8 Data Governance Best Practices from Data Leaders

November 2nd, 2021

What is a data catalog? Image of catalogued books in a library

Follow these data governance best practices to implement and run an effective data governance program.

What are data governance best practices?

Data governance best practices make sure that you develop effective data governance programs that will generate real value.

These include measures such as:

  • Establishing a goal that ties to the business goals
  • Understanding regulatory compliance requirements
  • Involving senior leadership
  • Identifying and mapping all the data domains

If you’re wondering whether your data governance program is doing what it’s supposed to, here’s a list of questions to ask that will either ease your mind or add to the anxiety.

Either way, these questions can help you gauge the effectiveness of your data governance program. So, here we go:

  1. What data does your organization have?
  2. Where does this data live?
  3. Where does it flow?
  4. What is it used for?
  5. Who owns that data? Is it IT, business, or both?
  6. Who defines, modifies, and uses that data?

Now, this list can go on and on until kingdom come.

But, the key here is to know what data you have, where it lives, who owns it or handles it, and how it gets used. If you’re unsure about your current data governance program addressing these questions, then what you need are a few data governance best practices to tweak your program and improve its chances of success.

How can data governance be improved?

Every data governance program is ultimately about:

  • Creating value
  • Cutting costs
  • Increasing efficiency
  • Thwarting cyber attacks (to preserve the integrity and privacy of data)

However, achieving these objectives and demonstrating the impact of data governance on revenue or efficiency is a Herculean task.

A top reason — organizations don’t assess, monitor, or measure their data governance systems.

Another reason — the outcomes focus on data and analytics rather than a significant business goal.

So, it’s tough to convince everyone, especially senior leadership, as they don’t see the impact of the data governance investments on business.

It’s common for data governance programs to be fragmented and, as a result, not adopted by the organization as a whole. Here’s how OECD puts it:

Data governance elements are often in place as part of broader digital transformation policies. However, these components can be fragmented, thus reducing their value. A holistic data governance (program) can help.

Lastly, organizations seek a quick fix for their governance woes rather than focusing on a long-term, continuous program. According to Mozilla:

Data governance is the equivalent of a ‘diet and exercise’ prescription for how to solve a digital rights problem - it’s not easy or convenient, but it’s a proven, obvious, and effective way to build legitimacy. By contrast, most of the data economy wants a ‘magic pill’ approach - a box to check to validate whatever their intended use of data is.

That’s why organizations must do four things to improve the outcomes of their data governance programs:

  1. Get buy-in from everyone
  2. Map governance to significant business goals
  3. Ensure collaboration and transparency in everything from data definitions to transformations
  4. Adopt a well-designed data governance framework encompassing the rules, standards, roles, responsibilities, and more

That’s where following a few data governance best practices can help.

8 data governance best practices to follow

1. Have a well-established, measurable, organization-wide goal

As mentioned earlier, a strategic goal must direct the data governance program for it to work. This goal has to be unique to each organization. Otherwise, it becomes a lot like this shepherd and his sheep pointing in different directions.

Have a well-established, measurable, organization-wide goal

Every data governance program needs a direction. Source.

That means having a goal that impacts revenue, growth, efficiency, or risks. So, it all begins by defining your “why” for the program and mapping out ways to measure it.

A good rule of thumb here is to start with the end in mind — identify the data problems that must be removed for the entire organization to derive any value from it, or the business goals that must be met and how data can help meet them.

Here are some examples of goals to get you started:

  1. Business goals:
    • Increase operational efficiency
    • Improve customer satisfaction
    • Increase sales for a certain region
    • Streamline data from mergers and acquisitions and get it ready to use for insights
  2. IT goals:
    • Improve data quality and accuracy so that it’s trustworthy
    • Support business integrations
    • Simplify data migrations

Here’s another (mini) data governance best practice — after mapping the goals, share them with all the stakeholders across the organization and get their support.

2. Understand the rules and regulations for compliance

Different industries come under varying levels of scrutiny.

For instance, banks and pharmaceutical companies have to wade through a sea of regulations, compared to a retail business or a media agency. Similarly, the geographies where you operate also influence the regulatory mandates.

That’s why identifying the regulatory requirements is essential to designing a data governance program that helps meet your goals and complies with regulations.

Here’s a handy graphic from McKinsey explaining the level of sophistication required from a data governance program.

Understand the rules and regulations for compliance

A matrix to decide the level of sophistication needed from a data governance program. Source.

This goes without saying, but you shouldn’t proceed with the nitty-gritties of your governance program without familiarizing yourself with the compliance requirements.

That’s why yet another good practice here is to set up a steering committee —with people from business, IT, legal, and finance — in charge of research and move on to the next stage after they present their findings.

3. Involve C-suite from the beginning

Here’s an excerpt from a McKinsey report on building data governance programs that offer value:

A leading global retailer struggled to extract value from their data. So they embarked on an enterprise-wide analytics transformation journey. A huge part of the journey was investing in educating and involving the entire senior leadership team in data governance. Each executive leader was made in charge of either data domains or business-data subject areas across multiple lines of business.

The result? The C-suite became the champions of the data governance program, speeding up the process of establishing data domains and reducing the time spent cleaning up data assets.

Within months, the retailer could derive value from their data and rely on analytics-driven decision-making.

If you’re still struggling to capture the leadership’s interest, then here’s a great way to begin is by addressing questions such as:

  • What data do you need to meet your KPIs/goals? Do you have a “wish list” of sorts?
  • What challenges do you face with accessing that data seamlessly?
  • How does that impact our product or customer service?
  • What about the operational challenges faced?
  • Are there any significant risks (from a compliance, legal, or security standpoint) to the company because of bad data?

Referring to the business value of data from the beginning, using questions like the ones mentioned above, gets the leadership's attention and helps you design your data governance initiatives more efficiently.

One more thing that matters when dealing with the C-suite is messaging. So, Dataversity recommends best practices for communicating with the management regarding data governance programs and updates.

Involve C-suite from the beginning-1

Getting the senior management on board with the right messaging. Source.

Now, keeping everyone in the loop at all times is also an arduous task. That’s where technology can help. Modern data governance platforms like Atlan are equipped with centralized dashboards to manage access, along with in-built chats and automated reporting.

Involve C-suite from the beginning-2

A single dashboard to manage and monitor data access rights. Image by Atlan

Involve C-suite from the beginning-3

In-built chats to discuss data assets. Image by Atlan

4. Adopt a solid data governance framework

A data governance framework must ensure the proper management of data through its entire life cycle.


Every organization should have a set of rules — policies, standards, controls — describing:

  • How data gets used
  • Who monitors data usage
  • Processes governing data to ensure quality and compliance

That’s why a key data governance best practice is to adopt a comprehensive data governance framework that’s best suited for your organization.

While there are several well-established frameworks out there, you should pick one that matches the needs of your organization. Here’s a handy set of rules to remember while crafting your data governance framework.

Adopt a solid data governance framework

Tips to pick a data governance framework for your organization. Source.

For more on data governance frameworks, check out this article.

5. Identify all the data domains

This (identifying data domains) is a big step -- corralling all the data sets and access points to start thinking about systemic data control points. This step includes mapping out a soup-to-nuts plan to define automated workflow processes, approval thresholds, reviews, issue resolution, and a whole lot more.

- Snowflake

Examples of data domains include sales, finance and accounting, purchasing, and manufacturing.

First, however, it's crucial to spot the data domains that will affect your business goals and identify critical elements within each data domain. That's because critical data typically represents only 10 to 20 percent of total data in most organizations.

Here’s how a North American retailer did it, according to McKinsey:

The company wanted to transform itself with advanced analytics. However, they realized that the current data wasn’t enough. So, they set up a Data Management Office (DMO) and identified ten domains across the enterprise that would affect their governance program. Of these, the company prioritized the deployment of transactional data (logging in-store purchases) and product data (establishing a clear hierarchy of products and their details).

As a result, the retailer fast-tracked the implementation of their top data governance use cases. Once the data domains are mapped, it’s time to chart out the relevant data definitions, standards, usage rules, and more, as provided in the framework.

Once these definitions and rules have been established, technology can help automate several processes, such as cataloging, quality checks, PII classification, and data lineage mapping.

Identify all the data domains-1

Auto-classified PII and sensitive data. Image by Atlan

Identify all the data domains-2

Automatic parsing of SQL queries from the warehouse to map data lineage. Image by Atlan

6. Educate everyone on the importance and benefits of data governance

Good data governance does not happen in isolation. [Instead], it benefits from the adoption of open, inclusive, iterative, collective, and value-based approaches to its definition, implementation, evaluation, and change.

It is also not the responsibility of a small group of people. [On the contrary], it should reflect the needs of a globalized, fast-paced, diverse, digitized and interconnected world.


That applies to businesses too. A data governance program should reflect the needs and objectives of the entire organization. And, it shouldn’t be the responsibility of just one group (like IT).

As we’ve mentioned earlier, the overall goal should tie into the business objectives rather than purely solving the problems of data and analytics teams. That’s why the next step is to encourage collaboration and participation so that data governance becomes an organization-wide mandate.

That requires educating everyone on data governance and getting them on board is vital for the program’s success.

Here’s how McKinsey puts it:

When people are excited and committed to the vision of data enablement, they’re more likely to help ensure that data is high quality and safe. Leading organizations invest in change management to build data supporters and convert the skeptics.

Lastly, since data governance programs mature and evolve as the organization’s data management becomes streamlined, another data governance best practice is to ensure that the process of educating and updating everyone must be continuous.

7. Track progress

At the risk of sounding like Captain Obvious, you can’t manage what you can’t measure. That’s why your data governance program should have a way of reporting that tracks its progress towards the program goals.

While this depends on your governance program’s KPIs, it could include anything from updates on lineage mapping to final decisions on the data owners for specific domains and their responsibilities.

Naturally, the next question is — what should we use to track these KPIs?

Several companies still use good ol’ spreadsheets to track progress and while it works for smaller use cases, it’s not practical for organization-wide governance initiatives. That’s why it’s a better idea to invest in technology that automates and simplifies monitoring your data governance efforts.

For instance, you could use a centralized dashboard that:

  • Automates reporting
  • Displays who the data owners are and tag them or ask questions
  • Traces lineage to verify the origins of data sets
  • Maintains a business glossary to add context to your data

8. Invest in the right technology

As mentioned earlier, technology is fundamental to the success of your governance programs. However, it’s crucial to invest in the right kind of technology that meets your requirements.

Any good governance platform should:

  • Democratize access to data
  • Simplify regulatory compliance
  • Ensure impeccable data quality
  • Automate processes such as profiling, cataloging, and PII classification

For example, Atlan lets users create granular access controls and manage requests, policies, and access logs from a single dashboard, making regulating and granting access a breeze.

Invest in the right technology-1

Manage all access requests in one place. Image by Atlan

Atlan also parses through SQL queries to auto-construct lineage and auto-detect PII data. Additionally, it helps you maintain granular audit logs that track actions such as users accessing data assets or the frequency of access.

Invest in the right technology-2

Granular access logs to track who’s accessing which data set and at what frequency. Image by Atlan

Atlan also lets users run automated quality checks to look for anomalies and guarantee the integrity of data. Users can automatically spot bad data using algorithms for duplicates, outliers, cross-column categorical patterns, and more.

Invest in the right technology-3

Schedule automated checks to monitor data quality. Image by Atlan

Moreover, Atlan automates cataloging, and auto-populates metadata descriptions and data dictionaries, which makes your organization’s data relevant, useful and valuable.

Lastly, the platform should be straightforward, easy to set up and use, without requiring any technical knowledge or interventions from IT — the reason gaining access to the right data takes forever in the first place.

Invest in the right technology-4

All humans of data benefit from using Atlan for everything from data exploration to governance. Image by Atlan

How does Atlan handle data security?

Besides flexing our muscles, we thought we’d take our advice of keeping things transparent and communicating everything. So, here’s a quick sidebar to explain how Atlan deals with data security.

  1. Atlan uses HTTPS (Hypertext Transfer Protocol Secure) encrypted using TLS (Transport Layer Security) for securing data in transit.
  2. The platform facilitates identity-based management using 2FA (two-factor authentication).
  3. The Atlan S3 bucket is protected with Amazon S3 server-side encryption.
  4. Atlan’s EBS (Elastic Block Storage) is also encrypted with a storage class.
  5. There are weekly releases to reduce vulnerabilities.
  6. There are industry-standard APTs (Application Penetration Testing) to simulate cyberattack scenarios, which help conduct risk assessments, spot weaknesses, and eventually remove them.
  7. Atlan uses Prometheus and Grafana for observability and monitoring. Plus, event logging involves using Fluent Bit and Loki. As a result, the governance platform’s admin has complete visibility into the infrastructure’s performance.
  8. Atlan also has SOC 2 Type I compliance certification in accordance with American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations also known as SSAE 18.

Since we have been tooting our horns for a while, we’ll let our customers share their thoughts. So, here’s what some of our customers have to say about how Atlan simplifies governance, democratizes access, and takes only a few hours to set up.

Atlan has become a valuable resource for the data team to get context about data. At a data-driven company like Postman, it had become hard to discover and curate increasing amounts of data until we discovered Atlan.

Vasa Prudhvi Kumar, Analytics Leader at Postman

Atlan was very easy to set up, we had all of our data sources flowing within the first day.

Danielle Ragan, Vice President of Data & Analytics at TechStyle Fashion Group


That’s everything — 8 data governance best practices to get the results you want from your data governance program. To summarize:

  1. Have a goal that resonates with all the stakeholders in your organization.
  2. Be thorough with mapping the regulatory compliance requirements.
  3. Get the senior management on board and get them involved.
  4. Pick a framework that matches your needs and goals.
  5. Map the data domains and start with the ones that will have the maximum impact.
  6. Educate (and make this an ongoing process) everyone on governance goals, implementation, and best practices to collaborate better.
  7. Track and measure the progress of your governance initiatives constantly and communicate the same with your stakeholders.
  8. Get the right data governance platform to help realize your goals as quickly as possible

Implementing data governance programs is a monumental undertaking. That’s why a solid plan, impactful goals, relevant and real-time metrics, and an emphasis on constant communication and collaboration are essential data governance best practices to embrace.

Ready to make data governance effortless with our modern, people-centric platform?

See the demo

Ebook cover - metadata catalog primer

Everything you need to know about modern data catalogs

Adopting a modern data catalog is the first step towards data discovery. In this guide, we explore the evolution of the data management ecosystem, the challenges created by traditional data catalog solutions, and what an ideal, modern-day data catalog should look like. Download now!