Best of 2013 – The Data Governance Bill of “Rights”


A quick history lesson for you … from Wikipedia no less …

“A bill of rights is a list of the most important rights to the citizens of a country. The purpose of these bills is to protect those rights against infringement. The term “bill of rights” originates from England, where it refers to the Bill of Rights enacted by Parliament in 1689, following the Glorious Revolution, asserting the supremacy of Parliament over the monarch, and listing a number of fundamental rights and liberties.Bills of rights may be entrenched or un-entrenched. An entrenched bill of rights cannot be modified or repealed by a country’s legislature through normal procedure, instead requiring a supermajority or referendum; often it is part of a country’s constitution and therefore subject to special procedures applicable to constitutional amendments. A not entrenched bill of rights is a normal statute law and as such can be modified or repealed by the legislature at will. In practice, not every jurisdiction enforces the protection of the rights articulated in its bill of rights.”

You may be asking yourself what this has to do with data and data governance in particular. The answer to that question is … well … everything and nothing. There are two angles I could take with this article. I can talk about the important “rights” of the people (the employees or members of your organization) to have high quality data that will better enable them to perform in their job function.  But … I prefer not to write about the obvious. And it is obvious that the goal of any Data Governance program is to provide these people with the data and information that will help them and the organization succeed.Or … I could write about a bunch of “rights” (as in the right things to do) associated with getting your data governance program to operate the way you want it to.  This is the approach I am taking to this article.What is the Data Governance Bill of “Rights”? Let me first explain that the Bill of “Rights” consists of the right behavior that will be expected in order to achieve the optimum results from your Data Governance program. If you recall (if you do not I will share it with you again) my definition of Data Governance is:

The execution and enforcement of authority over the management of data and data related assets.

And my definition of Data Stewardship is:

The formalization of accountability over the management of data and data-related assets

I talk about enforcement of authority through the formalization of accountability. These two broad subjects perhaps best describe the Non-Invasive Data Governance approach that I speak about so often.
Both the enforcement and formalization require:
  • Getting the “Right” People
  • Involved at the “Right” Time
  • In the “Right” Way
  • Using the “Right” Data
  • To Make the “Right” Decision
  • Leading to the “Right” Solution
  • … Most of the Time
Does this sound like a quick summary of what we are all trying to accomplish through our Data Governance programs? Certainly there are other aspects of Data Governance that are not painted very well by this broad brush. Perhaps they are better served by the definitions I shared above.  But these bullet points summarize the activities of many a Data Governance program. Let’s walk through them quickly one-by-one:

Getting the “Right” People

This is perhaps the easiest “Right” to address.  But this also requires that you inventory the data you want to govern (notice I did not say all of your data) and cross reference it with the people or parts of the organization that define, produce and use the data.  If this sounds like a monstrous task, the truth is that it can be (should be) done incrementally and can be completed simply by using information about who was involved during recent and present data focused initiatives.

The tool that I use to conduct this inventory is called the Common Data Matrix.  I have mentioned the Common Data Matrix in my previous articles and webinar series many times; and if you would like to get a copy of a generic Common Data Matrix, please just let me know.

The Common Data Matrix is simply a two-dimensional matrix that lists the domains (or subject areas, and perhaps sub subject areas) of data down the left side and the parts of the organization across the top. Many organizations have listed the systems where the domains of data reside, the tools used to access that data, denote the system of record … in the matrix. It is a very flexible tool and bends to fit every organization’s need.

However, the Common Data Matrix is not the focus of this article (thus the description and no picture). Getting the “right” people involves knowing who does what with the data across the organization which is the purpose of the tool. The Common Data Matrix is an extremely powerful and inexpensive tool that you can develop yourself that will help you to get the “Right” people involved.

Involved at the “Right” Time

There is another tool that can be used to address this “Right.” This tool is something I call a Data Governance Activity Matrix; a two-dimensional chart with the steps of the activity down the left side and the roles defined for your data governance program across the top.

In each of the blocks where the step crosses the role, you can detail the specific governance activity that takes place in that step, the amount of time it should take, when it will take place, who has the responsibility and the accountability, who should be consulted or just informed. You know the old RASCI deal (added as S for supportive if you want to spell that out as well.

Again, in this quick hit article I am not including a sample activity matrix but you get the idea. And if you really want to see real life examples, please just reach out to me.

One very important item to mention here … Just because you create a Data Governance Activity Matrix for a specific process or procedure does not turn that process or procedure into a (should I even say it – the dreaded) “Data Governance Process”. This is one of my pet peeves in the industry. Calling something a “Data Governance Process’ instantly makes Data Governance out to be the villain as the discipline that slows things down. We certainly do not want people to get that impression. All processes can be governed. That does not mean it is a “Data Governance Process”.

In the “Right” Way

Perhaps, this is the most difficult “Right” to get right. This “right” involves making certain that the steps down the left side of the Data Governance Activity Matrix (mentioned in the previous section) are the correct or at least most appropriate actions to take.

This is where Data Governance comes to life; or gets difficult depending on your perspective. Completing a Data Governance Activity Matrix for your SDLC (system development life cycle) can be rather simple because the steps of the process already exists and can be leveraged. Completing a Data Governance Activity Matrix for the process of making certain regulatory and compliance rules are being captured, communicated and followed can be rather complex.

This “right” is the most important. The methodologies, processes, best practices … are most likely out there somewhere in your organization. If we simply cross reference the properly governed steps of the activity with the “Right” people we are taking steps to formalize accountability and become more efficient and effective in our processes and most likely the governance of data.

Using the “Right” Data

This “Right” can be somewhat tricky as well. In many organizations there is no definition of “Right” data making it all the more difficult to fix the wrong data or get to the “Right” answers.

But let’s just say for example you have an enterprise data warehouse that is working perfectly, a master data solution in place, know where your systems of record are for your data and can direct people to that data. You are in a pretty good situation.

If you have the governed steps of your process formalized (see previous “Rights”) you can apply pointing to the “Right” data as part of the processes. Does that make sense? My suggestion is that you making getting to the “Right” data a very important part of the processes and procedures you govern.

To Make the “Right” Decision

The “Right” decision is often based on the “Right” data but not always. Getting “Right” decision is often based on the “Right” person making that decision with the “Right” data.

Now I am beginning to sound a little bit redundant. But have no fear because the “Rights” are what we are talking about here.  And the ultimate “Right” data leads to the “Right” decision. However … Often there is no assurance that a decision is correct until time has passed and the decision has been validated through business activity.

In order for the “Right” decision to work out right, the solution that follows the decision must be right as well. Wow, this sounds obvious. And this again may fall back on the use of a Data Governance Activity Matrix to map the steps that are used to follow through on the “Right” decision.

Leading to the “Right” Solution

And we come to the end of the “Rights”. It is about time isn’t it?

I already wrote about the “Right” decisions and the “Right” solutions that follow, so there is no need tol make the point again. Isn’t the Bill of “Rights” what Data Governance is all about? Simply stated! I cannot think of a simpler way of describing what we want out of our governance programs.

Most of the Time

If you go to your management tell them you have an easy way to get the right people involved at the right time in the right way using the right data to get to the right decisions and solutions, they will most likely ask you how. OK this article does not exactly answer that question but the tools mentioned earlier will help your organization to recognize the value of the Non-Invasive Data Governance approach. Getting the right … you get it by now.


Perhaps you found the Data Governance Bill of “Rights” to be corny or maybe it makes sense to you. I have created posters of the Data Governance Bill of “Rights” that I will gladly send to all that make the request. Your thoughts and ideas about the Bill of “Rights” or your ideas of what is “Right” would be gratefully accepted.


submit to reddit

About Robert S. Seiner

Robert S. (Bob) Seiner is the publisher of The Data Administration Newsletter ( – and has been since it was introduced in 1997 – providing valuable content for people that work in Information & Data Management and related fields. is known for its timely and relevant articles, columns and features from thought-leaders and practitioners. Seiner and were recognized by DAMA International for significant and demonstrable contributions to Information and Data Resource Management industries. Seiner is the President and Principal of KIK Consulting & Educational Services, a data and information management consultancy that he started in 2002, providing practical and cost-effective solutions in the disciplines of data governance, data stewardship, metadata management and data strategy. Seiner is a recognized industry thought-leader, has consulted with and educated many prominent organizations nationally and globally, and is known for his unique approach to implementing data governance. His book “Non-Invasive Data Governance: The Path of Least Resistance and Greatest Success” was published in late 2014. Seiner speaks often at the industry’s leading conferences and provides a monthly webinar series titled “Real-World Data Governance” with DATAVERSITY.