Data Governance Maturity – An Overview

By Anne Smith

Generally, governance is a long-term strategic initiative, but data governance can also deliver short-term, tactical benefits.  The need for both strategic and tactical approaches to data governance contributes to an organization’s confusion on where to begin.  Many organizations have struggled with understanding the need for understanding their data, although data is one of an organization’s critical assets.

Many organizations are interested in the concepts of governance and stewardship, but when asked if they want to explore how to implement these concepts they need help to see the need for such a strategic initiative.  Management can be more concerned with the immediate problems of project delivery and application problem-solving, rather than thinking about how to prevent future problems with data usage, protection and consolidation.  This focus on immediate actions also can obscure the need for understanding the value and meaning of the data, making this critical asset less useful than it should be.

This concentration on immediate issues presents a challenge to those who see the benefits of strategic planning and the need for a governance approach as a foundation for information management.  Well governed data would help deliver better information for improved decision-making and can offer a competitive advantage, as well as satisfying multiple user domains’ requirements for commonly defined and managed data. The problem of persuading an organization to adopt a governance approach to data management lies in the fact that it is not easy to demonstrate how these benefits can be achieved quickly enough to satisfy those within the organization who need to see results promptly.  Balancing the tactical needs with the desire for strategic planning can show an organization that paying attention to data governance can be rewarding in many dimensions and can offer results faster than may be expected.

One method that can show both immediate and strategic results for an approach is maturity modeling, which can be tailored for almost any discipline (software process, software integration, project management, data management, governance, etc.).  Using a maturity model to organize the process of implementing best practices and evaluating the organization’s success at the effort is becoming more common as maturity models grow in popularity.  Starting with the “Capability Maturity Model for Software Development” in the 1990’s, organizations have found that this framework allows them to measure their current state, determine both interim and long-term goals for improvement, provide the best practices that will move them to the next stage and assess their progress at any point in the process.

The Capability Maturity Model for Software Development (CMM-SW) and its derivatives instantiated the concepts of examining progression toward “maturity” in some discipline.  The CMM-oriented models measure how much an organization uses defined processes to manage some activity (once again: software process development, system integration, data management, etc.).

Maturity modeling is the general technique that the CMM and all related models employ. Some common points in maturity modeling are:

  • Different organizations tend to adopt the parts of a method in a similar progression, leading to the development of a scale that can be used to assess the organization’s current maturity.
  • Mapping an organization’s current position on the scale gives an indication of its maturity in the method.
  • The maturity level can show an organization the most appropriate next steps, and give an indication of the benefits of improving its maturity in the process / function.
  • Maturity levels are incremental; an organization cannot progress from Level 1 to Level 3 without having satisfied the components of Level 2.
  • Maturity can be delineated into key areas, and each organization can be more mature in one or more areas than in others at the same level.

The levels of a basic maturity model for data governance might appear as:

  1. Non-existent  Organization has no data governance approach, does not understand the need for governance and has no stewardship functions.
  2. Ad hoc  Organization performs occasional, non-standardized stewardship activities but has no formal data governance approach.
  3. Standardized  Organization has implemented some standard data governance practices and has standardized the stewardship role.
  4. Committed  Organization has instituted formal data governance for all business units and has dedicated stewards for all business units.
  5. Consolidated  Data governance and stewardship are coordinated across the enterprise, involving business and information technology and management in partnership.
  6. Strategic  Data governance is used to set, communicate and enforce business and IT information management policy.

Using such a maturity model can assist an organization in understanding data governance, and allows any organization to measure its relative maturity in this important area.  Having the process, key areas, process indicators and methods of a complete data governance model can give an organization focus in developing and continually refining their approach to governance and stewardship.

The CMM approach has achieved widespread adoption since it is an incremental and evolutionary approach to improvement, where each stage/level serves as the foundation for the next stage/level.  Each maturity level is characterized by the implementation and institutionalization of several clusters of practices (called “process areas”) that contribute to the development of capabilities for that level.  Although the Software Engineering Institute (SEI), the “owners” of the CMM, have not created a formal data governance maturity model, it is possible to take the concepts of the CMM and apply them to data governance.  Therefore, many organizations have chosen the Capability Maturity Model as their process improvement methodology to assist them in determining their current state and the progression of desired improvements.

Determining the current state of an organization’s process in a domain is called “assessment” and this is how the CMM is used most frequently – to assess the organization’s level of maturity.

Assessment using a data governance maturity model can demonstrate the following effects:

  • For organizations that currently do not engage in governance, systematically developing and implementing governance reduces risk in projects and delivers higher quality information to users.  Data governance can be an effective project enhancement effort for improved data and information quality.
  • After having reached Level 2 of the data governance maturity scale, data governance can become the basis for proactive management of information in the organization.
  • As the organization progresses along the data governance maturity continuum, it can be used to define, communicate and enforce business-driven information management policy.

Although many organizations struggle with the need for strategic management of information, data governance can be used as a way to address their immediate needs for tactical improvement in data quality and cost reduction.  These benefits come as a result of improved data in a system.  Data protection, a part of IT governance concerned with the security and privacy of the data stored in information systems is another area of governance that should not be overlooked in developing a governance approach to data.

Stressing the tactical benefits of data governance does not weaken the strategic view needed for full information management.  However, businesses may want to see the benefits of a tactical approach to data governance before they can justify the implementation of a strategic view of data and its governance.  Using the governance maturity model as the benchmark for assessing their current data governance status can give organizations information on what areas should constitute their initial focus for improving governance, whether that focus is tactical or strategic.

About the Author

Anne Marie Smith is a leading consultant in Information Management and is a frequent contributor to various IS publications. Anne Marie has over 20 years experience in information management for several corporate entities and has successfully led the development of data resource management departments within corporations and consulting organizations. Anne Marie is active in the local chapter of DAMA and serves on the board of directors of DAMA International, and is an advisor to the DM Forum. She has been an instructor of Management Information Systems (MIS) with Philadelphia, PA area colleges and universities. Anne Marie has taught topics such as: data stewardship and governance, data warehousing, business requirements gathering and analysis, metadata management and metadata strategy, information systems and data warehouse project management. Anne Marie’s areas of consulting expertise include metadata management including data stewardship and governance, information systems planning, systems analysis and design, project management, data warehouse systems assessment and development, information systems process improvement and information resource management/data resource management. Anne Marie holds the degrees Bachelor of Arts and a Master's of Business Administration in Management Information Systems from La Salle University; she has earned a PhD in MIS at Northcentral University. She is a certified logical data and process modeler and holds project management certification. Anne Marie can be reached at

Free Expert Consultation