Implementing Data Governance (Frameworks & Maturity)

The theory of governance is well-defined. The hard part is doing it in a company that already has 20 years of data debt, 12 teams, 3 acquisitions, and a CFO who wants quarterly numbers next week.

**Don't try to govern everything**. Pick 1-3 **critical data elements** to start: customer, revenue, employee — whichever matches your biggest risk or biggest opportunity. Prove governance works there, expand.

**Two rollout strategies**: **federated** (each business domain owns its data, central office sets standards — scales best, slower to start) vs **centralized** (central DG office owns everything — fast to define, bottlenecks fast). Most large orgs land on federated; mid-size orgs can start centralized and federate later.

**Quick wins matter**: a data catalog that tells people where things are (3 months), a quality scorecard on 10 key tables (6 months), a DSR (Data Subject Request) response process (9 months). Don't spend year 1 on a DAMA-DMBOK 11-chapter policy nobody reads.

Maturity model (DAMA-style): Ad-hoc → Managed → Defined → Measured → Optimized. Most orgs are Managed; most realistic 3-year target is Defined. Optimized is for Fortune 500 bank-tier orgs with compliance heat.

Tooling sequence: data catalog first (discovery + glossary) → quality tool second → lineage (often comes with the catalog) → access governance fourth. Skipping catalog to buy a fancy quality tool = fancy dashboards nobody uses because nobody knows what data is monitored.