Data Governance

Develop and implement guidelines, laws, and regulations across the organisation for the handling of data at various stages in its life cycle as well as the provision of advice on proper data handling and resolution of data breaches in a range of complex, ambiguous or multi-faceted contexts.

Proficiency Level

Level 1 (Follow)


Level 2 (Assist)


Level 3 (Apply)

  • Ensure implementation of information and record management policies and standard practices.
  • Ensure effective controls are in place for internal delegation, audit and control relating to information and records management.
  • Assess and manage risks around the use of information.
  • Provide reports on the consolidated status of information controls to inform effective decision-making.
  • Recommend remediation actions as required.
  • Ensure that information is presented effectively.

Level 4 (Ensure)

  • Implement guidelines, laws, statutes and regulations on appropriate handling of data at various stages in their life cycle.
  • Monitor compliance with data policies.
  • Understand the implications of information, both internal and external, that can be mined from business systems and elsewhere.
  • Make decisions based on that information, including the need to make changes to the systems.
  • Review new change proposals and provide specialist advice on information and records management, including advice on and promotion of collaborative working and assessment and management of information-related risk.
  • Create and maintain an inventory of information assets, which are subject to relevant legislations.
  • Prepare and review the periodic notification of registration details and submit them to the relevant regulatory authorities.
  • Ensure that formal information access requests and complaints are dealt with according to approved procedures.
  • Contribute to development of policy, standards and procedures for compliance with relevant legislation.

Level 5 (Strategise)

  • Develop organisational policies, standards, and guidelines for information and records management ensuring that uniformly recognised and accepted data definitions are developed and applied throughout the organisation.
  • Ensure that the business processes and information required to support the organisation are defined, and devise appropriate processes and data architectures.
  • Identify the impact of any relevant statutory, internal or external regulations on the organisation’s use of information and develop strategies for compliance.
  • Lead and plan activities to communicate and implement information management strategies.
  • Coordinate information resources to meet specific business objectives whilst maintaining the principles of professional standards, accountability, openness, equality, diversity and clarity of purpose.
  • Implement systems and controls to measure performance and manage risk.
  • Specify at a strategic level the business functions and data subjects needed to support future business, thereby enabling the development of an Information Architecture.