Step 2 - Establish governance and resourcing
|
A data inventory without governance is a document waiting to decay. This step is about establishing the human and structural foundations that will sustain the inventory over time — not just for an initial build, but permanently.
Establish you governance structure
Depending on your organisation's size and complexity, your governance structure might include:
- A data governance committee or working group with cross-functional representation.
- A senior executive sponsor who champions data as a strategic asset.
- Named data owners for each major business domain or data asset class.
- Data stewards in each business area, responsible for maintaining their area's entries.
- An inventory coordinator who manages the overall register and review cycles.
For smaller organisations, one person may play several of these roles. What matters is that each responsibility is named and someone owns it.
Define your scope
Agree clearly on what the inventory will and will not cover. Consider:
- Which data assets are in scope — all structured data, operational databases only, or a specific domain first?
- Which business units or locations are covered in the first cycle?
- Whether the inventory will include data held by contracted service providers or third parties.
- How joint data assets (shared with other agencies or organisations) will be handled.
It is better to maintain a high-quality inventory covering 60% of your data than a poor-quality one covering 100%. Start with your highest-priority or highest-risk data assets and expand from there.
Agree on a maintenance cycle
Before collecting a single data asset, agree on how the inventory will be kept current. This includes:
- How new data assets will be added — ideally as a standard step in any new system or data project.
- How changes to existing assets (location, format, ownership, access level) will be notified and recorded.
- How frequently a full review cycle will occur — annually as a minimum, quarterly for high-priority assets.
- What triggers an out-of-cycle update — for example, a system decommission, an organisational restructure, a Machinery of Government change or a data breach.
DMAT assesses leadership and governance to show whether organisations have formal, funded structures for data management - not just informal arrangements. Embedding stewardship in position descriptions and funding review cycles are indicators of high maturity.