Glossary

Data governance

Data governance is the set of rules, roles and processes an organisation uses to control how its data is collected, stored, used, shared and protected. It sets who is accountable for data quality and security, and how decisions about data get made.

Last updated

Part of our topic guide on AI Governance & Data Strategy.

Data governance is the set of rules, roles and processes an organisation uses to control how its data is collected, stored, used, shared and protected. It sets who is accountable for data quality and security, and how decisions about data get made.

Why it matters

Get this wrong and everything downstream suffers: reports that don't match, duplicate customer records, nobody quite sure who's allowed to touch what. Get it right and every dashboard, model and decision built on top of that data is something people can actually trust.

Our view is that governance fails less often on policy and more often on people — a document sits in a wiki nobody reads, while the actual data work happens the way it always has. The fix isn't a longer policy; it's building data literacy into the people who touch the data every day, so the rules become habits rather than a compliance exercise bolted on afterwards. That's also why most data and AI initiatives stall: not for lack of tools, but for lack of the capability to use them well and consistently.

How it works

Good data governance usually covers:

  • Ownership — a named data owner or steward for each key dataset, accountable for its quality and access.
  • Standards — agreed definitions, formats and quality rules, so "customer" or "revenue" means the same thing across every team.
  • Access and security — who can see, edit or export data, and how that's enforced and audited.
  • Lifecycle rules — how long data is kept, when it's archived, and how it's deleted when it should be.
  • Compliance — meeting legal obligations such as the UK GDPR and the Data Protection Act 2018, overseen by the Information Commissioner's Office (ICO).

In practice, most organisations run this through a governance framework — a written set of policies plus a group (often a data governance board or a lead data steward) that keeps them enforced and up to date as the business and its data change.