Data governance frameworks play a critical role in helping organizations use their data assets to their fullest potential. They provide direction and structure for how an organization can collect, store, and utilize data while ensuring compliance with laws and regulations.

Here are the key takeaways from this article:

  • Strategic plans and controls are necessary to provide fruitful governance efforts.
  • The exploration phase involves creating a data governance council to implement governance in critical areas.
  • The expansion phase is focused on scaling up the efforts to automate data quality management.
  • The transformation phase optimizes the governance program per the needs.

In this article, we will uncover several data governance frameworks available. By understanding these frameworks and the offerings they bring, organizations can make informed decisions on how to create a data governance program that works for them.

Table of Contents


Rising concerns around data security and privacy, along with the benefits of data quality, are compelling organizations to leverage the power of strong and sustainable data governance frameworks.

Indeed, around 75% of US adults believe that there should be more regulation around data privacy, while 28% face identity theft issues

It is no surprise that these sentiments are the driving force for increasing data regulations such as General Data Protection Regulation (GDPR). Such privacy laws may distort an organization’s data collection and storage processes, reducing the number of data sources available. 

Further, Gartner reports that organizations incur a cost of USD 12.9 million annually due to low-quality data.

The following article explains the most common data governance frameworks that organizations can use to deal with such issues.

DGI Data Governance Framework

The Data Governance Institute (DGI) defines data governance as exercising decision-making and authority over data-related issues. As such, the goals of data governance include improving decision-making, reducing operational inefficiencies, protecting stakeholders, reducing costs, and training staff while building transparent processes and standards.

To this end, DGI suggests that a data governance program should address the following components:

Value Statement: the framework should have a clear value statement highlighting the framework's mission, vision, and business value.

Goals and Metrics: Organizations should create goals that support the value statement and the relevant metrics to measure them. 

Data Rules: Organizations should develop appropriate policies, data definitions, business glossaries, and compliance requirements.

Decision Rights: Organizations should also determine who makes the decisions regarding data rules. Should it be more autocratic, or should it involve different teams in the company? All of this will form the metadata of decision rights.

Accountability: Next, the data governance program should clearly define who is accountable for what activities to streamline data workflows. The framework should then address issues regarding risk management.

Controls: Proper standards should govern data collection, storage, usability, and flow. 

People: Then comes the people involved in the program. They may include data stakeholders, stewards, and a data governance office that enforces and facilitates the governance efforts.

Processes: Lastly, the program should have a clear set of standardized, documented, and repeatable processes to support data management, data security, and access control.

The DGI framework is quite comprehensive in its recommendations and takes a pragmatic approach to build a governance program from the ground up. This is beneficial for organizations developing a framework from scratch.

McKinsey–Designing data governance that delivers value

McKinsey's data governance framework focuses more on organizing people correctly rather than processes or technology. Essentially, McKinsey suggests that an effective program requires buy-in from the senior executive team.

The governance structure consists of a data management office (DMO), a data council, and data leadership by domain. 

Data Management Office: The Chief Data Officer (CDO) heads the DMO to develop the overall data governance strategy and direction of the governance initiative. In addition, The DMO is responsible for devising data governance policies and standards, providing data owners with training and data governance tools, coordinating efforts along the data lifecycle, and facilitating the resolution of issues.

Data Leadership By Domain: The data leadership by domain consists of data owners and subject-matter experts who execute the policies and standards developed by the DMO. They are responsible for managing data quality, developing data dictionaries, and meeting the needs of the data consumers.

Data Council: Finally, the data council acts as a liaison between the DMO and domain leaders, tying the strategies with business goals and defining the structure of the DMO. It also enforces the standards and monitors the progress of governance efforts while approving funding requests.

Best Practices: McKinsey suggests some best governance practices. These include integrating governance efforts with significant business projects, prioritizing certain data assets, and developing an iterative program that balances data access and regulation.

Mckinsey’s framework is more suited to larger enterprises that may already have the people with the relevant expertise. They can then use the framework to organize the people correctly.

BCG Data Governance Framework

The Boston Consulting Group (BCG) governance framework consists of four core components. Data Structures, Policies, Tools, and Data Organization Participants and Target Operating Model (TOM).

Data Structures: Like the frameworks above, data structures involve developing data catalogs, models, and flows to create a standard set of data definitions for ensuring data consistency across data sets. More specifically, data structures involve a comprehensive data glossary containing the definition of each data term, data domain, and data owner for maintaining data quality and metadata management, along with data flows for tracking data lineage.

Data Policies: Data Policies include developing standards for ensuring data quality and security.

Data Tools: Also, organizations must figure out the right data tools and applications to automate data governance procedures. They may initially use simple tools like spreadsheets. But as the company expands, more sophisticated tools become necessary.

Data Organization Participants: Finally, like McKinsey's model, data organization participants include a DMO headed by the CDO and data stewards, owners, and custodians. 

TOM: The TOM can either be a fully centralized model or a completely decentralized one. However, BCG suggests organizations start with a federated model where the CDO acts as the "doer," directly managing data operations. However, as data governance matures, the CDO can take a more facilitating role where the domain teams have full data ownership.

BCG’s framework is quite similar to DGIs, but not as comprehensive. However, the TOM component makes the BCG framework stand out. Organizations already at some stage of building the governance process can take guidance from the framework to move forward in the right direction.


The DAMA Data Management Book of Knowledge (DAMA-DMBOK) defines a comprehensive governance framework consisting of 10 functions. DAMA- DMBOK defines a data management framework within which data governance forms one of the functions.

Data Governance: In principle, data governance is central in the framework around nine other functions. Data governance, in turn, is defined as the control and planning of data management.

Control deals with supervising staff, business processes, coordinating data governance activities, etc. At the same time, planning involves creating data policies, establishing data stewardship, and data asset value.

Data Architecture Management: The second function covers the development and maintenance of enterprise data models, business intelligence architecture, metadata architecture, and business taxonomies.

Data Development: the data development function deals with creating data models, data design in databases, data integration, etc., quality management in the form of standards, and data implementation related to deployment issues.

Database Operations Management: Next in line is database operations management, which involves designing the entire data flow for both structured and unstructured data, from the data collection phase to the data archival or disposal phases.

Data Security: data security management component addresses the issue of planning and developing security standards, managing users, passwords, procedures, etc.

Reference and Master Data Management (MDM): Reference and MDM consist of understanding, identifying, developing, and implementing the architecture of master data integration to establish a clean version of the master data for accurate referencing.

Data Warehouse and Business Intelligence (BI): Next comes data warehouse and BI management, which may involve creating a data ecosystem that supports easy analysis and querying of big data.

Documentation, Metadata, and Data Quality Management: The eighth is managing documentation and content, whereas the ninth deals with managing metadata. Finally, the tenth function includes developing data quality metrics to measure and improve the organization's data.

The DAMA-DMBOK focuses more on overall data management than just data governance. Organizations that want to combine their data management efforts with data governance organically can refer to this framework for guidance.

Eckerson Group–The Path to Modern Data Governance

The data governance framework by the Eckerson Group consists of six layers with a total of 36 components. The layers relate to goals, methods, people, processes, technology, and culture.

Goals: The goals layer addresses issues like developing the goals of the governance program, establishing the metrics to measure them, and building measurement processes.

Methods: The methods layer includes reviewing policies, implementing guides, coaching sessions, and designing guardrails.

People: The people's layer concerns identifying and engaging with sponsors, including the executive team, data owners, data stewards, data consumers, and other data stakeholders.

Processes: The processes layer involves efforts to automate management processes. Also, it consists in developing data quality protocols and defining metrics to measure the success of data governance.

Technology: The technology layer covers the tools used for data governance. These tools can be third-party applications that help implement a data-driven approach to data governance.

Culture: Finally, the culture layer involves identifying and implementing the cultural attributes that would facilitate making data governance a success.

The benefit of Eckerson’s framework lies in its simplicity and versatility. This is because organizations can choose which components to address within each layer and combine components from different layers to build their programs to suit their culture.

PwC Enterprise Data Governance Framework

The PwCs data governance framework consists of five broad components. These are data governance strategy, enterprise data management, data lifecycle management, data stewardship, core functions, and data governance enablers.

Data Governance Strategy: Like the frameworks above, the data governance strategy framework deals with defining the business goals and establishing corresponding metrics to measure progress.

Enterprise Data Management: The enterprise data management component emphasizes the need for developing systems for managing metadata, data models, data integration, data analytics, etc.

Data Lifecycle: Data lifecycle management is the management of data as it flows through collection till archival or disposal.

Data Stewardship: The data stewardship and core functions cover managing and supervising day-to-day activities for maintaining data quality, lineage, and security.

Data Governance Enablers: Data governance enablers identify the gaps in the current data ecosystem and assess the current level of maturity. Organizations can then work on creating a tailored information governance solution that brings value to the business.

PWC’s framework does not go into the granularity of data governance. As such, this framework is suited to organizations where data governance already exists in some form. They can mold their existing programs according to PWC’s principles for more effectiveness.

SAS Data Governance Framework: A Blueprint for Success

The SAS Data Governance Framework takes a holistic and pragmatic approach, covering almost every aspect of data management while considering the challenges organizations encounter when implementing a governance program.

Corporate Drivers: For starters, the Corporate Drivers part is the top component of the framework and says that the governance framework should address significant business problems.

Data Governance: The data governance component consists of four sub-components: Program Objectives, Guiding Principles, Decision-Making Bodies, and Decision Rights.

    • Program Objectives: Program Objectives deal with identifying the framework's goals that align with corporate objectives and establishing metrics for measurement.

    • Guiding Principles: Guiding Principles drive the framework's direction to ensure the program supports the company's culture and business goals

    • Decision-Making Bodies: The Decision-Making bodies include the relevant stakeholders who actively participate in deciding the principles and standards for data. 

    • Decision Rights: Finally, the Decision Rights sub-component defines who is responsible and accountable for data governance activities.

Data Stewardship and Management: The other significant components are Data Stewardship and Data Management. They involve data stewards managing day-to-day activities around data quality, architecture, security, metadata, and the overall data lifecycle.

People, Processes, and Technology: Then come the components of People, Processes, and Technology, which deal with finding the right people to define measurable policies and implement them through appropriate technological solutions. The solutions, in turn, can be applications that help in data preparation, data monitoring, data visualization, data integration, etc.

The SAS framework is, again, pretty comprehensive. The advantage of using this framework is that it helps tie data governance efforts to corporate goals rigorously. Organizations can use this to get executive buy-in for governance initiatives

Data Governance With Oracle

Oracle's data governance framework considers the current maturity and takes a phased approach to governance. 

Goals: The starting point is the development of governance goals that include defining policies, strategies, and metrics and tracking compliance with the defined standards.

Deliverables: Data governance deliverables include policies, standards, resolved issues, high-quality data, and a sense of value around the data assets

Focus Areas: Also, the framework suggests four focus areas around which organizations need to design their policies.

    • Policies and Standards: First is a core focus on policies and standards. In this case, the aim is to implement an enterprise data architecture and break departmental silos to create a shared environment. However, the focus can be on data quality. In this case, the aim is to optimize the usability of data sources among teams.

    • Privacy and Compliance: Other areas include a focus on privacy and compliance. Here, the governance framework comes out as a need to address data regulations. 

    • Data Architecture: In contrast, focusing on data architecture emphasizes increasing operational efficiency through data. 

    • Business Intelligence (BI): Lastly, the framework can focus on BI systems to ensure that the new project provides value.

Strategic Plan and Controls: Once an organization sets a focus area, it should develop a strategic plan while implementing control mechanisms to ensure fruitful governance efforts. This step should include creating metrics to measure data value, achievement of targets, costs, etc.

Exploration Phase: After this, the organization should start with an exploration phase by establishing a data governance council to implement governance in critical areas.

Expansion Phase: Next comes the expansion phase, where the focus is to scale up the efforts to automate data quality management. 

Transformation Phase: Last comes the transformation phase, where the focus is to optimize the governance program per the needs.

Oracle’s phased approach to data governance makes the framework suitable for organizations with some already existing frameworks. Once they determine their maturity, organizations can define a focus area and then explore, expand, and transform accordingly.

Which Data Governance Framework Should I Follow?

Data governance will become a core competency soon, and the above frameworks offer different ways of developing effective data governance. However, there is no one ideal framework. The question of which framework an organization should choose comes down to what it requires and where it currently stands.

Suppose the organization is concerned about data regulations. In that case, it should choose a framework with a strong focus on processes that provides clear guidance on developing policies and standards. However, a framework that offers clear data quality management guidelines might be helpful for organizations that want to use its data assets for machine-learning projects.

So identifying the right platform is a matter of which problem a business is trying to solve. Of course, the nature of the business's industry and the type of product or service can have a significant influence.

Data Governance with 

No matter the governance framework, it will always include the dimensions of people, processes, and technology. A productive framework would then involve the right technology to ensure process compliance.

One significant step in data processing involves Extract, Transform and Load (ETL) activities. lets organizations simplify data flows, offering low code transformations while giving them the flexibility to write custom ETL scripts. It also helps in combining different data sources into one and ensures consistency.

Talk to one of our experts now and maximize the value of your data assets.