How to Craft an Effective Data Governance Policy (Sample Data Policy Inside)

The authors propose a single and short data policy that covers long-term strategic intent, outlines the key responsibilities, and is endorsed by the CEO.
How to Craft an Effective Data Governance Policy (Sample Data Policy Inside)

Data governance has a bad reputation in many organizations. These organizations have trouble defining, implementing, and sustaining effective methods. The data governance policies themselves are poorly defined and written, few comply on their own volition, and enforcement is weak. Many senior leaders and others for that matter, doubt the value of and the need for data governance.

To help address these concerns, we propose to narrow the focus to a single and short data policy that covers long-term strategic intent, outlines the key responsibilities, and is endorsed by the CEO. This approach is inspired by AT&T’s quality policy, which can be found in the front matter of AT&T’s Process Management and Improvement Guidelines.  It drove AT&T’s quality programs for many years.

One Data Policy

Having one data policy makes it easier to allow each employee in an organization to contribute to better data management. It should recognize the many ways a single person’s actions regarding data impacts others. It should spell out expectations for creating, collecting, using, and protecting data at all levels of the organization.

It should recognize that the organization has a long way to go to manage and gain full value from its data. It should give business units and others sufficient latitude to implement and make improvements in ways that best suit the specific interests.

The policy should identify the further expectations of management in implementing the policy.  It does not need to mention specific data management or IT staff but may want to include a reference to how a specific team would support the policy. This policy should be short (preferably one page), signed by CEO/Chairman, and endorsed by the Board of Directors.

A sample Data Governance Policy

Policy Statement

Data is increasingly important to every aspect of our business, from doing the work to making good decisions, to fueling innovation. Further, we are mutually dependent on each other for the data we need. Therefore, we will:

  • Treat data as a strategic asset,

  • Clarify how we expect each individual, team, department, and business unit to contribute.

Policy Intent

The organization will create and sustain an environment that values data and information across all departments, functions, and business units. We expect staff and management to establish and maintain high standards for data quality, keep data secure, and protect our customers’ privacy, allowing each person to become increasingly facile in using data.

Additionally, we dedicate ourselves to continuing education to help people meet their obligations under this policy. Every employee and manager has key roles to play in advancing our data agenda:

  1. As customers and creators in quality programs, as data winds its way across the company

  2. As small data scientists, using data to improve their team’s performance

  3. As collaborators in others’ data efforts

  4. As guardians of the company’s data assets

  5. As better decision-makers


Heads of every business group and senior staff officers are responsible for:

  • Communicating this policy to all employees

  • Clarifying how the roles cited are reflected in employees’ job requirements

  • Providing education and training so employees can meet these roles and responsibilities

  • Integrating data into their strategic business plans

  • Implementing a data program to carry out this policy

  • Monitoring the impact of data on key business priorities

  • Monitoring and improving the data quality levels of all critical data and business processes

  • Where appropriate, developing data plans with suppliers and other business partners

  • Providing funding for, reviewing, and advancing their area’s data programs

Executed: by CEO/Chairman

Expected Benefits

To our knowledge, the sample policy above has not been tried before. But the current poor state of data governance cries out for fresh thinking and, based on AT&T’s experience, this one offers many benefits: Developing such a policy would force the senior leadership to think deeply about how it expects data to contribute to the company’s future.

It also will offer management the ability to discover and then articulate their roles in building that future and to clarify how aggressively it should be managed. It would articulate the organization’s commitment to data and guide efforts to make data a true asset.

This will reduce or eliminate the challenges and confusion stemming from a plethora of data policies and help everyone in the company get on the same page concerning data collection and usage. In turn, it highlights individual responsibilities and commitments to one another for managing data.

In addition, this clarifies the responsibilities of the Data Governance team, whose most important roles would involve helping establish the policy, communicating it, and assisting business teams in implementing it.

Also Read
Data Governance by Design: 11 Commandments for Architecting Future-Proof Transformations
How to Craft an Effective Data Governance Policy (Sample Data Policy Inside)


The current state of data governance in most organizations is poor and cries out for new ideas.  We strongly recommend that every organization consider adopting the “one data policy” idea, write a policy statement that includes all or most of our suggestions here, and socialize this simple way to improve data governance. Let us know how you do.

About the Authors:

Anne Marie Smith is a leading consultant and educator in Data and Information Management with broad experience across industries. She is a frequent speaker and an author on data management topics for a wide range of publications.

She has taught numerous workshops and courses in her areas of expertise. Smith holds the degrees of Bachelor of Arts and Master of Business Administration in Management Information Systems, she earned a PhD in MIS and has earned various industry certifications and fellowships.

Thomas C. Redman, “the Data Doc,” is President of Data Quality Solutions. He helps companies and leaders chart their courses to data-driven futures with special emphasis on quality, organizational structure, and analytics.

His latest book, People and Data: Uniting to Transform Your Organization (Kogan Page 2023), urges companies to increase the power of their data programs by getting everyone. Redman has a Ph.D. in Statistics and two patents.

Related Stories

No stories found.
CDO Magazine