validation metrics
are some of the most important but the ones often left out.”
Some examples of these metrics include:
• Increase or decrease in customer attrition.
• Customer retention rates.
• Percentage increase or decrease in regulatory compliance (as per Dr. John Talburt’s
interview statement in Mahanti 2021).
6.6.3 People, Process, Technology, and Data Metrics
As data governance revolves around people, process, technology, and data, you
should have quantitative and/or qualitative metrics to measure the progress and effect
of data governance along each of these dimensions. Figure 6.9 summarizes these
metrics.
There is often a misconception as data governance is related to data, having
a data centric metric is sufficient, but that is not the case. This is because data
enables business, hence, people, processes, decisions, and interactions that the data
is enabling, and the technology and systems that support the same also need to be
taken into consideration when considering data governance metrics.
6.6.3.1 Data Governance People Metrics
Data governance people metrics provide a quantifiable measure of people activity

or metrics that are people-centric in the implementation and progress of data gover-
nance, and the impact that data governance is making. The following quantitative
people metrics can give an insight into the progress of data governance:
• Number of data owners identified versus the number of data domains (Ladley;
Henderson 2015).
• Number of people trained on data governance.
• Percentage of business departments actively involved in data governance, master
data management, metadata management, and data quality management (Smith
2016).
• Number of people trained as business data stewards by month, quarter, annually
(Smith 2016).
Example Metrics
• Number of people trained on
data governance
• Customer satisfaction index
score
People Example metrics

• Number of data sources
consolidated
• % of data validated at source
Data Technology
Example Metrics
• % of critical data elements that
cannot be traced to the source
of origin
• % of missing customer address
data Process
Example metrics
• Number of standards and
processes linked to a policy
• % of processes with RACI
defined
Fig. 6.9 Data governance metrics—people, process, technology, and data with example metrics
• Number of people that participate actively as business data stewards (Smith 2016).
• Number of lines of business/functional areas/departments/system areas that have
committed stewardship resources.
While the above metrics may not exhibit business value, they will aid early stage
data governance efforts, show progress and adoption to its sponsors, and battle
cultural issues as they work to operationalize data governance. The above metrics
can be also thought of as implementation metrics with people as metadata.
The following qualitative people metrics can give an insight into the impact of
data governance:
• Increase or decrease in the customer satisfaction index score—via surveys.
The following quantitative people metrics can give an insight into the impact of
data governance:
• Increase or decrease in customer attrition.
The following qualitative people metrics can provide an insight into the progress
of data governance:
• DG/process adoption rate by business personnel—via a survey (Ladley,

Henderson 2015).
6.6.3.2 Data Governance Process Metrics
Data governance results in the establishment and enforcement of policies, processes,

standards, and rules. While policies outline the “do’s” and “don’ts” in the context of
data related activities at a high level, data policies are implemented in the form of
processes, standards, and rules that are embedded in the business as usual activities
in the organization. These processes help achieve business objectives, and metrics
related to these processes can quantify the impacts that can serve as data governance
process metrics. Examples of data governance process metrics are as follows:
• Number of approved and implemented standards, policies, and processes (Ladley;
Henderson 2015).
• Number of standards and processes linked to a policy.
• Number of published data definitions (Ladley; Henderson 2015).
• Number and percentage of data governance initiatives on track.
• Number of projects governed.
• Percentage of processes with RACI defined.
• Rate at which critical data are defined (as per Laura Sebastian-Coleman’s
interview statement in Mahanti 2021).
• Number of external reference data for which a review and update process has
been defined.
• Number of data issues reported to data governance bodies or logged into the data
issue register.
• Number of data issues resolved.
• Average time to resolve data issues.
• Ratio of the number of data issues resolved to the number of data issues reported.
• Percentage increase or decrease in regulatory compliance.
• Percentage increase or decrease in security incidents.
• Turnaround time for audit queries.
• Number of failed data audits.
While some of the above (the first nine) can serve to measure data governance
adoption and progress, all the rest can be used to measure the impact or value.
6.6.3.3 Data Governance Technology Metrics
Technology helps automate data governance processes and is an enabler of data

governance. Data governance technology metrics measure the effectiveness of tech-
nology, and are related to technology components and applications. Examples of
data governance technology metrics are as follows:
• Number of data sources consolidated (Henderson 2015; Ladley).
• Number of data targets using mastered data (Henderson 2015; Ladley).
• Number of local spreadsheets used (Henderson 2015; Ladley).
• Number of data fields traceable from source to use (Henderson 2015).
• Number of unique identifiers (Henderson 2015; Ladley).
• Percentage of data validated at source (Henderson 2015).
• Number of business terms mapped to data entities and data elements (Henderson
2015; Ladley).
• Percentage completion of glossary (Henderson 2015; Ladley).
• Improved reporting efficiency.
• Percentage of storage space saved.
• Number of unauthorized data access incidents.
• Technical data debt:
– Time/effort/resources/cost accumulated as a result of not implementing tech-
nical data solutions in the right way.
– The number of data standard violations (for example, and number of critical
data elements that do not have corresponding data definitions recorded in the
data dictionary, and number of critical data elements which have incomplete
definitions or definitions that do not make sense).
– The number of technical debts retired.
6.6.3.4 Data Governance Data Metrics
An effective data governance program leads to improved data quality. Data metrics
are operational metrics related to data issues, and usually revolve around the data
quality dimensions. When related to data quality dimensions, they are also known
as data quality metrics. Table 6.2 shows some of these metrics.
The coverage of data quality metrics (as per Laura Sebastian-Coleman’s interview
statement in Mahanti 2021) is also an important metric that can help gauge the extent
of data whose quality is being assessed/ monitored. While the data quality metrics in
Table 6.2 gives an indication of data quality, there is a need to convert these metrics
into business outcomes to show the business value. Table 6.3 shows examples of
business outcomes related to some of the data quality metrics discussed in Table 6.2.
Table 6.2 Data quality dimensions and metrics examples

Data quality dimensions Example metrics
Accuracy • Percentage of incorrect address causing returns and reshipments and
lost business and additional costs
• Percentage of wrong email addresses resulting in missed
opportunities due to bouncing of emails
• Percentage of incorrect patient data resulting in wrong diagnosis
Completeness • Percentage of deliveries impacted because of missing customer
address data
• Percentage of deliveries impacted because of missing product data
• Percentage of missing email address resulting in lost opportunities
• Percentage of critical data elements that have complete metadata
Consistency • Percentage of inconsistent customer names across various data
stores in the organization
• Percentage of inconsistent addresses across various data stores in
the organization
• Percentage of data values that conforms to the code sets/domain
values (Jena 2011)
Uniqueness/Duplication • Percentage of records having a unique primary key (Ajilitee 2011)
• Percentage of records having duplicate patient records
• Percentage of duplicate customer records
• Percentage of duplicate product inventory records
• Percentage of duplicate order records
• Percentage of duplicate liability records
Accessibility • Percentage of critical data elements (CDE) identified by the DG
Council that are available to business users (Ajilitee 2011)
• Percentage of access request completed within the SLA defined by
DG Council
• Average time required to complete access request
• Is the time required to complete access request improving?
• How easy do the users find the access request process?
• Difficulty/or ease of access of data by authorized personnel assessed
via survey
Timeliness • Time between when information is expected and when it is readily
available for use (Jena 2011)
• Percentage of time, data load completed as per SLAs (Jena 2011)
• Percentage of time, a user’s queries returned results as per SLAs
Traceability • Percentage of critical data elements that cannot be traced to the
source of origin
• Percentage of critical data elements that can only be partially traced
back (that is, to an intermediate system)
While objective data quality dimensions (for example, completeness and duplica-
tion) can be measured quantitatively, subjective data quality dimensions (for example,
trustworthiness and believability) can be measured qualitatively through surveys.
Table 6.3 Business outcome related to data quality metrics

Data quality metrics Business outcome
Percentage of incorrect address records Percentage of returned shipments
Percentage of lost business
Percentage of missed opportunities
Percentage of missing product data Percentage of impacted sales
Percentage of wrong email addresses Percentage of missed opportunities
Percentage of missing customer address data Percentage of missed opportunities
Percentage of duplicate customer records Number of multiple shipments
Percentage of additional mailing cost
Percentage of duplicate product inventory data Number of customer enquires
Number of unfulfilled orders
Percentage of inaccurate product inventory data Percentage of fulfilment errors
Percentage of procurement errors
Percentage of duplicate liabilities records in a bank Percentage of customer risk profile not
accurately reflected
Percentage of inaccurate risk data Risk exposure in currency units
6.6.4 Efficiency, Enablement, and Enforcement Metrics
Mahesh Krishnan in his article for data governance for financial institutions groups
data governance metrics into three broad categories as follows (Krishnan 2013) (see
Fig. 6.10).
• Efficiency metrics;
• Enablement metrics; and
• Enforcement metrics.
6.6.4.1 Efficiency Metrics
Metrics that illustrate how data governance programs help improve the effectiveness
of your organization. Examples of efficiency metrics include:
• Percentage of customer attrition.
• Percentage reduction in time spent on manual adjustments and reconciliations.
• Data quality metrics.
• Data model quality metrics.
Example Metrics:
• Percentage of customer attrition
• Customer retention rates
Efficiency
Metrics
DQ
Metrics
Enablement Enforcement
6.6 Data Governance Metrics—Categories and Examples
Metrics Metrics
Example Metrics: Example Metrics:
• Percentage of critical data and • Accuracy and timeliness of risk
processes with ownership calculations and aggregations
• Percentage of critical data • Percentage of conformance to
elements with no lineage and data management standards
traceability captured
189
Fig. 6.10 Data governance metrics—efficiency, enablement, and enforcement metrics with example metrics
6.6.4.2 Enablement Metrics
Metrics that illustrate what data governance program allows organizations to do now,
that could not be done before. Examples of enablement metrics include:
• Percentage of critical data and processes with ownership.
• Percentage of critical data elements with no lineage and traceability captured.
6.6.4.3 Enforcement Metrics
These are the metrics that illustrate how a data governance program helps to impose
corporate mandates and standards. Examples of enforcement metrics include:
• Percentage of critical data elements with no lineage and traceability captured.
• Accuracy and timeliness of risk calculations and aggregations.
• Percentage of conformance to data management standards.
• Percentage of critical data and processes with ownership.
As we see there is an overlap, with data quality metrics and data model quality
metrics serving as efficiency, enablement and enforcement metrics.
In addition to the above examples of data governance metrics discussed, data

governance maturity is a metric that gives an insight into the maturity of data gover-
nance in an organization, and is usually a subjective assessment carried out using a
questionnaire approach.
The data governance maturity models have been discussed in Chap. 4, and can be
used as a guide to track progress. When an organization decides to implement data
governance, it assesses its current maturity, and establishes a roadmap to achieve the
targeted maturity in a particular time frame. For example, an organization currently
at maturity level 2 aspires to achieve maturity level 3 in 1-year time and maturity
level 4 in 2 years’ time from the current date. The data governance maturity progress
by levels should be tracked for each succeeding year.
There is an overlap between the different metric categories. For example, a process
metric can also be an impact/value/success metric. Percentage increase or decrease in
regulatory compliance is a process metric as well as impact/value metric. Customer
retention rates is a quantitative people metric, an impact/value metric, as well as an
efficiency metric.
With customer centric metrics, organizations need to be clear as to the definition
of the customer. For example, customer can be an internal stakeholder, a business
user or an external customer. Also, it is important to conduct a root cause analysis
to understand the extent, data contributes to customer centric issues and role data
governance plays in resolving those issues and achieving better customer outcomes.
For example, a customer survey revealed low customer satisfaction due to delayed
deliveries and bad quality products. 75% of the dissatisfied customers cited delayed
deliveries whereas 25% cited bad quality products. Root cause analysis revealed the
following:
• Bad quality product was a result of a manufacturing problem and not related to
data.
• Majority of delayed deliveries were caused due to data issues (for example,
outdated or missing address data) and the rest were caused due to issues external
to the organization (for example, shipments lost in transit or delayed by customs).
Implementing data governance and data quality initiatives to resolve address data
quality issues would typically result in improved address data quality that could be
tracked through data quality metrics, which in turn would lead to improved customer
satisfaction.
This section provides a large number of metrics. Depending on the focus of an
organization’s data governance program and business requirements related to the
data assets, the relevant metrics need to tracked. Some metrics will not be relevant
for a given scenario. For example, if the compliance is the data governance program
driver, customer attrition and retention metrics will not be relevant.
6.7 Data Governance Metric Documentation
It is important to document the details related to data governance metrics. Table 6.4
shows the parameters that should be documented, reviewed, and approved by the
relevant stakeholders. Any changes to the data governance metric parameters should
be agreed upon amongst the stakeholders, and updated in the data governance metric
documentation, so that it is up-to-date. For example, if a decision is made to change
the data governance metric measurement frequency and the metric formula, the data
governance metric documentation should be revised to reflect the same, after all
stakeholders have agreed upon it.
6.8 Dashboard and Scorecards
A picture is worth a thousand words.
It is important to give a relevant and compelling view of the data to the top
management and stakeholders to communicate the metrics and progress of data
governance in an effective manner.
Table 6.4 Data governance metric documentation elements and description

Data governance metrics documentation Description
elements
Data governance metric name An expressive name for the data governance
metric that is self-explanatory and articulates what
is being measured
Objective What is the purpose of the measurement of this
metric?
Frequency of measure How frequently do you want to report on this
metric? For example, daily, weekly, fortnightly,
monthly, quarterly, and so on
Unit of measurement For example, count, percentage, or dollar value
Threshold value The minimum and/or maximum acceptable level
in terms of the unit of measurement, whichever is
applicable
Responsible The role/position in the organization responsible
for the specific data governance metric
Accountable The role/position in the organization accountable
for the specific data governance metric
Metric calculation process/steps The steps or business rules involved in the
calculation of the data governance metric
Quality controls Quality controls applied to ensure the quality of
the underlying data used to derive the metric
Metric formula The mathematical formula that is used to calculate
the specific data governance metric
Hierarchies The different dimensions or hierarchies that are
used as slicing and dicing measure. For example,
sales by region, state, and/or country
Assumptions Any assumptions related to the specific data
governance metric
Reference Link to other related documentation for example,
data lineage across systems, data model, and data
mapping documents
Additional comments Any additional notes that need to be documented
and do not fall into any of the above categories
Dashboards and scorecards can be used to measure, monitor and report the
progress of an organization’s data governance program to the data governance
stakeholders at periodic intervals, for example, quarterly or bi-annually.
A dashboard is a visual representation tool that visually tracks, analyses, consol-
idates, and displays metrics and key data points in a way, that is easy for the end
user to understand and use. It can help monitor the progress and effectiveness of data
governance in your organization. Dashboards are interactive and have filtering, drill-
down functionalities, and show different slices and dices of data that can improve
decision making.
6.8 Dashboard and Scorecards 193
Dashboards is a presentation layer that gives the summarized view and drill down
facilities allow you to drill down into the greater level of details and more granular
data. They are customizable to meet the explicit needs of a department and organiza-
tion. For example, you might design a dashboard to report on the data quality metrics
say for instance completeness of key data entities, such as customer or product, and
provide drill down facility to go to the data element level of each entity.
While dashboards and scorecards are sometimes used interchangeably, a scorecard
is a tabular visualization of the measures and their respective targets with visual
indicators, to see how each measure is performing against their targets at a glance
(Chiang 2011).
Scorecards typically consist of several characteristics in the form of 8 to 15 ques-
tions, answers to these questions, and scores assigned to the answers. Generally, the
greater the score, the lesser is the risk.
Scorecards keep a tally of the score against the target. They provide a snapshot of
performance, but they do not explain the reasons that led to the final score. This is
the purpose of a dashboard. While a dashboard displays several metrics, it does not
intrinsically tell the user whether the results are positive or negative; this is left up to
the user’s own interpretation of the data.
Dashboards offer attractive charts and graphs on the status of data compliance
(Sarsfield 2009). There are a number of dashboard platform options as shown in
Fig. 6.11. Depending on the functional and non-functional requirements, budget,
and tool capabilities, you can choose an option that best suits your business needs,
to automate reporting the progress and impacts of data governance.
There are a number of dashboard vendors in the market, for example, Tableau,
QlikView, IBM, DataFlux, Informatica, and Trillium Software. Dashboard develop-
ment is a project in itself, and once the appropriate tool and technology for dash-
board have been identified, the data stewards, SMEs, and IT need to work together
to develop the dashboards with a project manager overseeing the project, the data
Microsoft • Excel
Office • PowerPoint
Suite • Word
• Tableau, Informatica
Vendor tools • QlikView, IBM
• Business Objects
• Customizable
Custom • Better detail
built tools • Better access control and security
Fig. 6.11 Dashboard platform options. Adapted from Rajan and Hertzler (2017)
stewards and SMEs providing the business requirements, and the IT teams converting
them into technical requirements, and building the dashboards. Dashboards generally
display a set of metrics and demonstrate patterns and trends for these metrics using
technology and data, which in turn provides an insight into the risks and opportunities
that aid decision making.
However, constructing an effective dashboard does not inherently come from
technology only. It is important to locate the right data, understand the key data
characteristics, define the most effective means for visualizing the results in the form
of summarization and correlation, trends, and implications, defining business rules
for computing the dashboard metrics, and lastly designing a captivating layout in
which to present the content to the audience.
The dashboards results need to be communicated, distributed, and monitored,
and if a metric does not satisfy the threshold, then the underlying causes need to be
investigated, and an action plan consisting of corrective action needs to be devised
and implemented. As highlighted by Christopher Butler, Chief Data Officer, HSBC,
UK in his interview statement (Mahanti 2021)—“…The information, dashboards,
and processes must all fit within a holistic environment and be adapted to demonstrate
value.”
When asked about how the effectiveness of a data governance program is
measured, Tony Epler, Chief Data Strategist, PricewaterhouseCoopers states the
following (Mahanti 2021):
Like many organizations, we believe that programs, projects, and initiatives cannot be effec-
tively managed unless they are measured. Consequently, we rigorously develop, assign, and
track metrics and KPIs for all of our data governance actions and activities. We communicate
these through dashboards built on high-end data visualization techniques and technologies.
These dashboards are used internally by the CDO staff to manage the projects and initiatives.
They are also accessed by the C-suite and executive staff to monitor and demonstrate ROI,
organizational success, and compliance with overall firm strategy and business objectives.
Governance requires more than merely having policies, processes, standards, rules,
procedures, and establishing roles and responsibilities. Effective governance also
requires enforcement of the policies, processes, standards, and rules.
Metrics provide checkpoints along the data governance implementation to ensure
that the processes that have been defined in theory are effective in practice too.
Metrics also help in making mid-course corrections for making improvements to the
existing data governance model.
If metrics are not measured, then it is unlikely that you will discover what is
not working and hence, be unable to limit potential adverse outcomes by making
adjustments or improvements. Metrics create a culture of transparency and account-
ability. The right combination of quantitative and qualitative metrics, and relating
them to business outcomes can help gain continued executive support for your data
governance program. However, identifying, prioritizing, tracking, reporting metrics,
and creating dashboards is a time taking endeavor, and requires management and
financial support.
While data governance programs with no metrics to track value and progress
are generally doomed for failure, as you do not know where you are at with your
data governance implementation, having too many metrics can be overwhelming,
and obscure the important ones and not set you up for success. You should also be
careful to not select vanity metrics that sound and look nice, but add little value.
When it comes to metrics, Scott M. Graffius statement applies –
If you don’t collect any metrics, you’re flying blind. If you collect and focus on too many,
they may be obstructing your field of view.
There is no fixed number that defines the right number of metrics, or too few, or too
many metrics. Organizations differ and one organization’s business needs, objectives,
culture, action plan, and business drivers for data governance is most likely to differ
from another organization’s; hence, the metrics themselves and the approximate
number of metrics that are suitable for one organization for measuring, tracking, and
improving data governance, and demonstrating value may not be suitable for another
organization.
While sample metrics are extremely useful, and can serve as a reference for
organizations venturing into the world of data governance, metrics may have to
be customized or completely new ones may have to be established to deal with an
organization’s unique situation, business needs, and objectives. Also, metric creation
and selection is not a one-off process; it is repetitive and needs to be monitored
and reviewed. As an organization’s business objectives change, its data governance
program will also need to evolve, requiring metrics to be re-assessed and revised,
retired, or even result in the creation of new metrics. The combined set of metrics
that you choose when implementing data governance should create a balanced focus
and direction, while aligning to your desired end objectives defined in your business
case.
References
Ajilitee (2011) Ultimate guide to data governance metrics for health payers. Last accessed 1
June 2018. https://www.ajilitee.com/wp-content/uploads/2011/11/Ultimate-Guide-to-Data-Gov
ernance-Metrics-for-Health-Payers-Ajilitee-November-2011.pdf
Basili V, Caldiera VR, Rombach HD (1994) The goal question metric approach. Last accessed on
10 June 2019 from http://www.cs.umd.edu/~mvz/handouts/gqm.pdf
Chiang Alexander ‘Sandy’ (2011) What is a dashboard? Dashboard in sight. Last accessed 1 Jun,
2018. http://www.dashboardinsight.com/articles/digital-dashboards/fundamentals/what-is-a-das
hboard.aspx
Dennis AL (2017) Data governance program effectiveness by the numbers. Last accessed on 26
Dec 2018 from http://www.dataversity.net/data-governance-program-effectiveness-numbers/
Henderson L (2015) 35 metrics you should use to monitor data governance. DataFloq. Last accessed
1 Jan 2019. https://datafloq.com/read/35-metrics-monitor-data-governance/1601
Jena D (2011) The need for data governance metrics to measure success. Launch Point Blog. https://
launchpointcorporation.com/the-need-for-metrics-based-data-governance/
Krishnan M (2013) Data governance for financial institutions. Capgemini. https://www.capgemini.
com/wp-content/uploads/2017/07/data_governance_for_financial_institutions.pdf
33-6877-4
McAllister Chad TEI 293: FAST Goals for better aligned product projects—with Jeannine Siviy.
The Everyday Innovator Podcast, Last accessed Jan 1, 2021. https://productinnovationeducators.
com/blog/tei-293-fast-goals-for-better-aligned-product-projects-with-jeannine-siviy/
O’Neal K (2017) Measuring data governance- progress vs. real impact, enterprise data governance
online, First San Francisco Partners, DataGovernanceOnline.com
Ries E (2010) Entrepreneurs: beware of vanity metrics. Harvard Business Review. Last accessed
on 18 Sept 2019 from https://hbr.org/2010/02/entrepreneurs-beware-of-vanity-metrics
Rajan S, Hertzler M (2017) Developing program metrics to demonstrate IG maturity. KPMG.
Last accessed on 27 Dec 2018 from http://armagg.org/images/downloads/2017_Presentations/
kpmg_pge_sf_arma_presentation_on_ig_metrics___nov_15_2017_rajan_and_hert....pdf
Sarsfield S (2009) The data governance imperative, it governance ltd, ISBN: 1849280126
9781849280129
Siviy J, Ismail N, What is your strategy? The FAST Goals© Methodology. SDLC Partners Insight
Siviy J, Kirwan P, Marino L, Morley J (2008) Strategic technology selection and classification in
multimodel environments. White Paper, Copyright 2008 Carnegie Mellon University
Siviy J (2017) Healthcare solutions: innovation vs. efficiency. SDLC Webinar
Smith A-M (2016) Identifying business value for data governance and data stewardship. EW Solu-
tions. Last accessed 1 Jun 2018. https://www.ewsolutions.com/identifying-business-value-data-
governance-data-stewardship/
TechTarget and RSD. Information governance strategy: Developing a roadmap and structure
for improving corporate information management, SearchContentManagement.com E-Book,
TechTarget. Last accessed on 22 Dec 2018. Information governance strategy: http://docs.media.
bitpipe.com/io_25x/io_25448/item_394579/RSD_sContentManagement_SO%23033718_E-
Book_053111.pdf
Willcocks L, Lester S (1996) Beyond the IT productivity paradox. Eur Manage J 14(3):279–290.
https://EconPapers.repec.org/RePEc:eee:eurman:v:14:y:1996:i:3:p:279-290
Chapter 7
Data Governance Success—Concluding
Thoughts and the Way Forward
If you can’t fly then run, if you can’t run then walk, if you can’t
walk then crawl, but whatever you do you have to keep moving
forward.
—Martin Luther King Jr.
Abstract Data governance is transpiring as a key success factor in not only data
centric organizations such as finance and professional services, but also in organi-
zations that seem to be less data centric, such as manufacturing and utilities. This is
because data is important in every organization irrespective of the industry sector,
and data governance ensures that data is treated as an asset. This chapter discusses
data governance as a key success factor and the various aspects of data governance
success in a nutshell.
7.1 Data Governance—A Success Factor
Data governance is transpiring as a key success factor in not only data centric organi-
zations such as finance and professional services, but also in organizations that seem
to be less data centric, such as manufacturing and utilities. This is because data is
important in every organization irrespective of the industry sector, and data gover-
nance ensures that data is treated as an asset. As reinforced by Christopher Butler,
CDO, HSBC, UK and George Firican, Director of Data Governance & Business
Intelligence at UBC DAE and Founder of www.lightsondata.com.
Christopher Butler: “The one thing for certain is that data will become more and
more important as a differentiator for businesses going forward. Data governance is
at the heart of whether an organization will be in a position to benefit from its data.”
George Firican: “Data is an important asset and always needs to be treated and
managed as such. Data governance programs are essential in managing this asset.
After all, the engine for economic growth is no longer fueled by gasoline but more
and more by data.”
https://doi.org/10.1007/978-981-16-5086-4_7
198 7 Data Governance Success—Concluding …
However, many organizations still fail to realize the strategic value of data and
hence, also fail to realize the value of investing in data governance. A key to over-
coming this challenge is to map the corporate objectives to the underlying data in
the organization, and outline the data requirements to meet these corporate objec-
tives. It is important to assess the current state of data and data governance, outline
the future state, craft a solid business case for data governance, and create a data
strategy and data governance strategy to ensure executive buy-in of data governance
implementation.
7.2 Data Governance in a Page
Figure 7.1 shows various aspects of data governance and the relations between these
aspects in a page. Data governance objectives is driven by the business objectives.
Business drivers for data governance vary from organization to organization, which
in turn drive the data governance approach. However, business driver is not the only
factor that drives data governance approach, which consists of people, process, and
technology components.
Data governance approach needs to be tailored depending on characteristics
such as organization size, industry sector, geography, organizational goals, business
strategy, business drivers, context, scope, organizational structures, organizational
hierarchies, interactions between different organization teams and groups including
IT and business, data management challenges and opportunities, data landscape with
varying complexities and data volumes, organizational culture, maturity levels, and
circumstances. Hence, the data governance approach is not a “one size fits all”
approach, and needs to be tailored for the specific organization. Essentially the
people, process, and tools and technology components, need to be tailored to the
specific needs of the organization.
It is important to understand the current state, determine the future state, and do
a gap analysis to understand what needs to be done to jump from a lower level of
data governance maturity to a higher level of data governance maturity in line with
satisfying the organization’s strategic business objectives.
Data governance along with other data management functions and initiatives have
an enterprise wide impact. Data governance ties together other data management
functions and initiatives such as data architecture management, data modeling
and design, data quality management (DQM), data security management, data
warehousing and business intelligence (BI) management, data integration and
interoperability (DII), document and content management, metadata management,
reference data management, master data management, data storage and operations,
and big data, data lake and data analytics (Mahanti, 2021b) as shown in Fig. 7.1.
While data governance drivers such as compliance, reputation management,
improving customer satisfaction, better decision making, improving data quality,
data security, data privacy, data analytics, big data, improving operational efficiency,
revenue growth, mergers and acquisitions (M&A), partnering and outsourcing drive
DG key factors
DG drivers
enables
DATA & DATA GOVERNANCE STRATEGY

DG Approach
Highest
7.2 Data Governance in a Page
DG
Business Maturity
Case DG
• Cost Future
DG
• Value
Gap benefits
Leads to
• Risk
Analysis
DG results in
DG
Current
Lowest BLOCK
Maturity OR
SLOW
DG Challenges Ties together
Data management functions

and initiatives
Fig. 7.1 Data governance in a page
199
200 7 Data Governance Success—Concluding …
data governance implementation in an organization, data governance challenges such

as lack of executive and organizational support, resourcing issues, difficulty in getting
executive buy-in, resistance to change and change obstacles, organizational conflicts
and politics, and various false notions around data governance blocks and/or slows
down a data governance program.
It is an unpredictable, competitive and digitized world with rapid changes and
numerous external phenomenon that are out human control, that change the status
quo. Data governance is an enterprise wide program which is very relevant in the high
stakes environment that organizations operate, but needs to be carefully planned to
reap benefits. A number of factors enable the data governance program and drive its
successful implementation in an organization. These factors include leadership and
management commitment and alignment, strong executive sponsorship, strategy and
business case, adequate training and education, organizational change management,
communication and collaboration, skill sets, knowledge and abilities, DG framework,
incremental approach to data governance, and DG tools and technology.
Successful implementation of data governance in organizations results in a number
benefits such as increased operational efficiency, improved data understanding,
improved data lineage, better decision making, and greater data quality, increased
confidence in the data, improved risk mitigation, and cost savings.
7.3 Evaluating Data Governance—The Journey Ahead
With respect to data governance, an organization can have one of the following
scenarios-
1. An organization does not have formal data governance in place.
2. An organization has formal data governance in place, but are uncertain of the
efficiency or benefit.
In the first scenario, an organization that does not have formal data governance,
may still be governing data to some extent informally. In both the scenarios, it is
important to understand what business objectives data governance is expected to
meet, and the data governance maturity. In the first scenario, the organization will
embark on a formal data governance journey based on the business drivers of data
governance and what needs to be done to attain the future state; whereas in the second
scenario, the organization would need to evaluate the data governance metrics too,
in order to assess the DG effectiveness and then adjust its current data governance
direction if needed.
Data governance is a long journey and needs lots of patience, careful planning,
definition and enforcement of roles and responsibilities, processes, and metrics to
define progress and success.
Organizations have struggled to implement data governance in the past, mostly
because of DG challenges, DG misconceptions, limited understanding of the risks
associated with data in organizations, and a lack of knowledge and understanding of
7.3 Evaluating Data Governance–The Journey Ahead 201
the key factors in the successful implementation of data governance. However, data
governance is maturing.
I will conclude this book and this series with the following statement of Dr. John
R. Talburt, Acxiom Chair of Information Quality at the University of Arkansas at
Little Rock, and Lead Consultant for Data Governance and Data Integration with
Noetic Partners Inc. (Mahanti 2021a):
Data governance is clearly growing in adoption and maturing in practice… The first adopters
usually had to make 2, or even 3, attempts before seeing any success. However, like any new
paradigm it takes time to iron out the wrinkles. As more and more organizations imple-
ment DG and share their “lessons learned,” DG practice is improving and success rates are
increasing. We now have good models to follow. It is still a very difficult undertaking but I
see things beginning to get better with fewer failures and restarts.
References
Mahanti R (2021a) Data governance and compliance, Springer Books, Springer, ISBN 978-981-
33-6877-4
Mahanti R (2021b) Data governance and data management, Springer Books, Springer, ISBN 978-
981-16-3583-0
Appendix A
Glossary of Terms
Chief data officer (CDO)

The chief data officer (CDO) is a C-level role to transform the organization into a
data driven organization, with overall accountability for data as an enterprise asset.
Dashboard
A dashboard is a visual representation tool that visually tracks, analyses, consolidates,
and displays metrics and key data points in a way, that is easy for the end-user to
understand and use, and can help monitor the progress and effectiveness of data
governance in your organization.
Data governance
Data governance is the exercise and enforcement of policies, processes, guide-
lines, rules, standards, metrics, controls, decision rights, roles, responsibilities, and
accountabilities to manage data as a strategic enterprise asset.
Data governance framework
The data governance framework is a structure that is designed so that the organizations
can reactively as well as proactively capture and manage data, and also manage the
interactions between different data stakeholders, to ensure that the data is fit for
purpose and meets the need of all the data stakeholders.
Data governance maturity
Data governance maturity relates to the sophistication of processes and structures
to oversee the management of data, and moves from ungoverned data to governed
data with the increasing levels of maturity. Data governance maturity is a metric that
gives an insight into the maturity of data governance in an organization.
© The Editor(s) (if applicable) and The Author(s), under exclusive license 203
to Springer Nature Singapore Pte Ltd. 2021
https://doi.org/10.1007/978-981-16-5086-4
204 Appendix A: Glossary of Terms
Data governance maturity assessment

Data governance maturity assessment is an exercise that you need to carry out in order
to be able to benchmark your capabilities in the current state, determine the current
maturity of your organization’s data governance program by establishing a maturity
level, and establish what level you want to achieve for each of the dimensions.
Data governance operating model
Data governance operating model is the mechanism used by the board and manage-
ment to translate the elements of the data governance framework and data poli-
cies into practices, procedures, and job responsibilities within the data governance
infrastructure.
Data governance strategy
The data governance strategy defines the objectives and desired outcomes of the data
governance program, the scope of the data governance program, the stakeholders,
and the roadmap.
Data ownership
Data ownership is accepting responsibility for the data, taking control, and making
decisions regarding how data is managed, shared, transformed, accessed, and used.
Data stewards
The data stewards are individuals responsible for the day to day management of data
sets in their specific business units or as per their assigned processes.
Data stewardship
Data stewardship is the operational facet of a data governance program that involves
the actual routine work of governing the enterprise’s data (Plotkin 2013).
Data strategy
Data strategy is the vision and actionable foundation for the organization’s ability
to harness data-related or data-dependent capability that helps achieve the strategic
objectives of the organization.
Metric
A metric refers to a standard for measuring something, and creates a culture of
transparency and accountability.
Metric threshold value
Threshold value for a metric is the minimum or maximum acceptable value the metric
can have without adverse impacts.
Reference
1. Plotkin D (2013) Data stewardship, Elsevier Science Publication
Appendix B
Data Governance—Perceptions Versus Realities
Your perception of the world around you is not

necessarily the same as what is actually occurring.
—Peter Ralston
When embarking on a data governance program, you will encounter a rocky road
embedded with both real problems and perceived problems (perceptions). We have
discussed these in the different chapters of this book. It is important to be able to
distinguish between the real problems and the virtual problems to steer the data
governance program in the right direction.
To clarify some of the confusing and conflicting points of understanding on data
governance, we have provided a summarized version of the prevalent perceptions
around data governance alongside an explanation of the facts and realities in the
Table B.1, to provide clarification, better understanding, and guide the reader to
make the right decisions when pursuing a data governance program.
https://doi.org/10.1007/978-981-16-5086-4
206 Appendix B: Data Governance—Perceptions Versus Realities
Table B.1 Data governance perceptions versus the realities

Perception ID Perception Reality
1 Responsibility for data governance Data governance is a shared
lies with IT responsibility
2 Data governance is restricting Good data governance must balance
security, protection, accessibility, and
enablement
3 Data governance is a project/data Data governance is an ongoing process,
governance is an IT project whose life is as long as the business is
running, and technology is supported to
run that business
4 Technology alone can drive data Tools play the role of an enabler and
governance outcomes facilitator in data governance, and
require active participation of human
resources
5 “Data governance” is a synonym for Records management is a key
“records management” component of data governance
6 Data governance is about data storage Data governance is about setting rules,
in a central repository standards, policies, and processes to
oversee the management of data in the
central repository
7 Data governance is metadata Data governance uses metadata
management management to force management and
discipline on the collection and control
of data
8 Data governance is all about While compliance is a trigger for data
compliance governance, data governance results in
increased operational efficiency,
improved data understanding and
lineage, better decision making, and
greater data quality
9 Data governance is only about data Data privacy is one of the focus areas of
privacy data governance
10 Data governance is about Documented policies are a part of data
documented policies governance
11 Data governance is siloed by business Data governance is an enterprise wide
units or departments initiative and should not be siloed, as
data is enterprise asset, and can be
shared by multiple departments or
business units
(continued)
Appendix B: Data Governance—Perceptions Versus Realities 207
Table B.1 (continued)

Perception ID Perception Reality
12 Data governance is a published Published repository of common data
repository of common data definitions definitions is one component of data
governance
13 Data governance is the same as data Better quality data is a key desired
quality result from the implementation of data
governance policies and processes,
whereas data governance is the
comprehensive, strategic, and corporate
vision of recognizing and managing
data as a valued corporate asset
14 Data governance is the same as data Data governance is the policy-making,
management process, and standards framework for
enterprise data while data management
involves the execution of those data
policies, processes, and standards set by
the organization
15 Data governance is the same as Master data management requires the
master data management integration of data governance
throughout the initiative
16 Data governance is the same as Change management is a crucial
change management element in the successful
implementation of data governance
17 Data governance does not work in Data governance can be tailored to be
small organizations/ data governance implemented satisfactorily in
only works for large organizations organizations, irrespective of the size
18 Data governance is simple and Data governance implementation
straightforward to implement involves many business areas and
departments including people, process,
and technology, and involves significant
changes
19 Data governance can be done big Data governance is a time taking
bang endeavor, and should be done
incrementally
20 Data governance is the same as data Data governance is mostly about
stewardship strategy, roles, organization, and
policies, while data stewardship is all
about execution and operationalization
21 The data governance office are the The data governance office (DGO)
data stewards headed by the chief data officer (CDO)
is a support team that facilitates and
co-ordinates activities of the various
data stakeholders such as business data
stewards, technical data stewards, data
owners, and working
groups/committees in a data
governance program
Appendix C
Bibliography
Some books are to be tasted, others to be swallowed, and

some few to be chewed and digested; that is, some books
are to be read only in parts; others to be read, but not
curiously; and some few are to be read wholly, and with
diligence and attention.
— Francis Bacon, The Essays
1. Bhansali N (2013) Data governance: creating value from information assets.

CRC Press
2. DAMA International (2017) DAMA-DMBOK: data management body of
knowledge (2nd ed). Technics Publication
3. Ladley J (2012) Data governance: how to design, deploy and sustain an effec-
tive data governance program (The Morgan Kaufmann Series on Business
Intelligence) 1st edn, Paperback ISBN: 9780124158290
4. Mahanti R (2019) Data quality: dimensions, measurement, strategy, manage-
ment and governance. Quality Press, ASQ, ISBN:9780873899772
5. Mahanti R (2021a) Data governance and data management, Springer Books,
Springer, ISBN: 9789811635823
6. Mahanti R (2021b) Data governance and compliance, Springer Books, Springer,
ISBN: 9789813368774
7. Robert S (2014) Seiner, 2014. Technics Publications, Non-Invasive Data
Governance
8. Sebastian-Coleman L (2018) Navigating the Labyrinth. Technics Publications
https://doi.org/10.1007/978-981-16-5086-4
Index
A C. Lwanga Yonke, 43
Activity matrix, 139 CMM model. See Capability Maturity
Amitech, 8 Model
Analise Polsky, 144 Collaboration challenges, 14
Analytics, 3 Communication and collaboration, 50
Andres Perez, 19, 30, 36, 45, 57, 143 Communication plan, 50, 52, 57
Anne Marie Smith, 144, 149 Communication strategy and plan, 50
Aristotle, 62 Complex data landscape, 14
Ashish Haruray, 17 Complexity of the data landscape, 10
Compliance, 3, 24, 49, 61, 164
GDPR, 136
B Conflicting requirements, 58, 59
Becky Metivier, 150 Connotations, 16
Benchmarking tool, 117 Controls, 21
Big bang, 26, 27 Corporate objectives, 68, 75–77
Big bang approach, 39 Corporate strategy, 68, 69, 75, 76
Big data, 2 Cost, 86
Business case, 84 Cost buckets, 86
Business glossary, 159 Cost estimation, 86
Business involvement, 15 Costs and budgets, 18
Critical assets, 76
Critical data, 8, 13
C Critical data domains, 88, 89
Cannae, 74 Critical data elements, 13, 88–90
Capability Maturity Model.. See also CMM Critical data sets, 88, 89
model Cross-functional, 38
Carnegie Mellon University, 102 Crowdsourcing, 164
CDO role, 93 Cultural changes, 19, 43, 124
Change, 19, 28 Culture, 13, 31, 42–44
Change management, 26, 43, 44 Culture change, 19, 43
Change management models, 45 Current state, 72
Change obstacles, 19 CVS Health, 19, 20, 43, 169
Chief data office, 91
Chief Data Officer (CDO), 91–94
Chief Information Officer (CIO), 92 D
Christopher Butler, 8, 94, 194, 197 Daniell, 72
https://doi.org/10.1007/978-981-16-5086-4
212 Index
Dan Power, 16, 30, 142 Data governance maturity models, 70, 81,
Dashboard, 192–194 102, 116, 125
Dashboards and scorecards, 192 DataFlux, 105, 106
Dashboard vendors, 193 dimensions, 118, 120
Data, 3, 67, 76, 168, 197 IBM, 105, 116
Data access, 153, 154 Data governance council maturity
Data architecture—data access and security, model, 116
122 Informatica, 105, 113
maturity, 122 Kalido, 104, 105
Data architecture and modeling, 2 metamodel, 102
Data centric, 197 elements, 102
Data compliance, 121 Microsoft, 105, 108
maturity, 121 Oracle, 105, 115
Data consumer, 135 Data governance metrics, 168, 175, 177
Data custodians, 136 Data governance metrics – health check, 174
Data domain, 88 Data governance model, 42
Data driven culture, 31 Data Governance Office (DGO), 27, 139
Data facilitator, 136 Data governance lead, 139
Data governance, 1, 3, 5, 7, 8, 13–15, 21, 22, structure, 139
24, 28, 30, 31, 35–37, 41, 43, 50, 59, Data governance operating models, 36, 55,
68, 69, 78, 93, 127, 149, 197, 200, 160
203 definition, 160
benefits, 200 factors to consider, 160
types, 161
challenges, 200
Centralized model, 162
drivers, 198
Crowdsourced model, 164
high level components, 133
Decentralized model, 163
impacts, 129
Federated model, 163
interactions and relationships, 133
Hybrid model, 163
scenarios, 200
Top down model, 161
Data governance and change management,
Data governance or information governance,
25
16
Data governance business case, 82, 83 Data governance people metrics, 183
Data governance capabilities, 88 Data governance perceptions, 21
Data governance challenges and barriers, 11 Data governance pilot, 90
Data governance communication plan, 50 Data governance policies, 37
Data governance council, 137 Data governance process metrics, 185
Data governance failures, 7 Data governance progress metrics, 182
Data governance framework, 36, 131, 132 Data governance roadmap, 87, 88
DGI data governance framework Data governance roles, 58
components, 132 Data governance semantics, 16
factors to consider, 131 Data governance stakeholders, 168
Data governance implementation Data governance steering committee, 81
one size fits all approach, 198 Data governance strategy, 33, 34, 68, 79–81
Data governance in a page, 199 Data governance strategy creation, 81
Data Governance Institute, The, 50, 132 Data governance strategy map, 81
Data governance key factors model, 29 Data governance strategy – the five Ws and
Data governance maturity, 100, 120, 190, how, 80
198. See also DG maturity Data governance success
Data governance maturity assessment, 70, key factors, 200
119, 125 Data Governance Success: Growing and
example, 123 Sustaining Data Governance, xiii
Data governance maturity levels, 72 Data governance technology metrics, 186
Index 213
Data governance tools, 38 number of data stewards, 142, 146

Data governance verification metrics, 182 Data stewards and data custodians, 136
Data Influencer, 136 Data stewardship, 27, 41, 142–144
Data integration, 2, 155 definition, 121
Data lakes, 2 failure, 143, 144
Data landscape, 10, 13, 144 maturity, 121
Data life cycle, 156 Data stewardship and data governance, 27
Data management, 1, 21, 28 Data Stewardship Council, 137
Data Management Association, 90 Data stewardship models, 145
Data management discipline, 1 Data steward by business process model,
Data management functions, 198 146
Data management related misconceptions, Data steward by function model, 146
27 Data steward by project model, 147
Data mapping documents, 13 Data steward by subject area model, 145
Data metrics, 186 Data steward by systems model, 147
Data models, 13 Data strategy, 68, 69, 76–78
Data owners, 58, 135 Data usage, 13, 154
Data ownership, 121, 140, 141 Data warehousing, 2
data owners, 141 David Plotkin, 142
definition, 141 DG business case building blocks, 83
maturity, 121 DG functional titles, 135, 136
Data owner versus data steward, 143 DGI data governance framework, 132
Data policies, 149, 150 DG maturity. See Data governance maturity
data access policies, 153, 154 DG program structures and bodies, 138
data classification policy, 153 Digital, 3
data governance structure policy, 153 Diversified data environment, 14
data integration policy, 155 Document and content management, 2
data quality policy, 155 Dollar Shave Club, 74, 75
data records management policy, 155 Dylan Jones, 35
data retention policy, 154
data usage policy, 154
E
maturity, 120
Education and training approaches, 49
Data privacy, 24 Efficiency metrics, 188
Data producer, 133, 135 Elait Australia, 50, 164
Data Protection Officer, 136 Enablement, 68
Data publisher, 133, 135 Enforcement metrics, 190
Data quality Erwin, 18
discipline, 122 Erwin and UBM, 16
DQ Issue log, 124 Executive buy-in, 18
maturity, 122 Executive sponsor, 18, 32, 33
Data quality dimensions and metrics, 187 Executive sponsorship, 62
Data quality metrics, 186 Executive steering committee, 137
Data revolution, 91 Experian, 141
Data Savvy Manager, 136 Experian and UBM, 68
Data shadow systems, 13
Data silos, 14, 15
Data stakeholders, 131 F
Data standards, 159 Facebook, 74
examples, 159 FAST Goals approach, 182
maturity, 120 Feedback mechanism, 42
standardization of addresses, 159 Financial data domain, 89
Data steward and the data owner, 148 First San Francisco Partners, 168, 169
Data stewards, 14, 135, 137, 142–144 Formal governance strategy, 68
214 Index
Framework, 131 Kim Jackson, 128

Framework for Enterprise Architecture, The, Knowledge, skills, and abilities, 34
75 Knowledge, skills, and expertise, 34
G L
Gartner, 7, 168 Laura Sebastian-Coleman, 19, 20, 43, 77,
George Firican, 36, 96, 126, 136, 161, 197 169
Gillette, 74, 75 Leaders and management, 31
GlaxoSmithKline, 93 Leadership, 28, 30
Governance operating model, 160 Leadership and management, 28, 30
definition, 160 Legislations, 54
Governance organization structures, 36 Lessons learned, 57
Gray Matter Analytics, 19, 95, 125, 141 Lestoil, 74
Gwen Thomas, 50, 139 Lewis Carroll, 87
Liddell and Scott, 72
Lightsondata.com, 136
H Linguistic barriers, 14
Hannibal, 74 LinkedIn, 17
Henry Mintzberg, 72
High priority scope items, 90
HIPAA, 89
M
HSBC, UK, 8, 94, 194, 197
Mahesh Krishnan, 188
Mark Ramsey, 93
Master data management, 2
I
single version of truth, 2
Impact/value metrics, 183
Importance of strategy, 74 Master Systems Inc., 9
Incremental approach, 39 Maturity, 99
Inderpal Bhandari, 93 Maturity assessment exercise, 72
Information governance survey, 7 Maturity level, 47
Information Technology Partners, 139 Maturity models, 100
IRM Consulting, Ltd. Co., 19, 30, 36, 45, 57, structure, 101
143 Measurement, 39, 168
Measurement framework, 40
Memorial Sloan Kettering Cancer Center, 93
J Metadata, 2
Jacob Borowsky, 74 definition, 122
Jeannine Siviy, 182 maturity, 122
Jeff Howe, 164 Metrics, 39, 40, 60, 62, 168
Jill Dyché, 35, 36, 42, 60, 68, 77, 96, 161 Mission translation, 75
Jill Dyché, LLC., 35, 36, 42, 161 Morris Chang, 96
John A. Zachman, 125. See also John Multiple versions of truth, 14
Zachman Mustimuhw Information Solutions Inc., 132
John Gallant and Kevin Fleet, 77 MySpace, 74
John R. Talburt, 201. See also John Talburt
John Talburt, 57, 63, 81, 91, 94, 168, 182,
183 N
John Zachman, 75 Nancy Couture, 8
Nicola Askham, 150
Noetic Partners Inc., 15, 57, 81, 168, 182,
K 201
Kelle O’Neal, 168, 169 Non-disruptive, 55
Kimberley Nevala, 60 Non-invasive, 55
Index 215
O Regulations, 61
OCM factors, 41 Regulators, 61
Once bitten, twice shy syndrome, 17 Regulatory requirements, 61
One size fits all, 45, 53, 95, 178 Resistance to change, 19
Operating model, 160 Responsible, Accountable, Consulted,
Organizational, 36 Informed (RACI), 57
Organizational change management, 28, 41 Richard Inserro, 78
Organizational conflict, 20 Ries, 173
Organizational culture, 20, 95 Risk, 84
Overlapping functions, 41 Risk factors, 84
Ownership, 140 Roadmap, 39, 77, 87, 88
Oxford dictionary, 131 Robert S. Seiner, 60, 85
Rob Karel, 157
Root cause, 13
P
Paul Barth, 78
Personally Identifiable information, 47 S
Peter Drucker, 39, 43, 44, 167 Scope of the chief data office, 91
Philip Russom, 52 Scorecards, 193
Phil Watt, 50, 164 Scott Baret, 160
Pilot phase, 88 Secondary domains, 89
Plug and play, 38 Segregation of duties, 57
Porsche, 74 Senior management, 31
PricewaterhouseCoopers, 78, 194. See also Shannon Fuller, 19, 20, 95, 125, 141
PwC Soft skills, 34, 35
Proactive communication, 52 Software Engineering Institute, 102
Processes, 156 Software process maturity, 99
controls, 156 Stakeholder coverage, 41
automated controls, 157 Stakeholder engagement and managment,
manual controls, 156 28, 41
validation controls, 156 Stakeholders, 37, 41, 42, 50
data principles, 149 Stanford University, 132
examples, 149 Stan Rifkin, 9
guidelines, 155 Stephen Covey, 78
processes versus procedures, 157 Strategic enterprise asset, 13
risk, 156 Strategic roadmap, 34
rules, 159 Strategy, 28, 68, 72, 74, 75
Project, 22 Strategy and execution, 28, 33
Proof of concept, 56 Strategy execution, 68
Providence St. Joseph Health, 128 Strategy mapping technique, 68, 77
PwC. See PricewaterhouseCoopers Stu Gardos, 93
Subject matter experts, 14
Success stories, 57
Q Sunil Soares, 93
Qualitative metrics, 180 Support and commitment, 30
Qualitative people metrics, 184 Svetlana Sicular, 32, 39
Quantitative metrics, 180 Swati Consultancy Pty Ltd, 21
Symantec’s 2014, 7
R
Ramesh Dontha, 77 T
Readiness assessment, 70 Target state, 72
Reference data, 2 Teamwork, 52, 53
Reference data management, 2 Technical business analyst, 13
216 Index
Technical data debt, 186 project data stewards, 147

Technical skills, 34 technical data stewards, 147
Technology, 24
Technology and tools, 24
Technopedia, 132 U
Ted Friedman, 168 UBC DAE, 36, 126, 161, 197
Threshold, 175, 177 University of Arkansas, 15, 57, 81, 168, 182,
Tick box approach, 61 201
Tony Epler, 167, 168, 194
Tools and technology, 38
Training, 47, 49 V
Training and education, 45 Value, 84
Types of data stewards, 147 Varun Pant, 21
business data stewards, 147
chief data steward, 147
coordinating data steward, 147 W
data domain stewards, 145 Walmart, 74
data object stewards, 145 Warning signs, 60
enterprise data steward, 147
executive data steward, 147
operational data steward, 147 Z
process data stewards, 147 “Zachman Framework”, The, 75, 125
process stewards, 146 Zachman International, 75, 125

Data Governance Sucess

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Data Governance Sucess

Uploaded by

Copyright:

Available Formats

Data Governance: The Way Forward

Data Governance Success

ISBN 978-981-16-5085-7 ISBN 978-981-16-5086-4 (eBook)

To my teachers and mentors,

Hingham, USA Dan Power

There are no secrets to success. It is the result of preparation,

This book contains seven chapters as follows:

Strathfield, Australia Rupa Mahanti

1 Data Governance Journey—Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 1

2.5.2 Adopt a Non-invasive and Non-disruptive Approach . . . . 55

4 Data Governance Maturity Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

6 Data Governance—Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

Appendix A: Glossary of Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Rupa Mahanti, Ph.D. is a Business and Information Management consultant with

RACI Responsible, Accountable, Consulted, Informed

Fig. 1.1 Data governance tying together the data management

Fig. 5.6 DG program structures and bodies . . . . . . . . . . . . . . . . . . . . . . . . . 138

Table 2.1 Data governance communication plan template

Success is a journey, not a destination. The doing is often more

1.1 Data Governance

Data governance is the exercise and enforcement of policies, processes, guide-

1.2 Data Management Discipline

1.3 Data and Its Governance

education and training, communication and collaboration, data governance tools

Before anything else, preparation is the key to success.

Abstract Implementing data governance is not rocket science. However, it does

What are the various

Fig. 2.1 Data governance—questions to ponder

• What is it that makes data governance so challenging?

2.2 Data Governance Failures

2.3 Data Governance—Perceptions and Challenges

Organizations struggle to implement data governance and face numerous challenges,

- DataMart - Source System

- IT Application/ Systems - Legacy System

- Data flowing between systems

- Manual Report - System Generated Report

Fig. 2.2 Journey of data

2.3.1 Vastness and Complexity of the Data Landscape

Bringing IT & business

Resistance to change DG Individuals needed on

Lack of executive & Data governance

DG perceptions & DG has a bad

Fig. 2.3 Data governance challenges and barriers

Order XML file

Product Web server

Fig. 2.4 Countless data stores

2.3.2 Data and Data Governance not Priorities

2.3.3 Individuals Needed on Data Governance are in High

2.3.4 Collaboration Challenges

2.3.4.1 Data Silos and Departmental Barriers

Most organizations have a complex data landscape with a lot of departmental

2.3.4.2 Getting Business and IT Teams Together

Successful and sustained data governance implementation in an organization requires

In order to be successful, the IT and business departments of an organization

2.3.5 Data Governance Connotations

2.3.5.1 Incomplete Understanding of the Term

2.3.5.2 Data Governance Semantics

2.3.5.3 Data Governance Has a Bad Reputation

2.3.6 Executive Buy-in and Lack of Executive

2.3.7 Costs and Budgets

2.3.8 Organizational Culture, Politics, and Conflicts

Any enterprise-wide initiative which involves significant organizational changes will

2.3.8.1 Resistance to Change and Change Obstacles

Data governance implementation necessitates changes on many different levels in