Data governance (DG) is the overall management of the availability, usability, integrity and security of data used in an enterprise. A sound data governance program includes a governing body or council, a defined set of procedures and a plan to execute those procedures.
The initial step in implementing a data governance framework involves defining the owners or custodians of the data assets in the enterprise. This role is called data stewardship.
Processes must then be defined to effectively cover how the data will be stored, archived, backed up and protected from mishaps, theft or attacks. A set of standards and procedures must be developed that defines how the data is to be used by authorized personnel. Moreover, a set of controls and audit procedures must be put into place that ensures ongoing compliance with internal data policies and external government regulations, and that guarantees data is used in a consistent manner across multiple enterprise applications.
Once an overarching strategy is defined and data owners and custodians are identified, data governance teams are often formed to implement policies and procedures for handling data. These teams can comprise business managers, data managers and staff, as well as end users familiar with relevant data domains within the organization. Associations dedicated to promoting best practices in such data governance processes include the Data Governance Institute, the Data Management Association (DAMA) and the Data Governance Professionals Organization
Often, the early steps in data governance efforts can be the most difficult, as it is characteristic that different parts of an organization have diverging views of key enterprise data entities -- such as customer or product; these differences must effectively be resolved as part of the data governance process. To the extent that data governance may impose strictures on how data is handled, it can become controversial in organizations.
Data governance is a particularly important component of mergers and acquisitions, business process management, legacy modernization, financial and regulatory compliance, credit risk management, analytics, business intelligence applications, data warehouses, and data lakes.