TOP_407070357-Data-Governance-Playbook.pptx

Table Of Contents
Section Slide
I. Introduction to Data Governance 7
A. Executive Summary
B. Key Contacts
C. Why Data Matters
D. Industry Trends
II. Understand business drivers 12
A. Introduction
B. Foundational Concepts
C. Sample Approach
D. Example Business Drivers
III. Assess current state 22
A. Introduction
B. Sample Approach
C. Assessment Model Inventory
D. Detailed DMM Approach
E. Key Outputs
IV. Develop Roadmap 34
A. Identify gaps (e.g., leverage target state and current state)
B. Determine projects to close gaps
C. Prioritize and sequence

Table Of Contents
Section Slide
V. Define scope of key data 45
A. Select approach
B. Define key data by supply chains
C. Define key data by domain
D. Define key data by a scoping methodology
E. Use a modified version of an existing bank’s structure
VI. Define and establish governance models 53
A. Define CDO office roles and responsibilities
B. Develop a RACI
C. Define an interaction model
D. Identify committees
E. Define escalation channels
F. Identify level of centralization / federation for DG
G. Define and implement roll-out strategy
VII. Define data policies and standards 76
A. Define a data policies and standards framework
B. Select data policies and standards specific to the bank’s needs
C. Write data policies and standards
VIII. Establish key processes and procedures 117
A. Establish issue management
B. Integrate SDLC (software development lifecycle)
C. Identify and develop other key processes and procedures

Table Of Contents
Section Slide
IX. Execute Data Quality 136
A. Introduction
B. Link to DQ Playbook
X. Source Data & Activate Domains 138
A. Introduction
B. Link to Data Sourcing Playbook
XI. Capture & Test Metadata 141
A. Introduction
B. Link to Metadata Execution Playbook
XII. Next Gen industry trends and market demands
A. The evolution of Data
B. Next Gen Data Architecture and Use Cases

Executive summary
Data Governance is the need to effectively manage and integrate vast and often disparate volumes of business data in order to be able to extract
competitive information from such – and in a timely manner – is a challenge faced by most financial services institutions today. Coupled with this
need is the wave after wave of regulatory requirements that such institutions need to comply with. To successfully address these needs, financial
services institutions must actively manage their data assets through programs that go beyond traditional systems development, and focus more on
the practice and discipline of Data Governance (DG).
This document serves as a playbook for implementing data governance end-to-end across enterprise data offices, lines of businesses, risk types, or
control functions. It can be implemented in segments to achieve targeted data governance capabilities, or used to implement a large-scale data
governance program. The concepts and frameworks contained within this playbook should be used as a starting point, but may need to be tailored
to meet the needs of the business. Using this playbook will help our clients achieve the following targeted data governance capabilities:
• Understand drivers
• Assess current state
• Develop roadmap
• Define scope of key data
• Define and establish governance models
• Define data policies and standards
• Establish key processes and procedures
• Execute Data Quality
• Activate domains and authoritative data sources
• Capture and test metadata

Introduction to Data Governance

Why Data Matters
Today, every company is a data company
▶ Increased regulatory scrutiny and intervention has presented financial institutions with the difficult challenge of
understanding, analyzing and providing ownership over data. Every financial institution has had to transform into a
‘data company’ that uses it’s data as the foundation to make informed decisions, better serve clients, and provide
accurate information to regulators and investors.
Everyone within a company is responsible for data management and data governance
▶ The amount of data being created, transformed, and used is growing exponentially and is becoming omnipresent
within all aspects of organizations. The key to accurate, consistent data is an effective governing operating model
around the input, use, and protection of the data in which the entire organization is responsible.
All companies want to create, use, and maintain high quality data
▶ Strong and effective data governance is essential for long lasting data quality, which includes confidence in the data
and the effectiveness, utility, and accuracy of the data
Data Governance
Data Domains
Data
Elements
Data Quality
Standards Capabilities Adoption Sustainability

Data Governance is:
► Overall management of the availability, usability, integrity and security of the data
employed in an enterprise
► Practice of organizing and implementing policies, procedures, and standards for the
effective use of an organization’s structured/unstructured information assets
► Execution and enforcement of authority over the management of data assets and the
performance of data functions
► Decision-making process that prioritizes investments, allocates resources and
measures results to ensure that data is managed and deployed to support business
What is Data Governance (DG)?
You can’t manage what you don’t name. And then there’s its corollary: you can’t manage
well what you don’t define explicitly.

Benefits of data governance
There are widespread benefits across a financial services organization to establishing data governance capabilities.
Hallmarks of a strong DG organization include the establishment of clear accountability for data management through
data governance roles and responsibilities.
Benefits of having a DG program include:
Addressing and minimizing operational risks
► Increases transparency into data management
► Builds confidence in data management practices
► Reduces issue remediation
► Bolsters accountability for data policies and standards
► Enhances business processes (i.e. accuracy, completeness, and timeliness)
Sustaining the benefits of regulatory programs (e.g., Basel, Dodd-Frank, CCAR, Solvency II)
► Institutionalizing data governance enhances all areas of the business (e.g., risk models may be developed with
high quality data, MIS and regulatory reporting being done with greater confidence and in shorter cycles)
Establishing a foundation for meeting future regulatory mandates
► Makes an organization better prepared to respond to future regulatory mandates that require robust data
management functions (e.g., BIS’s Principles for Effective Risk Data Aggregation and Risk Reporting)

▶Firms are reengineering their traditional data management approaches due to
regulatory demands such as Dodd Frank, CCAR, and BCBS 239
▶Efficiency programs are now focused on lowering the cost of operating the data
management and controls environment
▶Streamlining process capabilities across key functions such as risk and finance
▶Leveraging data management investments to enable analytics and drive better
decision making
Industry Trends
2005 – 2009
Accountability
2013 – 2015
BCBS 239 and CCAR
2009 – 2013
Data Quality
2015 & beyond
Sustainability
• Manage end to end data
supply chains from
report to data
• Integrate control
environments across
model risk, spread sheet
controls, SOX
• Consolidate firm wide
policies and standards
• Automate the capture of
metadata
• Build capability to
independently test
• Strengthening data
architectures through the
use of new technologies
• Building formal job
families and training to
build & retain talent
• Formalizing and
establish CDO
functions
• Initiate metadata
factory to collect and
integrate metadata
• Building enterprise
architecture standards
for data sourcing,
aggregation, analytics
and reporting
• Consolidate and build
common taxonomies
• Evaluate end user data
requirements and
thresholds
• Deploying and
executing data policies
and standards
• Formalizing local data
governance structures
and roles
• Establishing enterprise
data quality
approaches and
standards
• Establish metadata
approaches and
standards
• Establishing formal
data roles and
responsibilities
• Drafting and
deploying policies and
standards
• Establishing formal
data governance
structures
• Focus on centralized
enterprise data
warehouse approaches

Understand business drivers

Section Introduction
► Understanding your client’s drivers will allow you to deliver a high quality offering and align the target state to their overall vision.
► Determining what capabilities will help the client achieve their objectives.
► Data Management/Governance Organizations Have different structure and focus on establishing different capabilities based on the
business objectives they are trying to achieve
Business Benefits
► The primary business drivers will vary by the institution’s specific size, area of expertise, location in the global marketplace, and
standing with regulators. The business drivers contained within this section can be used as a starting point.
Chapter Guidance
► The primary business driver for the majority of data management functions has been demonstrating control to regulators, specifically in
the context of BCBS 239 and CCAR. This has emphasized the need for data governance capabilities within organizations.
► The secondary benefit that drives data governance organizations is providing value to their business partners through analytics and
reporting that the business desires but has not been able to achieve.
Industry Trends
► Mike Butterworth
► Mark Carson
► Shobhan Dutta
► Lisa Cook
► Ryan Duffy
Key Contacts
► The objective of this activity is to declare an overall objective of the client’s data governance program by establishing clear measurable
goals, linking to business drivers, drilling down to the data management concepts that will enable achievement of that goal.
► Executing this step will help the client understand the options for their future state and evaluate and select the most suitable future
state based on the client’s vision and strategic objectives.
Definition

An information strategy harnesses the vast amounts of data available to
any company and turns that into useful knowledge. In addition it
establishes the foundation for data management.
Key business drivers
Profit
► Need for products to leverage good quality and
well managed data
► Efficiencies in operating model creating greater
speed to market
► Data consistency requirements across customer
data sets
► Complex product design based on efficient and
intelligent data use
Cost
► Proliferation of data
► Enhance operational control and customer
satisfaction
► Reduce data storage costs
► Increased demands by customers for reporting
(e.g., Solvency II, UCITS IV, Form PF)
Efficiency
► Ability to respond to change or integrate new
products, regions, or companies
► Business operational metrics
► Decrease process cycle times
Risk and
regulatory
► Heightened regulatory scrutiny (e.g., Dodd-Frank,
CCAR, RDA)
► Concentration risk and correlations across LOBs
► Ad hoc stress scenarios
► Anticipate emerging risks
► Optimize capital allocation
► Vulnerability threats
Information Strategy Framework
Key take-away: Firms need to have clear agreement on key business drivers before investing in technology and data capabilities
Identifying Key Business Drivers

Risk &
Regulatory
Cost
Profit
“Who’s accountable for my data?”
“How good is my data?”
“What customer segments do I want to
focus on or exit?”
Data Governance
Data Architecture
Business Intelligence and
Reporting
Quantitative Analysis and
Advanced Analytics
Data Quality
“How accessible is my data?”
Efficiency
“Does the existing governance structure meet
regulatory requirements
Key Questions Information Management Capability
"Where is the best source to get customer
exposures?"
"How can I reduce my overhead costs related to
quarterly reporting"
"What tools are available so my quants can focus on
analysis not data sourcing?"
Key Business Drivers
Defensive
Offensive
Key take-away: Representative business questions often help illustrate how investment in information capabilities support key
business drivers
Foundational Concepts

Example Business Driver: BCBS-239
► The Basel Committee on Banking Supervision (BCBS) released the Principles for effective risk data aggregation and risk reporting
(The Principles) on in January 2013 and a self assessment questionnaire for G-SIBs in March of 2013.
► The FRB and OCC required the US G-SIBs to complete and submit the self assessment questionnaire by July 2013.
► Both the BCBS and the US regulators have set expectations that the G-SIBs comply with The Principles by January 2016.
The Principles:
► There are 14 principles which heighten expectations for effective risk reporting to the board, internal management and regulators
in order to facilitate Senior Management and Board accountability for risk management during stress/crisis conditions during and
business as usual.
► The Principles raise expectations for risk data and reporting process and controls to be similar in nature to those of financial data.
Part 3:
Implement
Full compliance
required
(January 2016)
Submit BCBS questionnaire
(July 2013)
Regulatory deadlines:
Part 2: Conduct
detailed planning
Part 1: Perform
BCBS self-
assessment
Part 4: Sustain
Timeline
Regulators
Banks
1. Governance
2. Data architecture and IT
infrastructure
II. Risk data aggregation
3. Accuracy and integrity
4. Completeness
5. Timeliness
6. Adaptability
III. Risk reporting practices
7. Accuracy
8. Comprehensiveness
9. Clarity
10. Frequency
11. Distribution
IV. Supervisory review &
tools
12. Review
13. Remedial actions &
supervisory measures
14. Home / host cooperation
Regulatory
Actions
I. Governance & Infrastructure

Sample Approach
Inputs Process Outputs
Step 2: Draft approach and schedule workshops Establish the
sequence of activities and set expectations for engagement for the
subsequent steps. Schedule workshops with key stakeholders
Step 3: Review in-flight programs that are designated to support the
target and obtain confirmation on high level data management
priorities
Step 1: Kick off project Mobilize project team and identify key Global
banking and financial services company stakeholders from the
enterprise office, lines of business IT as well as owners of key
systems, data owners, process owners as needed
Example Business Drivers*
Refined Approach
Global banking and financial services
company Organizational Structure
Initial workshop schedule
Step 4: Hold workshops Propose and agree on business drivers for data
management with key stakeholders. Identify initiatives that could
be used to test and support the case for data management
The Business Drivers
WP01: Kick-off Deck
Key take-away: Business drivers must be identified and established by reviewing in-flight data management programs, existing
initiatives and establishing the data management priorities.

The team used the stated business drivers and current state assessment output to determine key capabilities that are part of a mature Data Quality and
Assurance framework. The capabilities listed below are categorized into five target state areas.
► Full scope of policies and
standards not promulgated
enterprise wide
► Inconsistent measurement
and monitoring of
compliance
► Individuals not identified for
full range of roles and
responsibilities
► Consistent execution of data
quality assessment not in
place
► Data remediation and
change management
processes not
standardized/well defined
► Lack of maintained,
enterprise wide business
glossary
► Full range of authoritative
sources of data not identified
and defined
► Immature, non-integrated
application of
master/reference data (e.g.,
client, product, location)
► Inconsistent, inflexible
reporting and analytics
capability
► Data management not
integrated within Software
Development Life Cycle
Data
sourcing and
usage
Governance
Process
integration
1. Prioritize data domains (master / reference data, transactional data,
and derived data)
2. Identify certified data sources by domain
3. Develop plan for transitioning to certified data sources
4. Develop plan to enhance analytics and reporting infrastructure using
additional authorized sources
5. Develop plan to adopt enterprise wide Business Intelligence
framework
Target Area Actions
Key Capability Recommendations
Current State Challenges
1. Establish data management metrics
2. Setup data governance committee structures and formalize
expectations for local (e.g., LOB) data governance
1. Incorporate defined and approved data management requirements
gathering process into the SDLC process
2. Incorporate data governance approvals (e.g., BRD sign-off) into
existing delivery tollgates
Organization
1. Establish Data Management roles and responsibilities (e.g.,
Business Process Owner, Data Steward, Data Custodian)
2. Establish and formalize data domains
Business Drivers
► Improve client interaction
360 view of client,
Know client preferences
► Integrated relationship
management
Single version of truth
► Client segmentation
Optimize product mix
and pricing
► Financial, management
and regulatory reporting
Accurate, timely and
consistent data,
Self-service reporting
► Business insights
Cross-LOB analysis,
Forecasting,
New revenue streams
► Manage client exposure
Share risk profiles,
Monitor client behavior
► Manage risk
Monitor capital adequacy,
Regulatory compliance,
Reduce operational risk
Perfect client experience
Reporting and analytics
Risk management
Policies,
Standards
and
Processes
1. Establish policies to define all key accountabilities, starting with
Data Quality and Assurance
2. Establish measurable enterprise wide data governance standards
that define minimum compliance requirements
3. Develop consistent, integrated data processes for use across the
enterprise
A
C
B
D
E
Target State Capabilities Summary
1 2 3

Improve client interaction
Make client interactions more productive for CONSULTANT COMPANY and engaging
for the client
Communication channel
► Identify the communication channel most preferable for clients to reduce communication fatigue
► Enhance client self-service experience
Client experience
► Generate 360º view of the client
► Define the type of interactions with the client that deliver most value in the eyes of the client
► Track client product preferences from past experiences
► Resolve issues with quick turnaround by performing faster root cause analysis
Integrated relationship mgmt.
Identify products in different lines of business that can be sold to existing
CONSULTANT COMPANY clients
Single version of truth
► Create a comprehensive view of the client across all LOBs consisting of attributes like risk, exposure, profitability and price sensitivity to
optimize offers
Product effectiveness
► Understand product bundling and value propositions from the client’s point of view (additional revenue potential)
► Determine effectiveness of sold products to tweak future product offerings
► Optimize how funding should be allocated across LOBs to achieve the ideal mix of products for increased profitability
Segment clients efficiently
Identify client characteristics to match them to the right product offerings and increase
profitability
Product mix
► Segment the market intelligently by defining the ideal mix of product offerings for each segment (additional revenue potential)
► Identify the most valuable clients and allocate additional funds for products, marketing and client service for them
► Rebalance client segments regularly to reflect changing client preferences and demographics
Pricing
► Determine optimal pricing for each client segment and target by branding products appropriately (additional revenue potential)
Example Business Driver
Perfect Client Experience

Financial, management and
regulatory reporting1
Create accurate reports with quick turnaround for internal and external consumption
Accuracy and timeliness
► Deliver financial and regulatory reports to government authorities on time using data that is accurate, certified, trusted and authorized; and cut costs by
avoiding rework
► Reduce manual processing while generating reports to reduce the probability of errors; provide consistent and common business terminology so that
business requirements can be translated to technical requirements accurately
Usage
► Enable self-service report creation capabilities by publishing specifications for data providers that are certified, trusted and authorized
► Create business friendly querying and reporting platform to enable self-service for all users
► Provide capabilities able to report out in the form of charts, graphs, scorecards, metrics and dashboards, and create the ability to aggregate, drill down or
drill through these reports
Consistency across reports
► Ensure different reports are consistent with others e.g., regulatory reports like FR Y-9C with CCAR and FFIEC 101, financial reports like 10-K with the GL
Fit for purpose
► Optimize data infrastructure to align with business needs e.g., data for monthly reports doesn’t need to be refreshed daily; focus areas could be accuracy,
timeliness, availability
Requirement changes
► Enable quick adaptability to changing business requirements by adopting more flexible development methodologies
Business insights2
Answer questions about business performance after analyzing data from multiple
sources
Business insight (sample questions)
► Perform analysis of products across LOBs to determine profitability (additional revenue potential)
► Analyze patterns to identify fraud
► Utilize complaints information to effective identify root causes of dissatisfaction
► Perform loss forecasting at a corporate level − balancing interactions between LOBs
► Compare business KPI trends with forecasts and analyze root cause for differences
1Helps reduce compliance risk 2Helps mitigate strategic risk
Reporting and Analytics

Manage client exposure Consistently measure and manage client exposure across all LOBs in a unified manner
Share3 client profile
► Develop and maintain a consistent view of client credit profile and risk that can be used for all products across different LOBs
► Share3 client risk profiles across different LOBs
Continuous monitoring
► Continuously monitor internal and external data to minimize exposure
► Monitor client profiles to detect potential fraud
► Monitor client payment behavior over time and update risk profile
Manage risk Measure market, credit and liquidity risk across all LOBs
Share3 risk data
► Leveraging common or complementary risk variables across product lines or LOBs (e.g., consumer borrowing in country and out of country) to capture full
risk exposure
Mitigate risk
► Align capital adequacy reserves to legal and tolerated exposures
► Balance potential losses according to regulatory requirements, market conditions, risk tolerance and bank strategies
► Diversify assets in the balance sheet to reduce risk and align risks and reserves
Reduce operational risk
Reduce risk from operations in the bank by automating business processes and thus
reducing errors
Business processes
► Develop ways to measure errors in existing business processes and enable LOBs to proactively mitigate risk
► Assign appropriate SLA’s to business processes
► Automate business processes and develop contingency plans
Data life cycle
► Develop controls over production, transmission and consumption of data across the enterprise
3Share taking into account relevant privacy laws
Risk Management

Assess Current State
► Its helpful to know where a client is - in order to help them determine what they need to do - to get where they want to be.
► Understanding your client’s drivers and their current state will allow you to deliver a high quality offering and align the target state to
their overall vision.
Business Benefits
► Several assessment models are highlighted in this chapter and clients may be inclined to use one over another. The same approach
can be used regardless of the model chosen.
Chapter Guidance
► Many organizations perform an assessment to baseline the capabilities and some conduct follow-up assessments to highlight
progress and compare against industry averages.
► An assessment doesn’t need to be done against an industry benchmark, but it helps. Using a benchmark, like CMMI’s Data
Management Maturity Model (DMM) or EDMCs DCAM, allows the client to benchmark themselves against peers and provides a
standard set of questions to improve the thoroughness and quality of the assessment.
Industry Trends
► George Suskalo
► Michael Krause
► Christopher Miliffe
Key Contacts
► The objective of this activity is to understand and document the current state of the institution’s data management capabilities. This is
done in order to identify gaps between current state and the desired target state.
Definition
► Rob Perkins
► Sri Santhanam
► Milena Gacheva
► John Gantner

Assess Current State
Sample Approach
Key take-away: Holding a workshop based assessment of selected data maturity model components will determine the current
maturity level, establish the guiding principles and set target maturity levels for data management
Step 2: Conduct assessment workshops with key stakeholders to determine
current state maturity depth and perform a skills assessment to answer
questions and assign a maturity score
Step 3: Develop guiding principles and target state maturity based on the
business drivers and the current state, develop guiding principles of how
firm wide data management will operate. Determine the desired firm
target maturity score for each component assessed.
Step 1: Select components to assess based on the business drivers
Current data maturity score results
Target state maturity score
with guiding principles
Step 4: Validate targets with stakeholders Hold final workshops to validate
guiding principles and target maturity scores
Our Assessment methodology *
Business Drivers
* See appendix for more detail on this accelerator
WP: Assessment Results
and Target State

Define assessment model
When to perform a DMM assessment
1. Strategic Audit – when the Audit function has identified a need to develop
a data management strategy
2. MRA/MRIA/Consent Order – when the organization has significant data
management issues to be prioritized
3. Initial Data Management Strategy – when the organization recognizes the
need to develop a data management strategy
4. CDO Performance 1 – when the Board of Directors plans to objectively
measure performance of the Chief Data Officer (CDO); step 1 is establish
is establish the baseline
5. CDO hired – when a Chief Data Officer (CDO) has been hired and is
charged with developing a data management strategy
6. Data Management Strategy check up – when the current data
management strategy progress is evaluated as an input to a revised data
revised data management strategy.
7. Merger or Acquisition – understanding data management maturity of an
organization that will introduce its data into the enterprise information
information supply chain
8. CDO Performance 2 – when the Board of Directors objectively measures
CDO performance; comparing results to step 1
9. BCBS 239 – when the Board of Directors or CDO require a third party data
management assessment to support BCBS 239 Principle 1
10. EDM Audit – when the Audit function plans to conduct an audit of the
enterprise data management (EDM) function
11. Maturity Progress Report – when it is appropriate for the organization to
evaluate its data management maturity progress
Events when performing a DMM assessment provides beneficial insight:
Audit
Appraisal
Assessment
3 9
1 2 4 5 6 8 11
Strategic
Audit
CDO Performance Measurement
Initial
Data Management
Strategy
Regulatory
response
BCBS 239
Data Management
Assessment
Data Management
Strategy
Check up
EDM
Audit
Newly hired
Chief Data Officer
10
7
Merger or Acquisition
An assessment is beneficial at specific events in an organization’s maturity lifecycle

Define assessment model
Assessment model inventory
The primary data standards are developed by these organizations. CONSULTANT COMPANY has built a relationship with CMMI and
leverages this assessment model for client current state assessments. The other assessment models may be used by financial services
clients.
Assessment (Present) Appraisal (Emerging) Certification (Future)
Projects
• Data management strategy
• Data governance strategy
• Data management performance
• Data management audit
• Data management audit
• Data management certification
Audience
• Less mature organization starting its data
management journey
• More mature organization already
practicing structured data management
• Mature organization seeking quantifiable
certification of maturity
Benefits and
Objectives
• Key stakeholders start a serious discussion
about data
• Develop a common language and
understanding about data management
• Identify data management strengths and
weaknesses
• Establish a baseline to measure growth
• Envision a future state capability
• Develop a roadmap to achieve that future
state
weaknesses
• Identify risks to achieve specific data
management objectives
• Evaluate progress toward specific data
• Update a roadmap for future state data
management capabilities
• Establish remediation plans to manage
risks or identified data management issues
• Establish organizational maturity rating
weaknesses
• Identify risks to achieve specific data
• Evaluate progress toward specific data
• Update a roadmap for future state data
• Establish remediation plans to manage
risks or identified data management issues
Method and
Evidence
• Workshops and interviews
• Summary self assessment questionnaire
• Anecdotal evidence and affirmations
• Group consensus
• Detailed self assessment questionnaires
• Inspection of physical evidence and
functional performance
• Process performance affirmations
• Detailed self assessment questionnaires
• Inspection of physical evidence and
functional performance
• Process performance affirmations
Output
• Pain points, practice gaps, good practices,
findings
• Process capability scores
• Self-assessment of organization-wide
process capability scores / Maturity Rating
• Pain points, function and artifact gaps,
good practices, findings
• Function and Process capability scores
• Evidence based organization-wide process
capability scores / Maturity Rating
• Pain points, function and artifact gaps,
good practices, findings
• Function and Process capability scores
• Evidence based organization-wide process
capability scores / Maturity Rating
Participants
• CDO, LOB Data Leads, Risk, Finance,
Compliance, and other Data Leads,
Information architect, IT Lead
• Stewards, architects, developers, users,
project managers
• Stewards, architects, developers, users,
project managers

Select data management assessment model
clients.
DMM 1.0 (2014) DM BOK 1st Ed. (2009)
DCAM 1.1 (2015) Analytics Maturity Model (2014)
Big Data Maturity Model (2013)
CONSULTANT COMPANY preferred
methodology
An industry standard
capability framework of
leading data management
practices with an
assessment and
benchmarking capability
geared toward strategy
development, governance
design, and operational
maturity
Leading DM practices gear
toward data governance,
data management
implementation, and
operations within specific
architectural and technical
contexts
A capability framework of
leading practices with basic
self assessment questions
geared toward data
management strategy
development and operation
The models provide the big
picture of analytics and big
data programs, where they
need to go, and where you
should focus attention to
create value

Select data management assessment model
clients.
Category
CMMI
DMM 1.0 2014
EDM Council
DCAM 1.1 2015
DAMA
DM BOK 1st Ed. 2009
BCBS 239
Principles for RDA 2013
Summary The DMM is an industry
standard capability
framework of leading data
management practices with
an assessment and
benchmarking capability
geared toward strategy
development, governance
design, and operational
maturity. (est. 2009)
The DCAM is a capability
framework of leading practices
with basic self assessment
questions geared toward data
management strategy
development and operation.
(est. 2013)
Leading data management
practices geared toward data
governance, data management
implementation, and operations
within specific architectural and
technical contexts. Note: DAMA
is collaborating with CMMI on
DM BOK 2nd Ed. (est. 2004)
The BCBS 239 Principles for risk data
aggregation is not a framework but is listed here
due to industry interest. It contains many
principles for data management. The alignment
below is high level; actual overlap is broader
and more complex. (est. 2013)
Measurement
capability
Objective behavior oriented
measurement capability for
performance, scope, and
meaning based on 30+ year
history of maturity rating
Artifact oriented measurement
capability; performance, scope
and meaning are open to
interpretation. Measurement
model is in beta test
Measurement capability is
proprietary per consultant
Measurement capability is subjective and open
to interpretation in scope, meaning, and
performance
Depth Pages: ~232
Categories: 6
Process Areas: 25
Infrastructure Support: 15
Measured Statements: 414
Considered Artifacts: 500+
Pages: 56
Core Components: 8
Capability Objectives: 15
Capabilities: 37
Sub capabilities: 115
Measured Statements:110
Pages: 430+
Functions: 10
Environmental Elements: 7
Concepts and Activities: 113
Artifacts: 80+
Pages: 28
Principles: 11 + 3 for supervisors
Questions 2013: 87
Questions 2014: 35
Requirements (CONSULTANT COMPANY
Identified): 108
Support Practitioner training and
multi-level certification:
EDME
Training and certification in
development
Practitioner training and
certification: CDMP
N/A
Rating mechanism CMMI sanctioned rating
mechanism available
Element 22 / Pellustro provides
a commercial rating solution
No standardized rating
mechanism
Proprietary rating systems exist, leveraging
BCBS 268
DMM and DCAM enable/align with BCBS 235

What is it?
► The DMM is a cross sector peer reviewed
industry standard framework that describes
leading data management practices that
includes a diagnostic tool to identify gaps in a
firm’s practices and a benchmark measurement
that shows how firms compare to their peers
How does it work?
► The model measures two dimensions to
determine actual maturity.
► First is the organization’s level of capability in 25
Process Areas depicted top right.
► Next is the repeatability and sustainability for
each of those process areas based on the level
of practice maturity and scope as depicted
bottom right.
► For example: Data Quality Strategy contains 5
levels of capability, each of which may be
performed at one of the 5 levels of maturity; the
intersection defines organizational maturity, as
shown to the right.
What are the benefits of assessment?
► Establish a common understanding and
language about data management
► Stimulate conversations about the condition of
data quality and data management
► Quantify data management strengths and
weaknesses to be managed and organizational
change themes to champion
► Alignment of data management initiatives that
enhance performance toward critical
business objectives
The Data Management Maturity (DMM) Model
The DMM is the industry standard tool for benchmarking data management capability
Content excerpted from the Data Management Maturity Model version 1.0, CMMI Institute © 2014
Capability
5 3 4 5
4 3 4 4
3 2 3 3 3
2 1 2 2
1 1 1
1 2 3 4 5
Scope
Level Data Management Maturity Definition
1 Performed
Reactive or partial data management performed
informally (inconsistent) at the local/business unit level
2 Managed
Processes are defined and documented but performed
at the business unit level on a sporadic basis
3 Defined
Processes are defined, managed and orderly with
implementation consistently applied at the
organizational level
4 Measured
Processes are structured, aligned, adopted and
traceable with consistent measurement analytics at the
organizational level
5 Optimized
Processes are managed on a continuous basis and
advocated at the executive management level
Process Area Maturity Levels
Organizational Maturity Level

Conduct DMM Assessment
Approach for DMM
A maturity model provides an objective view of the current state of data practices:
► Used to measure the maturity of the data management discipline within an organization
► Identifies the gaps against a leading practices for the data
► Helps identify where the an organization is relative to it’s peers or competitors
► Used as input to form a roadmap to a target state
It is comprised of three major components and is based upon the CMMI DMM
The DMM is widely adopted by the financial services industry
DMM Assessment
2 DMM Scorecard
3
DMM Framework
1
The DMM Assessment approach is comprised of three stages including the initial start-up, requiring understanding of the DMM
Framework industry standard; application of the framework to client specific capabilities through workshops and assessment; and
lastly, the scorecard to visually represent industry vs. current state vs. future state If requested by the client.

Key Outputs
The objective of the execution steps is to determine and analyze the current maturity level for the organization based on assessment of selected
data management capability model components.
Deliver assessment introduction / education
Input Process Output
Step 1.1: Conduct walkthrough of the assessment
components, how to use the scoring template
Execute assessment questionnaires
Step 2.1: Distribute assessment questionnaires to
participants and request self-scoring
Execute assessment workshops (review questionnaires)
Step 3.1: In workshops, conduct a walkthrough of each
assessment area and discuss the current score, evidence
that supports it and a target score
Step 3.2: Identify with the core team and stakeholders
common themes and pain-points emerging to develop
initial prioritization areas
Identify practice strengths and gaps and other current
state findings*
Step 4.1: Identify areas where existing practices can be
adopted and those where capabilities are lagging
peers/expectations
1
2
3
4
Analyze results and prepare assessment report
Step 5.1: Collect, compile and consolidate assessment
scores into final scoring template to formulate preliminary
results
Step 5.2: Produce preliminary results for reviewing and
validation with core team and key stakeholders
5
Data management capability
assessment
* The scope may include a current state evaluation of information architecture, data usage, master data, analytics,
data integration or other specific implementations over and above governance and management practices.
Step 1.2: Educate participants on how to apply the
business drivers and scope to the scoring template
Assessment kick off materials
Refined assessment questionnaire
Assessment report template
Preliminary current state assessment for
each process area
In-flight initiatives
In-flight initiatives aligned to data

Industry Standard
Maturity model
Firm Specific
Implementation
► The DMM can be used as a check list to make sure a data management program is complete
► The DMM can be used to help establish and prioritize a data management or data governance roadmap
► The DMM can be used as a tool to measure data management capability development and organizational maturity
Measure
DMM Model
Data Management
Program
Guidance
DMM Assessment
Platform
Architecture
Business
Glossary
Data Quality
Rules
Data Lineage
Authoritative
Sources
Control
Quality
Data
Trustworthy,
Reliable
and
Fit
For
Purpose
Internal Audit
measures compliance to the DG
Program.
Supporting EDM Programs
The DMM provides guidance defining program components

Continued assessment to track progress
Data Management Strategy
Data
Governance
Data Quality
Data Operation
Platform and
Architecture
Supporting Process
Data
Governance
Data Quality
Data Operation
Platform and
Architecture
Supporting Process
Data Operation
Data
Governance
Data Quality
Platform and
Architecture
Supporting Process
Data
Governance
Data Quality
Data Operation
Platform and
Architecture
Supporting Process

Develop Roadmap
► A roadmap clearly states the objectivism, activities, timelines and success criteria for achieving the target state in a way that can be
easily tracked against. This is beneficial for communicating progress upward or enforcing responsibility downward.
► The communication plan typically accompanies a roadmap and provides a step by step guide for achieving acceptance by the
organization and adoption of the program.
Business Benefits
► Once an organization performs an assessment and understands the current state and target state, the capabilities to achieve the
target state are mapped out and assigned. This chapter provides guidance and an example of a 30-60-90 day plan, but additional
detailed roadmaps that have been developed for other clients can be found in the KCONSULTANT COMPANY.
Chapter Guidance
► A roadmap has become standard practice for data management activities and is the next logical step after receiving maturity
assessment results. This provides the ‘next steps’ that make a program actionable.
► Communication early and often of the program’s status will provide transparency and drive adoption through the organization.
Standardized progress monitoring will keep involved parties accountable and drive the project forward.
Industry Trends
► Mark Carson
► Shobhan Dutta
► Lisa Cook
► Ryan Duffy
Key Contacts
► A roadmap is a structured plan with multiple layers and milestones that defines the path forward on an initiative, project, or program for
moving the organization’s activities from a current state to an agreed-upon future state.
► A roadmap prioritizes and sequences a set of required initiatives (projects) into a larger program.
Definition

Develop roadmap to target state
Sample Approach
A client roadmap will assist in strategically structuring the roll out of enterprise data management (e.g., critical data, data quality,
data sourcing, metadata, etc.) that align with short term and long term objectives. In some cases, an associated communication
strategy will be developed to socialize the plan to support the business strategy of the bank to stakeholders.
Process Outputs
Step 2: Develop high level roadmap that includes assigning roles
for each domain, establishing the policies and standards,
establishing the governance committees, and
operationalizing the data quality. data sourcing and metadata
capabilities.
Step 3: Develop a communication plan and create the
stakeholder socialization package that describes the
approach and supporting operating models aligned to the
foundational capabilities, and the high-level roadmap
Step 1: Prioritize capability gaps based on logical sequencing, risk
management and business priorities, and after discussing
with project leadership for subsequent phases of the project
High-level roadmap and
project plan
Executive level
presentation
Duration: 2 - 5 weeks
Resources: Assessment & stakeholder team of 3-5 resources
Inputs
Current data maturity score results
Target state maturity score
with guiding principles
Step 4: Socialize roadmap with stakeholders for alignment of
efforts and messaging

Assess current state and define target state
roadmap
► The objective of this activity is to establish a baseline of current state and identify dimensions that may
require change. The change required in each of the current state assessments vary but often include a
desire to improve business performance, gain competitive advantage, or meet regulatory requirements
► A defined criteria and rating scale is used to evaluate a client's current state based on various
dimensions/assessment topics. This activity typically takes 3-4 weeks, but may vary.
Current State
► The objective of this activity is to help the client understand the options for their future state and
evaluate and select the most suitable future state based on the client’s vision and strategic objectives.
► This activity typically takes 1-3 weeks but could take longer depending number of future state options
and whether recommended future state will be provide based on the scope of the project
► Managing the scope and considering the future state options that are in alignment with client
expectations are two key things that are important in this stage.
Target State
► A roadmap is a structured plan with multiple layers and milestones that defines the path forward on an
initiative, project, or program for moving the organization’s activities from a current state to an agreed-
upon future state.
► Depending on the duration of this stage, the roadmap could be a light version or detailed version
roadmap.
► For short term assessment projects, a lighter version of the roadmap template is more suitable. For
medium to long term assessment projects where the client could consider CONSULTANT COMPANY
for future state implementation, a detailed version of the roadmap template should be used.
Roadmap

Key Outputs
A key component of successful roadmap rollout is communication and transparency. Socialization and customization of messaging
is imperative. Depending on the level of complexity and integration, clients may request corresponding resource and interaction
models.
(A) Identify initiatives that will achieve
target state capabilities
• Existing projects
• New projects
(B) Prioritize and sequence projects
into a remediation plan with steps
needed to achieve business benefits
(C) Recommend monitoring
progress against functional
principles by tracking project status
Sample
outputs

Example roadmap
A key component of successful roadmap rollout is communication and transparency. Socialization and customization of messaging
is imperative. Depending on the level of complexity and integration, clients may request corresponding resource and interaction
models.

Roadmap & Communication Plan
Example 30-60-90 day plan
Due to regulatory mandates and internal goals, CONSULTANT COMPANY should begin to implement the EDO and robust Data Management practices across
domains and the enterprise as soon as possible. To initiate this process, CONSULTANT COMPANY must execute on key activities in 30-, 60- and 90-day
timeframes and carry out a robust Communication Plan to accomplish the organization's Data Management goals. The information below describes how to
interpret the 30-60-90 Day Plan and Communication Plan.
Overview
► The 30-60-90 Day Plan and Communication Plan should be used as a “checklist”/guidelines and key activities to be carried out and the communication strategy
required to enable successful execution of EDO goals and objectives, respectively.
► As both plans will involve constant coordination with executives and domain stakeholders, the plans will serve as high-level frameworks that will need to be
tailored specifically to domains depending on the stakeholders, data involved, etc.
► The 30-60-90 Day Plan includes iterative activities based on identification of domain roles and responsibilities. These activities are noted on subsequent slides.
► Example: as stakeholders/groups continue to be identified, domain roles and responsibilities will continue to be assigned and the EDO will continue to
host meetings and execute the Communication Plan.
► The 30-60-90 Day Plan will be updated to include the next steps toward implementing the high-level roadmap until roles and responsibilities are assigned for all
domains.
► Based on the current high-level roadmap, domains will begin reporting on EDO compliance metrics to track progress on alignment with the EDO strategy
beginning in Q3 2014.
► Regulator checkpoints are currently scheduled quarterly.
30-60-90 Day Plan − Initial Phases
► 30-day plan − activities mainly include identification of and communication with executives, as well as, development of policies, standards, processes and
compliance metrics. EDO communication will be ongoing.
► 60-day plan − activities mainly include EDO-domain coordination and planning, as well as, ongoing communication and continued development of
policies, standards, processes and compliance metrics.
► 90-day plan − activities mainly include ongoing communication and planning, as well as, the beginning of execution of initiatives and development and
implementation of process and standards.
Communication Plan
► The Communication Plan will be leveraged throughout the 30-, 60- and 90-day timeframes and implementation of the high-level roadmap to communicate roles
and responsibilities, goals and objectives, expectations, progress, changes and more to key stakeholders.
► The Communication Plan includes a sequence of communications types (e.g., email, executive meetings) in a logical order by audience, with associated
frequencies, to kick-start the 30-60-90 Day Plan and high-level roadmap. The Communication Plan will need to be tailored to different domains while supporting
materials will need to be tailored to the appropriate audience (e.g., executives, Data Stewards).

# Key Activities Description Enablers
1*
Continue identifying
stakeholders/ impacted groups
Continue the process of identifying and creating a list of key stakeholders/groups across the
domains/enterprise that will help execute EDO goals and objectives.
► List of domains
► LOB organizational structures
2*
Continue
determining/assigning roles &
responsibilities
Utilizing the inventory of key executives/groups, continue to assign stakeholders to important
roles and responsibilities (e.g., Business Process Owner, Data Steward, Data Custodian)
considering current roles and alignment.
► List of stakeholders/groups
► List of domain roles &
responsibilities
3
Finalize DQA, change & issue
management policies
Seek approval of the Policy team to finalize the Data Quality & Assurance, Change
Management, Issue Management, EDWE policies and standards.
► Policy team input/approval
4
Begin development of
additional policies & standards
(master data, metadata, SLA)
Begin development of additional EDO policies and standards documents, including Master
Data, Metadata and SLAs, consistent with existing policies and standards that apply to the
EDO’s goals and objectives.
► Policies and standards (for
consistency)
5*
Develop Communication Plan
strategy and schedule
meetings
Develop strategy to approach impacted executives/groups, create timeline of important
meetings/communications and schedule meetings with executives/stakeholders (see
Communication Plan guidelines/milestones).
► List of domain roles &
responsibilities
6*
Develop Communication Plan
materials
Develop materials for Communication Plan meetings with executives, Business Process
Owners, Data Stewards, etc. with appropriate content explaining the goals, responsibilities and
expectations, tailored appropriately to the target audience.
► Communication Plan
► Communication calendar
7
Execute Communication Plan
with Executives (will continue
into other periods)
Conduct meetings with executives/stakeholders across the enterprise to understand goals and
objectives, roles and responsibilities, timeline and expectations (see Communication Plan
guidelines/milestones).
► Communication materials
8
Schedule/develop materials for
regulatory/executive updates (if
applicable)
Schedule meetings with and develop materials for updates with regulators and executives with
the objectives of communicating progress, the final design and capabilities of the EDO and its
scope, relevant policies and standards, and more.
with assigned responsibilities
► Policies and standards
9
Meet with
regulators/executives (if
applicable)
Provide regulators and CONSULTANT COMPANY executives with updates on the initial design
and capabilities of the EDO, as well as, its scope, progress to date and relevant policies and
standards. Adjust/update accordingly, per regulatory and internal feedback, and communicate
outcomes across the enterprise, as needed.
► Regulator/executive meeting
schedule
► Regulatory/executive update
materials
10
Update EDO leadership/
executives
With initial identification and communication activities completed, conduct comprehensive
update meetings with the CDO, Enterprise Risk Manager and CRO (if necessary) to
communicate progress, any issues, updated estimates (e.g., time, budget, resources), and
more.
► Minutes/summaries from
regulator/executive meetings
► Progress/estimate updates
Identify & Communicate
* Iterative activities based on identification of domain roles and responsibilities
Example 30 day plan

Coordinate & Plan
1
Execute Communication
Plan with executives
(continued throughout)
Continue to conduct meetings with executives/stakeholders across the enterprise to understand goals and
objectives, roles and responsibilities, timeline and expectations (see Communication Plan
guidelines/milestones).
► Communication materials
2*
Begin to develop
implementation/ execution
plans (domains)
Business Process Owners begin to identify team members related to their domain data. Domains begin to
digest information conveyed in the Communication Plan and start the process of developing
implementation/execution plans that align with the goals, objectives and timelines of the EDO, including
roles and responsibilities, which will be carried out over the next several quarters.
► Communication Plan/other
EDO materials
► Domain roles/resp.
3*
Schedule checkpoints with
stakeholders/groups
Create comprehensive calendar with executive checkpoints with the objectives of coordinating efforts,
monitoring progress, managing change and maintaining an open dialogue. Determine which EDO resources
will cover which meetings, as well as, the type of documentation needed by the EDO and stakeholders.
► EDO program plan
4*
Prepare materials for
checkpoints
Prepare materials and relevant documentation appropriate for the meetings, including updates on other
efforts underway (e.g., in-flight initiatives, progress by other domains).
► Executive update schedule
► Coverage by EDO
5
Conduct checkpoints with
executives
Conduct executive update meetings on the initiative as a whole and solicit information on progress of the
relevant domains. Review and provide initial feedback on implementation plans presented by stakeholders/
groups and finalize plans for coordination of work effort. Address issues and remediation activities, as
needed.
► Executive update materials
6*
Communicate follow
ups/execute takeaways
Review materials, progress updates, and implementation plans provided by executives and provide
feedback/solicit action, as necessary. As they are resolved, close out any EDO-responsible action items and
communicate the results of the meetings to EDO and Risk leadership.
► Executive update materials/
minutes/action items
7*
Incorporate relevant
information into plans
Based on the executive update meetings, incorporate feedback/updates into overall program plan to track
progress/information.
► Executive progress updates
► Program plan
8
Internally finalize additional
policies & standards (master
data, metadata, SLA)
Finalize Master Data, Metadata and SLA policies and standards and seek approval of the documents from
Policy team.
► Policies and standards (for
consistency)
9*
Begin to promulgate policies
& standards**
Begin to promulgate approved policies and standards to relevant stakeholders.
** This should be done before execution of the Communication Plan such that stakeholders have ample time
to read and understand the policies and formulate strategies to comply.
with assigned responsibilities
10
Begin DQA, change & issue
management process
development (appl. domains)
Begin to develop the standards and processes for Data Quality & Assurance, change management and
issue management, as appropriate.
► List of KDEs/EDAs/CDSs
11
Update EDO leadership/
executives
Conduct comprehensive update meetings with the CDO, Enterprise Risk Manager and CRO (if necessary)
to communicate progress, any issues, updated estimates (e.g., time, budget, resources), and more.
► Minutes/summaries from
executive meetings
Example 60 day plan

1* Prepare materials for checkpoints
Prepare materials and relevant documentation appropriate for the meetings, including updates on
other efforts underway (e.g., in-flight initiatives, progress by other domains).
► Coverage by EDO
2*
Continue checkpoints with
stakeholders/groups
Continue to facilitate adoption of the EDO strategy by conducting meetings with stakeholders from
LOBs/domains.
► EDO program plan
3*
Continue to develop implementation/
execution plans (domains)
Business Process Owners continue to identify team members related to the domain data. Domains
continue to develop implementation/execution plans that align with the goals, objectives and
timelines of the EDO, including roles and responsibilities, which will be carried out over the next
several quarters.
► Communication Plan/other
EDO materials
► Domain roles/resp.
4 Update EDO leadership/ executives
Conduct comprehensive update meetings with the CDO, Enterprise Risk Manager and CRO (if
necessary) to communicate progress, any issues, updated estimates (e.g., time, budget, resources),
and more.
► Summaries from exec
meetings
5
Disseminate/integrate lessons
learned
Based on progress to date, aggregate and communicate any lessons learned to applicable
stakeholders to ensure consistency of implementation and avoid repeat issues.
► Program progress updates
6*
Begin identifying KDEs, EDAs and
CDSs; defining business rules
requirements and thresholds; and
registering data attributes (domains
that have adopted policies)
For domains that have adopted policies and standards, identify KDEs, tier 2 and 3 data elements,
EDAs and CDSs critical to each domain (e.g., master data, metadata) collaboratively between the
EDO and stakeholders/domains. Develop rules to meet the needs of the business and ensure DQ;
define requirements for data (e.g., master data and metadata requirements). Define thresholds for
DQ. Register the various attributes and characteristics of data elements.
► List of data elements
► List of systems/data
sources
7
Continue DQA, change & issue
management process development
(domains that have adopted policies)
Continue to develop the standards and processes for Data Quality & Assurance, change
management and issue management, as appropriate.
8
Begin data sourcing and provisioning
standard and process development
(domains) that have adopted policies
Begin to develop the standards and processes for EDWE, master data, metadata, and SLAs, as
appropriate.
9 Update EDO leadership/ executives
Conduct comprehensive update meetings with the CDO, Enterprise Risk Manager and CRO (if
necessary) to communicate progress, any issues, updated estimates (e.g., time, budget, resources),
and more.
► Progress by domains/
estimate updates
Begin to Execute/Implement
Update and adjust the 30-69-90 Day Plan monthly and create a new 90-day plan based on progress to date. As 30-, 60- and 90-day plans are executed,
continue executing/implementing the roadmap with a high-level of coordination between the EDO and domains/stakeholders. Refer to the roadmap for more
information of future activities.
* Iterative activities based on identification of domain roles and responsibilities with target completion before Q4 2014.
Example 90 day plan

Below is a high-level framework that can be leveraged by the EDO to create more detailed/domain-specific Communication Plans.
# Audience
Communicati
on Method
Description Communication Items / Agenda
Frequency of
Communication
1 Executives Meetings
Schedule and conduct meetings with the
Enterprise Risk Manager, CRO and other
executives (as appropriate)
► EDO objectives
► Prioritization
► Buy-in
As needed
2
All
stakeholders
Email
Send mass-communication to all
stakeholders/groups (request that they forward
to members of their teams, as necessary)
► Goals and objectives of the EDO, as well as, the catalyst(s) for its creation (e.g., CCAR, data management requirements, EDMC
assessment)
► EDO leadership, alignment and where it fits within the organization and contacts, as well as, details on prior executive meetings/buy-
in and priorities (see above)
► Overall timeline for implementation across the enterprise
► Next steps, including the timeframe in which the EDO will schedule initial meetings with individual stakeholders/groups
Once
3
All
stakeholders
Email
Provide all stakeholders/groups with the links to
relevant policy and standards documents
► Policies / standards Once
4
Business
Process
Owners
(BPOs)
Meetings (by
domain)
Schedule and conduct meeting with Business
Process Owners by domain (include multiple
Business Process Owners in meetings, when
possible)
► EDO goals, objectives and timelines, as well as, business drivers and summary of prior executive meetings/buy-in and priorities
► Overview of the data domain (e.g., business processes and requirements, in-flight initiatives, roles and responsibilities) and business
process/data management pain points
► Initial thoughts on implementation/steps to be taken to comply with policies (requires future communication/meetings)
► Next steps (e.g., communication with other stakeholders, communication with Business Process Owners going forward)
Bi-weekly to
monthly
5
Data
Stewards /
Data
Custodians
Meetings (by
domain)
Schedule and conduct meeting with Data
Stewards and Data Custodians by domain
(include multiple stakeholders in meetings, when
possible)
► EDO goals, objectives and timelines
► Summary of discussion with executives and Business Process Owner and relevant information (e.g., responsibilities, data
management areas of focus)
► Further discussion of data domain (e.g., processes, in-flight initiatives, roles and responsibilities) and data management pain points
with respect to overall data quality
► Implementation plans and path to compliance with policies (e.g., ETL, SDLC, metrics)
► Next steps (e.g., communication with Data Steward(s) and Data Custodian(s) going forward)
Bi-weekly to
monthly
6
Data
Architects/
Source
System
Application
Owners
Meetings (by
domain)
Schedule and conduct meeting with Data
Architects and Source System Application
Owners by domain (include multiple
stakeholders in meetings, when possible)
► EDO goals, objectives and timelines
► Summary of discussion with executive and Business Process Owner(s), Data Steward(s) and Data Custodian(s), relevant information
(e.g., responsibilities, data management areas of focus)
► Further discussion of data domain specific to architecture and source systems involved, as well as, data design/usage/sourcing and
existing data management pain points
► Implementation plans and path to compliance with policies (e.g., system/infrastructure build out, SLAs)
► Next steps (e.g., communication with Data Architect(s) and Source System Application Owner(s) going forward)
Bi-weekly to
monthly
7
All
stakeholders
Email
After conducting meetings with stakeholders and
groups, send summary communications with the
following information
► Meeting minutes/notes and action items
► Overview of expectations and next steps
► EDO points of contact
As needed
8
All
stakeholders
Meetings
Schedule and conduct checkpoints with
stakeholders/groups throughout the 30-60-90
day plans and through full implementation, as
agreed to in previous meetings
► Encourage open dialogue and conduct ad hoc meetings to discuss progress and resolve any issues arising during planning and
implementation.
As needed
9 Regulators Meetings
Schedule and conduct updates with regulators to
provide information on the
► Approach, progress to date (e.g., execution of communication plan and notable items arising from those discussions)
► Communicate assessment of timelines for compliance with regulatory requirements and resolution of outstanding MRA/MRIAs.
Quarterly
Example Communication Plan

Define Scope of Key Data

► Defining the key data provides a more focused scope of data priorities and business drivers.
► Establishing data domains creates an accountability structure over the key data and clarity on what business truly ‘owns’ the data
being used across the enterprise.
► Domains can be used as a top level structure to achieve a ‘common taxonomy’ as described in BCBS 239
Business Benefits
► An organization contains a vast array of data, not all of which must be governed in the highest capacity. This chapter allows
businesses to establish data domains and identify the key data to their business which will be governed under the operating model.
► The data domains playbook can be found here: LINK
Chapter Guidance
► The domain concept has been adopted by a large number of financial services institutions. Many institutions begin by aligning domains
to current organization models. However the benefits of domains are realized when they cross LOB and group boundaries. So that
similar data is grouped and managed together regardless of which LOB it is in. This can better enable efficacy of data sourcing and
authorized data sources.
Industry Trends
► Mark Carson
► Shobhan Dutta
► Lisa Cook
► Ryan Duffy
Key Contacts
► Creating a standardized data taxonomy via data domains organizes the data by shared characteristics and context that facilitates
management governance.
► Executing this step will help the clients understand the existing data that lives across the enterprise and logical way of organizing the
data to drive accountability and governance.
Definition

Define Scope of Key Data: Data Domains
Step 2: Conduct a series of domain workshops to socialize the concept,
share the draft and validate and revise Global banking and financial
services company’s domain structure with key data providers and
consumers
Step 3: Finalize domains and approve domain inventory. Perform
analysis of provider and consumer domains and create a domain
interaction matrix
Step 1: Review Industry domain models and current state systems and
data flows usage patterns to propose a draft set of domains for
Global banking and financial services company
Domains
Industry Domain models*
Step 4: Assign domain ownership Establish roles and responsibilities for
domain ownership as well as the roles of data producers and data
consumers
Our Domain Approach*
Data Domain Ownership
matrix
* See appendix for more detail on this accelerator
WP02: Data Domains
Executive Presentation
Key take-away: Conducting multiple workshops with leadership to define and agree upon an initial set of prioritized data domains
and assign ownership for each domain

Define Scope of Key Data: Data Domains
The operational model uses data domains to classify data into a common subject area based on shared characteristics independent of business
usage (e.g. Industry, Compliance etc.) A data domain taxonomy is used to assign accountability for data and business processes through LOBs.
► A data domain groups data elements into a common subject area
based on shared characteristics. This facilitates common
understanding and usage of data elements across LOB’s, business
processes and systems
What is a data domain?
► Critical roles and responsibilities will be assigned at the data domain
level
► These roles will have oversight of data across LOB’s, business
processes and systems
How do we manage
data domains?
► Today, accountability for data is inconsistently applied at LOB’s,
business processes and systems
► Since multiple LOB’s share the same data (e.g. client reference data),
accountability for shared data is unclear and/or fragmented
Why do we need data
domains?

Guiding Principles for Data Domains
► The organization will have a common and consistently applied data domain taxonomy
► A data element will be owned, defined, and maintained in only one data domain. It can be used by
multiple business processes and stored in multiple systems
► Each data domain will have a Domain Owner assigned who will be empowered and accountable
to make governance decisions with input from impacted business processes and stakeholders
► Domain Owners govern the definition and rules for the data consumed or provided by a business
process and do not govern the business process itself

Data Domains
Example Domains 1
General Ledger
Data
• The combination of reference, master and
transactional data summarizing all of a
company's financial transactions, through
offsetting debit and credit accounts.
Customer
Profitability Data
• The calculated Profit and Loss data (PnL)
such as the revenues earned and the
costs associated with a customer over
time
Liquidity Data • The subset of assets and securities that
can be easily traded without affecting
the price of that asset or security
Regulatory
Reporting Data
• Data that are determined as critical to
meet regulatory reporting requirements
Capital Data
• Calculation of the Bank’s financial
performance (e.g. Income Statements,
Cash Flow Statements & Balance
Sheets).
Operational Risk
Data
• Data and criteria used to calculate losses
arising from an organizations internal
activities (e.g. people, process &
systems)
Market Risk Data • Data and criteria used to calculate the
probability of losses in positions arising
from movements in market prices
Credit Risk Data • The amount of principle or financial
value that is at risk should a party fail
to meet their obligations
Allowance for Loan
Losses Data
• The financial value associated with the
estimated credit losses within a bank’s
portfolio of loans and leases.
Risk. Finance and Treasury Data Domains
16
17
18
19
21
22
23
24
20
Data Types Definition
• Data that identifies or is used to categorize
other types of data, along with the set of
possible values for a given attribute
• Includes calendar, currency, geographic
locations, industry, identifiers, roles,
relationships
Linking &
Classifications
Party & Legal
Entities
• An entity that is registered, certified & approved
by a government authority
• Any participant that may have contact with the
Bank or that is of interest to the Bank and about
which the Bank wishes to maintain information
(e.g. legal ownership / hierarchy, financials)
• Descriptive information about any form of
ownership (asset) that can be easily traded in
markets, such as stocks, bonds, loans, deals,
and indices.
Assets & Securities
Reference and Master Data Domains
1
4
2
Transactional Data Domains
8
9
10
11
• A state that a party or legal entity can be
transitioned into when that entity is a potential
or existing recipient of services, products or
transactions
Customers &
Counterparties
3
• The value or cost and quantity at which assets
& securities are traded or converted (e.g.
exchange price, currency rate conversion,
interest or inflationary rates
Prices & Rates
5
• An item to satisfy the want or need of a
customer and has an economic utility and are
typically a grouping of various assets &
securities
Products &
Accounts
• An evaluation of the financial status of a party
or an asset to indicate the possibility of
default or credit risk
• (e.g. Moody’s, S&P, Fitch, Experian, Equifax,
Transunion and internal)
Ratings
6
7
• The individual events associated with the
movement of currency (cash assets) into
and between Accounts
Deposits &
Payments
list of the services rendered, with an
account of all costs (such as an itemized
bill.)
Invoices &
Billing
buying or selling of assets and securities.
Trading
• The lifecycle of an instruction from
customers to counterparties or other legal
entities for trade order events
Clearing &
Settlement
12 • The transactional events within or between
party’s & legal entities in which assets &
securities are exchanged under an
agreement that specifies the terms and
conditions of repayment
Borrowing &
Lending
13 • A group of activities customers or
counterparties need or to accomplish a
financial goal
Include aspects of budgetary activities
Financial
Planning
14 • A fee charged for facilitating a transaction,
such as the buying or selling of assets,
securities, products or services offered to a
customer or a counterparty to the Bank
Fees &
Commissions
15 • The various types of events that can take
place across an organization including
financial transactions, customer management
and marketing events and business process
activities
Business Events

Transactional Domains
Credit Risk
The risk of loss from obligor or counterparty default. Includes
Wholesale and Consumer credit risk
Market Risk
The potential for adverse changes in the value of the Firm’s assets
and liabilities resulting from changes in market variables such as
interest rates, foreign exchange rates, equity prices, commodity
prices, implied volatilities or credit spreads
Operational Risk
The risk of losses arising from an organization’s internal activities
(e.g. people, process & systems)
Principal Risk
The risk that the investment will decline in value below the initial
amount invested
Country Risk
The risk that a sovereign event or action alters the value or terms
of contractual obligations of obligors, counterparties and issuers,
or adversely impacts markets related to a country
Liquidity Risk
Data and criteria used to manage and categorize the
marketability of investment
Capital & Liquidity
Data associated with an organization’s monetary assets (e.g.
balance sheet) and a type of asset that can be traded in market
without affecting the price of the asset. Assists with improving
the banking sector’s ability to absorb losses arising from financial
and economic stress (CCAR stress testing, leverage and risk-based
requirements); ensuring banks hold sufficient liquid assets to
survive acute liquidity stress; and preventing overreliance on
short-term wholesale funding
GL and External Financial Regulatory Reporting
Data associated with financial transaction of the organization for
its entire life cycle, including SEC disclosures & MIS Reporting
and data used to define requirements around individual regional
regulatory reports
Compliance
Data used to asses and monitor anti-money laundering and non-
anti-money laundering activities including; transaction monitoring,
risk assessment, KYC, CDD/EDD, CLS (client list screening), look-
backs
Profitability & Cross-Sell
Data and criteria used to support measurement of customer
profitability, cross-sell and referrals
Functional Domains
12
15
13
14
16
17
18
Reference & Master Domains
19
20
21
External Parties
Data and criteria used to identify entities that lay outside of the
ownership structure of the firm (external legal entities,
prospects, clients, issuers, exchanges)
Internal Parties
Data and criteria used to identify entities that fall inside the
ownership structure of the firm (internal legal entities,
subsidiaries, joint ventures, holding companies)
Workforce
Includes employees and contractors and the core attributes that
uniquely describes them
Accounts
Accounts of JPMorgan customers in which holdings and
transactions get recorded. Contains account identifiers, legal
agreements, descriptors, key account attributes, etc.
Product & Product Classes
Data used to categorize products or services (inclusive of asset
and asset classifications, securities and other financial
instruments)
Instrument & Instrument Classes
Data defining the means by which a tradable asset or
negotiable item such as a security, commodity, derivative or
index, or any item that underlies a derivative is transferred
Prices & Rates
Data associated with values or costs at which assets &
securities are traded or converted (exchange rates, interest
rates, equity prices, etc.)
Geography
Data that describes the geographic location or related
attributes of a party, transaction, collateral, etc., including
addresses, geo codes, currencies, etc.
Industry
Data that describes the nature of a Customer or Other Party, or
risk exposure
Business Unit
Data that is used to represent a logical segment of a company
representing a specific business function, separate from a legal
entity
Financial Account / UCOA
The smallest unit at which financial transactions are classified
within general ledger or sub-ledger (e.g. asset, liability, revenue,
expense, etc.). This data also includes the banking book, trading
book and their respective hierarchies
1
4
2
3
5
6
7
8
9
10
11
Product Transactions
Data elements and events supporting trade order and
transaction management, clearing and settlement, asset
transfers, cash movement, borrowing and lending transactions
Customer & Client Servicing
Data associated with client/customer transactions used in
servicing them including fraud, default management, and
originations transactions
Sales & Marketing
Relationship management activity, product management
strategy, sales activity including marketing, campaign
management, commissions, fees and prospect management
.
22
23
24
Data Domains
Example Domains 2

Key Takeaway: Data domains become operationalized once aligned to business processes and roles are assigned.
Data Domains
Operationalizing with Roles
Data Domain Business
Process 
Know Your
Customer
(KYC)
Regulatory
Capital
Management
Office (RCMO)
Regulatory
Reporting
Market
Risk
Credit
Portfolio
Group
Credit Risk
Reporting
Ownership
Tracking
System (to
be replaced
with GEMS
1Q 2015)
Client
Onboarding/
Origination
…
Wholesale Credit Risk x x x
Consumer Credit Risk x x x
Market Risk x x
Capital & Liquidity x
GL and External Financial Regulatory Reporting x x x X x
Compliance x x
…
External Parties x x x x x x x x
Industry x x x x x x x x
…
Denotes the domain which the data is read (consumed) from Business Processes
Consumer
Data
Domains
Reference &
Master Data
Domains
► Business processes (e.g. Credit Risk, Regulatory Reporting, KYC, Sales and Marketing) must be mapped to data
domains to understand specific data usage patterns. Doing so:
► Identifies priority business processes for each data domain
► Assigns accountability for data requirements
► Provides business context for data
► Drives root cause analysis of Data Quality issues
► This mapping establishes the basis of accountabilities across data domains, business processes at each
intersection requires roles and responsibilities*
Role A: have broad understanding of data across
all business processes
Role B: have a detailed understanding of how the business
process functions and operates
Role C: have a
detailed
understanding of
processes and
associated data
requirements

Define and Establish Governance Model

Define and Establish Governance Model
► Attaching names to data governance makes the operating model ‘real’ and enforceable.
► Establishing routines and effective governance to become part of the BAU process of data management within the organization.
Business Benefits
► Until this point, data governance was seen as an initiative at the enterprise level without names or faces. Now roles and
accountabilities are aligned to carry out the key capabilities defined earlier in the roadmap and data domains.
► This chapter provides clear examples of roles and escalation structures that a business can use to set up their governance
organization.
Chapter Guidance
► Most organizations have established a CDO (Chief Data Officer) but have not fully expanded their governance roles down to the
lowest possible levels.
► The centralized and federated operating models of data governance has been most widely adopted, however, multiple methods are
available for use.
Industry Trends
► Mark Carson
► Shobhan Dutta
► Lisa Cook
► Ryan Duffy
Key Contacts
► The objective of creating an enforceable Data Governance operating model is to provide a clear structure of the roles and
responsibilities required to have accountability over critical data.
► The operating model has roles, routines, metrics and monitoring.
Definition

Stand-up Governance and Oversight
► An often times overlooked key business function is the quality and consistency of data. Governance is
the act of defining data ownership, policies, standards and procedures to effectively govern, control,
assess, monitor, and independently test to ensure data is accurate, complete, and timely.
Governance
► The oversight functionality exists to secure accountability and functionality. Fundamental principles
include ensuring standards exist and are followed, committees and groups are fit for purpose, and the
bank is functioning as intended.
Oversight

Define CDO office governance model
Review the descriptions, advantages, and disadvantages of each of the types of organization models with your client to identify
which will meet their needs. Based on the need and the existing organization structure of the firm, any of the following Data
Governance organizations can be established.
Org model type Description Advantages Disadvantages
Committee A committee based approach is mush easier
to establish, however sometimes
decisions/consensus may take longer to
obtain due to lack of hierarchical edicts.
• Relatively flat organization
• Informal governance bodies
• Relatively quick to establish and
implement
• Consensus discussions tend to take
longer than hierarchical edicts
• Many participants comprise governance
bodies
• May be quick to loose organizational
impact
• May be difficult to sustain over time
Hierarchical A formal hierarchical approach to data
governance, decisions are made at the top
and then trickled down for execution. This
data governance organizational structure can
be easily aligned to the existing reporting
lines.
• Formal Data Governance executive
position
• Council reports directly to executives
• Large organizational impact
• New roles may require Human
Resources approval
• Formal separation of business and
technical architectural roles
Hybrid A hybrid approach provides the “tone at the
top” and wider range of committee members
provide subject matter advise.
• Hierarchical structure for establishing
appropriate direction and ‘tone at the top’
• Formal Data Executive role serving as a
single point of contact and accountability
• Groups with broad membership for
facilitating collaboration and consensus
building
• Potentially an easier model to implement
initially and sustain over time
• Data Executive position may need to be
at a higher level in the organization
• Group dynamics may require
prioritization of conflicting business
requirements and specifications

1st Line: Local groups / LOBs /
Domains
2nd Line: Oversight Functions
Executive Committees
Data User
Data Steward (DS)
Business Process Owner (BPO)
Data Governance Committees
Data Custodian (DC)
Data Architect (DA)
Source System App. Owner
(SSAO)
Data Strategy & Architecture
Data Management
Centre of excellence, Shared services
Data Advisory
Central Enablement Activities1
Target State Governance Model
3rd Line: Audit
Audit
(May need additional data
management skills)
Chief data officer
Controls data officer
Program executive sponsors (including BCBS)
Data Governance and QA1
EDO governance
EDO shared
services/enable
ment
Legend: Domain specific
roles
External to EDO
Escalation/oversight path
Data Administration
The diagram below depicts a generic, high level data governance model. The CONSULTANT COMPANY team will use the current
state assessment and conduct review meetings to build a tailored governance model for the organization.
1Refer to appendix 1 for further information on EDO functions

Data
Architect(s)
Data Steward
Data
Custodian
Domain #4
(e.g., credit risk)
Data
Management
Chief Data Officer
(Head of EDO)
Data
Architecture
Data
Governance
and QA
Center of
Excellence,
Shared
Services
Data
Architect(s)
Source
System
Application
Owner
Domain #2
(e.g., GL data)
Data Steward
Data
Custodian
Data
Architect(s)
Data Steward
Data
Custodian
Domain #3
(e.g., mortgages)
Source
System
Application
Owner
Data
Architect(s) 2
Source
System
Application
Owner2
Customer
(Illustrative)
Data
Steward2
Data
Custodian2
Data Advisory
Data
Administration
Source
System
Application
Owner
Data Governance Committees
Executive Owner
(Non IT)*
Business Process
Owner(s)2
Business Process
Owner(s)
Business Process
Owner(s)
Business Process
Owner(s)
EDO Functional Organization Enterprise wide data management roles at a business group / data domain level
Data User(s)2 Data User(s) Data User(s)
2Refer to appendix 2 for additional information on specific roles
1Refer to appendix 3 for further information on data domains
EDO works closely with business groups / domains to execute the data management strategy.
* Typically this is an executive who has an enterprise perspective, has strong influence and is also seen as a collaborator to help develop the partnership approach with the domain
owners. In the financial services industry, we have observed this being the COO/ CIO/ CMO
Domains1 are a way to logically organize data around core business concepts. This enables establishing accountability and
ownership of data, its quality, integrity, and usage. The domain model has been established at two G-SIBs and 1 D-SIB. Domains
allow for governance models to establish accountability in a realistic and actionable forum that typically exists informally.

Identify level of centralization / federation
Example Approach
Independent Locally distributed Balanced Central + distributed Centralized
Functional areas operate with
complete autonomy, while
maintaining global standards to
meet specific enterprise
requirements.
• There is no oversight of data
management roles from the
Enterprise Data Office (EDO)
• The EDO sets forth policies and
standards1, but not procedures
• There is no enforcement of
standards
• Data priorities are defined within
the lines of businesses / data
domains
Functional areas control a
majority of their business and
technology operations, with
limited coordination from the
enterprise.
• There is some EDO assistance
in setting up roles
• EDO sets forth policies and
standards1, but not processes
• There is minimal enforcement
of standards
• Data priorities are defined
within the lines of businesses /
data domains, but after
discussions with the EDO
Responsibility and ownership are
shared equally among the
different functional areas and the
enterprise.
• There is an advisory
relationship between data
management roles and EDO
(provides services)
• EDO sets forth policies,
standards1and some processes
for business groups / data
domains to follow
• Business groups / data
domains self-assess their
performance and report to the
EDO
• Strategic data priorities are
defined by the EDO
Data Governance provides a point
of control and decision making but
functional areas own selective
decisions and activities.
• There is an advisory and
oversight relationship between
data management roles and EDO
(provides services)
standards1 and some processes
for business groups / data
domains to follow
• Business groups / data domains
self-assess their performance,
with the EDO frequently
overseeing results
• Strategic data priorities are
defined by the EDO
Data Governance provides a
single point of control and decision
making, with functional areas
having little or no responsibility.
• All data management roles
report into the EDO
standards1 and processes for
business groups / data domains
to follow
• Business groups / data domains
self-assess their performance,
with the EDO frequently
overseeing results
• Most data priorities are defined
by the EDO
EDO EDO EDO
EDO
Increasing EDO Authority
The level of centralization / federation within a bank is a key indicator of bank culture and working environment. The highest
dependency / consideration for this topic is existing bank culture. Significant buy in and executive support is required for change.

Example Approach
Certain levels of EDO Authority correspond to both advantages and disadvantages pending capacity for cultural shift, resource
capability and volume, and budget availability.
 Minimal disruption during program rollout
 Easier business case for initiatives
× No integrated approach to fulfilling business
drivers
× Different priorities across the enterprise
× Increased cost from overlapping initiatives
× Increased risk due to disparate data
definitions
 Integrated approach to fulfilling business
drivers
 Ability to leverage localized initiatives
 Ability to influence enterprise data maturity
 Ability to synthesize enterprise wide data
assets for strategic decision making
 Enhanced ability to meet regulatory
requirements
× Moderate disruption during program rollout
× Additional resources required
× Speed of execution (initially, not long term)
 Most consistent data
management
× Disruptive cultural
shift needed
Advantages
Disadvantages
EDO EDO EDO
EDO
Increasing EDO Authority

Example Approach
Depending on the specifics of the centralization / federation model, accountability will be spread across the responsible groups
accordingly. The RACI below is a starting point for assigning and placing role specifics by standard area.
Standard Area Balanced Central + Distributed
R A C I R A C I
Data Quality Strategy Development EDO EDO LOB LOB EDO EDO LOB LOB
CDE Definitions LOB LOB EDO EDO LOB EDO EDO EDO
CDE Identification LOB LOB EDO EDO LOB LOB EDO EDO
Defining, Registering and Cataloguing CDEs LOB LOB EDO EDO LOB EDO EDO EDO
Business Rules Definition LOB LOB EDO EDO LOB LOB EDO EDO
DQ Threshold Definitions LOB LOB EDO EDO LOB LOB EDO EDO
Data Profiling LOB LOB EDO EDO LOB LOB EDO EDO
DQ Remediation LOB LOB EDO EDO LOB LOB EDO EDO
DQ Measurement LOB LOB EDO EDO LOB LOB EDO EDO
DQ Scorecards LOB LOB EDO EDO LOB EDO EDO EDO
DQ Maturity Assessment LOB LOB EDO EDO EDO EDO LOB LOB
DQ Maturity Remediation LOB LOB EDO EDO LOB EDO LOB LOB
R Responsible- Who is assigned to do the work
A Accountable- Who has ownership of delivery
C Consulted- Who must consulted before work is completed
I Informed- Who must be notified after work completion

An interaction model is key for clearly defining accountability and expectations across the bank. Escalation procedures is one
example of an at risk function without an effective interaction model. Plan for significant stakeholder engagement for sign off.
Identify organizational model
Example Interaction model 1
System Managers
Various
Control Owners
Various
System Managers
Various
System Managers
Various
Control Owners
Various
Control Owners
Various
Various
Data Officers
CBG, CmBG, CRE, GIB, International,
etc.
Credit Risk, Finance,, etc.
Line of Business Data
Officers
Various
Functional Data Officers
Various
Single point of accountability for establishing and delivering the data management
function for each Wholesale LOB and each functional area
Data Office
Establishes and monitors data management function for Wholesale. Primary point
of accountability to Enterprise.
Chief Data Officer
Structures, supports, and monitors
Supports Monitors Supports
Key Accountabilities
Guiding Principles
Start simple (Crawl-Walk-Run) Avoid duplication of roles Maximize autonomy Enable early execution
Data officers are
data providers
and/or consumers
for one another,
driving significant
interaction,
negotiation and
coordination
between Data
Officer functions to
manage data
effectively end-to-
end.
Chief Data Officer (CDO):
Establish, support, and monitor data management capabilities across Bank
• Ultimate point of accountability to Enterprise for Data Mgmt. within the data office
• Define, implement and monitor data governance structures
• Establish cross-functional priorities for the data office
• Manage shared data assets (ex: customer/client); drive resolution of cross-functional issues
• Define Wholesale Data Mgmt. Standards and monitor adherence
• Represent data office Bank at Enterprise governance routines
Data Officers:
Ensure data quality and control for his/her assigned area of responsibility
• Identify and/or resolve data risks and issues (whether identified internally or by data consumers) for data within their custody
• Establish local data governance structures and resources
• Ensure compliance to Enterprise and Wholesale data standards / requirements
• Ensure data provided meets user/consumer requirements
System Managers*:
Manage technical aspect of the data within application
• Provide and maintain technical metadata (data flows / mapping, transformations, technical controls, etc.)
• Provide support (analysis, enhancements, etc.) as requested by Data Officer
• Identify and notify Data Officer of any material changes or risks impacting prioritized data
*Data Mgmt. accountabilities only; these are in addition to other policy requirements
Control Owners*:
Operate and manage key data controls
• Provide and maintain control metadata
• Operate / manage to the control to specification agreed to by applicable Data Officer(s); provide action plans for out of threshold conditions
and notify Data Officer of any material changes or risks impacting prioritized data
*A System Manager may also be the Control Owner for technical controls
System Data Custodian
Responsible for understanding the data quality of data within their assigned system; This is the “Data Owner” from G&O
• Collaborate with the necessary Data Officers, System Managers, and Control Owners to understand the integrity and quality of data consumed
for their assigned system(s)
• Monitor the system to ensure data changes are communicated and consistent across Data Officers
• Understand and provide visibility to action plans to resolve data issues related to the system
*The System Data Custodian will be the LOB Data Officers in cases where alignment between SOR and LOB is clear
System
Data
Custodians
Various
System
Data
Custodians
Various
System
Data
Owners
Various

• CDOs – accountable and responsible for establishing the enterprise/LOB data strategy and governance program; roles and responsibilities of the enterprise and Corporate/LOB CDOs are
similar with different scope of data under their purview
• Data Domain Executives – accountable for compliance with the enterprise data management strategy, governance policies and requirements for the data domain(s); accountable for
rationalizing and unifying business rules across multiple providing and consuming business processes
• Data Stewards – accountable to the Data Domain Lead and responsible for understanding, disseminating and adopting applicable policies, standards and processes corresponding to the
data domain(s)
• Information Architects – responsible for coordinating with Consumer, Reference & Master and Transactional Data Domain Lead(s) to link business metadata content (data definitions, data
lineage, data quality) to technical metadata content (data element, data model) in order to document data lineage
• Business Process Owners – accountable to the Corporate or LOB business area officers (e.g. CRO); responsible for articulating business requirements, associated rules, business process
workflows, procedures and training materials; responsible for approval of requirements documented in the applicable templates
1
2
3
Chief Data Officer
5
Business
Process Owners
5
Technology
Managers
Data
Domain
Executives
2
LOB CDOs
1
Information
Architects
CB, CCB, CIB, CTC, AM
Corporate
Reference & Master Data*
Data Stewards
Business Partners Data Management Partners
4
3
4
Identify organizational model
Example Interaction model 2
An interaction model is key for clearly defining accountability and expectations across the bank. Escalation procedures is one
example of an at risk function without an effective interaction model. Plan for significant stakeholder engagement for sign off.

TOP_407070357-Data-Governance-Playbook.pptx

TOP_407070357-Data-Governance-Playbook.pptx

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to TOP_407070357-Data-Governance-Playbook.pptx

Similar to TOP_407070357-Data-Governance-Playbook.pptx (20)

Recently uploaded

Recently uploaded (20)

TOP_407070357-Data-Governance-Playbook.pptx

Editor's Notes