Executive Insights: What is Data Governance and Why Do I Need It?

Steve Jacobson

Chief Executive Officer

Steve, founder of JCA, has provided systems consulting and implementation services to a number of clients, including Carnegie Hall, The Metropolitan Museum of Art, The American Museum of Natural History, New York Botanical Garden, and the National Constitution Center.
March 18, 2024

This blog is part of our quarterly series, Executive Insights. This series features data and tech trends for the nonprofit community, directly from JCA’s Founder and CEO, Steve Jacobson.

Click here to be notified when new content is published in this series.


What did you first think of when you heard the term “data governance?” As a self-professed data nerd, I pictured a bunch of zeros and ones running around aimlessly while a cartoon dog shepherds the rogue digits into a nice tidy pack. If you look in the dictionary, you’ll see that data governance is defined as a framework and set of rules that ensure data is managed, stored, and used effectively, securely, and in compliance with regulations within an organization. While I like my depiction more, we’ll follow the dictionary’s more practical approach.

In the nonprofit world, we deal with so much data. And it comes at us from everywhere. We have constituent data, grants, donations, and more in our fundraising CRM. We have case and program data. We have all sorts of online engagement data. If we’re attendance-based, we have ticket sales/admissions, food and beverage, and membership data. It’s a ton of disparate, but sometimes overlapping, information. We attempt to corral and organize this data so we can further our missions and drive impact. But, as we do so, we need to take the appropriate steps to govern this data effectively.

Understanding Data Governance and Its Challenges

Nonprofit data governance encompasses the policies, procedures, and practices organizations put in place to manage data assets effectively. It involves defining roles and responsibilities, establishing data quality standards, ensuring compliance with regulations such as HIPAA, PCI, or GDPR, and mitigating risks associated with data misuse or breaches. Effective data governance is crucial for maintaining trust with donors, protecting sensitive information, and making informed decisions to achieve our goals.

However, nonprofits often face unique challenges when it comes to data governance.

  • Lack of buy-in and engagement from senior leadership can prevent staff from prioritizing this key operational area and make it difficult to enforce policy and controls.
  • Limited resources make it challenging to invest in sophisticated data management systems or hire the right technology professionals.
  • We also see data silos, where different departments often collect and store data independently, making it hard to deal with the data holistically.
  • Governance is often seen as the domain of IT alone, making it difficult to establish its authority and enforce policies.
  • Nonprofits must balance mission-driven work with effective data management, and data governance is often put on the back burner in favor of other, more urgent organizational priorities.
  • Nonprofit staff may lack the data skills and literacy to successfully implement data governance.

The end result can be having different policies (or no policies!) across the organization for handling and securing data. And this data can be highly sensitive, which puts the burden on us to deploy stringent measures to protect it.

Oh, and did I mention that because we’re often resource-constrained, we may not have the budget to hire someone who has the necessary training and expertise?

How to Take Action: A 5-Step Plan

Before you move forward with your data governance framework, take time to make a plan. As you do, remember that addressing data governance is a process and not an overnight solution. As you proceed along this journey, you’ll need to be flexible and adapt your plans as you uncover more information. There will be times when you realize that you don’t know what you don’t know – and that’s OK.

So, without further ado, here’s JCA’s five-step action plan for data governance:

  1. Assessment and Inventory: Begin by conducting a comprehensive assessment of your organization’s current data ecosystem. Identify all sources of data, including home-grown databases, third-party applications, API integrations, and old-school data imports. Assess the quality, accuracy, and relevance of the data. Create an inventory that documents the types of data, where it’s stored, who owns it, and how it’s used. This step provides a solid foundation for understanding the scope of your data governance efforts.
  2. Define Policies and Standards: Once you have a clear understanding of your data assets, develop (or update) a set of policies and standards to govern how data is managed throughout its lifecycle. These policies should cover data quality, security, privacy, access controls, and compliance requirements. Ensure that these policies align with industry regulations and best practices. Involve stakeholders from across the organization to ensure buy-in and accountability.
  3. Implement Data Management Processes: Establish robust data management processes to enforce the policies and standards you’ve defined. This includes procedures for data collection, storage, cleansing, transformation, integration, and archival. Implement tools and technologies to automate these processes where possible, reducing the risk of human error and ensuring consistency. Regularly monitor and audit these processes to identify and address any issues or deviations.
  4. Create a Data Governance Framework: Develop a formal data governance framework to provide structure and oversight to your data governance efforts. This framework should include roles and responsibilities for data stewards, data custodians, and other stakeholders involved in managing data. Define processes for decision-making, issue resolution, and escalation. Establish metrics and key performance indicators (KPIs) to measure the effectiveness of your data governance program and track progress over time.
  5. Get the Right People Onboard: Data governance is a collaborative effort that requires participation from across the organization. Provide comprehensive training and education to stakeholders at all levels to ensure they understand their roles and responsibilities in maintaining data quality, security, and compliance. Offer regular workshops, webinars, and documentation to keep everyone informed about the importance of data governance and the benefits it brings to the organization.

By following this five-step action plan, your organization can establish a robust data governance framework that ensures data is managed effectively, efficiently, and ethically throughout its lifecycle, thus enabling better decision-making and driving mission impact. Remember, though, that data governance is not just a technical issue, it’s a cultural one as well.

If you want more information about how JCA can help you more effectively manage your data ecosystem, please contact us.