The Data Governance Bill of “Rights”

FEA01x - feature image -HW editedData Governance is all about doing the right thing when it comes to managing your data. However …

“A bill of rights is a list of the most important rights to the citizens of a country. The purpose of these bills is to protect those rights against infringement. The term “bill of rights” originates from England, where it refers to the Bill of Rights enacted by Parliament in 1689, following the Glorious Revolution, asserting the supremacy of Parliament over the monarch, and listing a number of fundamental rights and liberties.”

Wikipedia definition of “Bill of Rights”

You may be asking yourself what this has to do with data and data governance in particular. The answer to that question is … well … everything and nothing.

What kind of “Rights” are we talking about?

There are two options for how to write about “rights” and how they apply to data:

  1. I can write about the important “rights” of the people — the employees or members of your organization — to have high quality data that will better enable them to perform in their job function.  It is obvious that the goal of any Data Governance program is to provide these people with the data and information that will help them and the organization succeed. This is not the “rights” that I selected to write about..
  2. I can write about a bunch of “rights” (as in the “right” things to do) associated with getting your data governance program to successfully govern data. This is the approach I am taking to this article.

What is the Data Governance Bill of “Rights”?

The Bill of “Rights” consists of the “right” behaviors that are expected in order to achieve the optimum results from your Data Governance program. Optimum results are often tied back to the definition of Data Governance.

My definition of Data Governance is:

“The execution and enforcement of authority over the management of data and data related assets.”

And my definition of Data Stewardship is

“The formalization of accountability over the management of data and data-related assets.”


I talk about enforcement of authority through the formalization of accountability. These two broad subjects perhaps best describe the Non-Invasive Data Governance approach that I speak about so often.

The Execution and Enforcement, and the Formalization require:

  • Getting the “Right” People

  • Involved at the “Right” Time

  • In the “Right” Way

  • Using the “Right” Data

  • To Make the “Right” Decision

  • Leading to the “Right” Solution

  • … Most of the Time

Does this sound like a quick summary of what we are all trying to accomplish through our Data Governance programs? Certainly there are other aspects of Data Governance that are not painted very well by this broad brush. Perhaps they are better served by the definitions I shared above.  These bullet points summarize the activities of many a Data Governance program. Let’s walk through them quickly one-by-one:

Getting the “Right” People

This is perhaps the easiest “Right” to address.  But this also requires that you inventory the data you want to govern (notice I did not say all of your data) and cross reference it with the people or parts of the organization that define, produce and use the data.  If this sounds like a monstrous task, the truth is that it can be (should be) done incrementally and can be completed simply by using information about who was involved during recent and present data focused initiatives.

The tool that I use to conduct this inventory is called the Common Data Matrix.  I have mentioned the Common Data Matrix in my previous articles and webinar series many times; and if you would like to get a copy of a generic Common Data Matrix, please just let me know.

The Common Data Matrix is simply a two-dimensional matrix that lists the domains (or subject areas, and perhaps sub subject areas) of data down the left side and the parts of the organization across the top. Many organizations have listed the systems where the domains of data reside, the tools used to access that data, denote the system of record … in the matrix. It is a very flexible tool and bends to fit every organization’s need.

However, the Common Data Matrix is not the focus of this article (thus the description and no picture). Getting the “right” people involves knowing who does what with the data across the organization which is the purpose of the tool. The Common Data Matrix is an extremely powerful and inexpensive tool that you can develop yourself that will help you to get the “Right” people involved.

Involved at the “Right” Time

There is another tool that can be used to address this “Right.” This tool is something I call a Data Governance Activity Matrix; a two-dimensional chart with the steps of the activity down the left side and the roles defined for your data governance program across the top.

In each of the blocks where the step crosses the role, you can detail the specific governance activity that takes place in that step, the amount of time it should take, when it will take place, who has the responsibility and the accountability, who should be consulted or just informed. You know the old RASCI deal (added as S for supportive if you want to spell that out as well.

Again, in this quick hit article I am not including a sample activity matrix but you get the idea. And if you really want to see real life examples, please just reach out to me.

One very important item to mention here … Just because you create a Data Governance Activity Matrix for a specific process or procedure does not turn that process or procedure into a (should I even say it – the dreaded) “Data Governance Process”. This is one of my pet peeves in the industry. Calling something a “Data Governance Process’ instantly makes Data Governance out to be the villain as the discipline that slows things down. We certainly do not want people to get that impression. All processes can be governed. That does not mean it is a “Data Governance Process”.

In the “Right” Way

Perhaps, this is the most difficult “Right” to get right. This “right” involves making certain that the steps down the left side of the Data Governance Activity Matrix (mentioned in the previous section) are the correct or at least most appropriate actions to take.

This is where Data Governance comes to life; or gets difficult depending on your perspective. Completing a Data Governance Activity Matrix for your SDLC (system development life cycle) can be rather simple because the steps of the process already exists and can be leveraged. Completing a Data Governance Activity Matrix for the process of making certain regulatory and compliance rules are being captured, communicated and followed can be rather complex.

This “right” is the most important. The methodologies, processes, best practices … are most likely out there somewhere in your organization. If we simply cross reference the properly governed steps of the activity with the “Right” people we are taking steps to formalize accountability and become more efficient and effective in our processes and most likely the governance of data.

Using the “Right” Data

This “Right” can be somewhat tricky as well. In many organizations there is no definition of “Right” data making it all the more difficult to fix the wrong data or get to the “Right” answers.

But let’s just say for example you have an enterprise data warehouse that is working perfectly, a master data solution in place, know where your systems of record are for your data and can direct people to that data. You are in a pretty good situation.

If you have the governed steps of your process formalized (see previous “Rights”) you can apply pointing to the “Right” data as part of the processes. Does that make sense? My suggestion is that you making getting to the “Right” data a very important part of the processes and procedures you govern.

To Make the “Right” Decision

The “Right” decision is often based on the “Right” data but not always. Getting “Right” decision is often based on the “Right” person making that decision with the “Right” data.

Now I am beginning to sound a little bit redundant. But have no fear because the “Rights” are what we are talking about here.  And the ultimate “Right” data leads to the “Right” decision. However … Often there is no assurance that a decision is correct until time has passed and the decision has been validated through business activity.

In order for the “Right” decision to work out right, the solution that follows the decision must be right as well. Wow, this sounds obvious. And this again may fall back on the use of a Data Governance Activity Matrix to map the steps that are used to follow through on the “Right” decision.

Leading to the “Right” Solution

And we come to the end of the “Rights”. It is about time isn’t it?

I already wrote about the “Right” decisions and the “Right” solutions that follow, so there is no need tol make the point again. Isn’t the Bill of “Rights” what Data Governance is all about? Simply stated! I cannot think of a simpler way of describing what we want out of our governance programs.

Most of the Time

If you go to your management tell them you have an easy way to get the right people involved at the right time in the right way using the right data to get to the right decisions and solutions, they will most likely ask you how. OK this article does not exactly answer that question but the tools mentioned earlier will help your organization to recognize the value of the Non-Invasive Data Governance approach. Getting the right … you get it by now.


Perhaps you found the Data Governance Bill of “Rights” to be corny or maybe it makes sense to you. I have created posters of the Data Governance Bill of “Rights” that I will gladly send to all that make the request. Your thoughts and ideas about the Bill of “Rights” or your ideas of what is “Right” would be gratefully accepted.

Share this post

Robert S. Seiner

Robert S. Seiner

Robert (Bob) S. Seiner is the President and Principal of KIK Consulting & Educational Services and the Publisher Emeritus of The Data Administration Newsletter. Seiner is a thought-leader in the fields of data governance and metadata management. KIK (which stands for “knowledge is king”) offers consulting, mentoring and educational services focused on Non-Invasive Data Governance, data stewardship, data management and metadata management solutions. Seiner is the author of the industry’s top selling book on data governance – Non-Invasive Data Governance: The Path of Least Resistance and Greatest Success (Technics Publications 2014) and the followup book - Non-Invasive Data Governance Strikes Again: Gaining Experience and Perspective (Technics 2023), and has hosted the popular monthly webinar series on data governance called Real-World Data Governance (w Dataversity) since 2012. Seiner holds the position of Adjunct Faculty and Instructor for the Carnegie Mellon University Heinz College Chief Data Officer Executive Education program.

scroll to top