Data governance is often talked about like it’s a single, clear-cut function: define the rules, ensure compliance, keep the data clean. Easy, right? Not exactly. In practice, it’s one of the most fragmented and debated responsibilities in an organisation, landing in very different corners, often without a clear or consistent home. Sometimes, not owned at all, just stuck in limbo.
Turns out, governing data isn’t the hard part, figuring out who owns it is.
So, who actually owns it?
Short answer: It depends.
Longer answer: It depends a lot.
The Many Homes of Data Governance
Let us start by looking at the usual suspects who end up responsible for data governance, and why.
1. IT: The Traditional Guardians
Historically, data governance has lived in IT. That made sense when most data systems were built, managed, and accessed by technical teams. IT could control access, build systems, and define the rules around them. But as data started becoming everyone’s business, this model started to show its cracks.
Pros: Strong control, centralised systems, ties to data architecture and security.
Cons: Can feel disconnected from the people who use the data (i.e., business users).
2. Compliance & Risk: The Rule Enforcers
For organisations in heavily regulated industries, governance often lives under Compliance, Risk, or even Legal teams. These groups focus on what data can legally be stored, processed, or shared and what needs to be locked down.
Pros: Sharp focus on privacy, regulation (APP, APRA, AHPRA, GDPR, etc.), and risk mitigation.
Cons: May prioritise restriction over enablement; seen as blockers to innovation.
3. Data Management Teams: The Emerging Middle Ground
In more data-mature organisations, dedicated data management or data governance teams have emerged. They bridge the gap between IT, business, and compliance, often with a dotted line to each.
Pros: Holistic view, able to balance quality, access, privacy, and usability.
Cons: May struggle with authority if not clearly empowered by leadership.
4. Business Units: The Real Data Consumers
More recently, data governance responsibilities have been pushed closer to the business. Marketing, finance, product, and ops teams are often the ones generating and consuming the most data. It makes sense to give them ownership over its accuracy and proper use.
Pros: Better alignment with how data is used.
Cons: Risk of inconsistency or local optimization over enterprise standards.
When AI Shows Up, Governance Gets Complicated
Let’s be honest, no article is complete these days without an AI angle. But in this case, it’s more than just trend-chasing. AI has added a whole new layer to the data governance puzzle.
Suddenly, governance isn’t just about data quality or compliance or managing tables and tags. It’s about training data, model transparency, data ethics, and accountability. And once again, we’re left asking: whose job is that?
• Does IT track how data flows into models?
• Is Legal responsible for AI ethics?
• Should data teams handle bias and explainability?
AI doesn’t just challenge policy – it challenges the org chart.
It blurs the lines between teams, exposes gaps in ownership, and leaves governance stuck again between functions. Most frameworks weren’t built for this moment. And unless someone steps up, governance risks being left behind just when it’s needed most.
The sweet spot? A Federated Model
Where data governance lives is not just a box on the org chart. It shapes how governance gets done.
If it is too centralised (like in IT), you risk bureaucracy and lack of agility. Too decentralised, and you get chaos, no consistency, no shared definitions, and lots of duplicated effort. Somewhere in the middle is where most companies are trying to land: a federated model, where there is centralised oversight but distributed responsibility.
The federated model of data governance is gaining traction because it recognises two truths:
1. Not all data governance decisions should be made centrally.
2. Not all teams can make them in isolation, either.
In this model, there is typically a central data governance council or office (often reporting to a Chief Data Officer), with data stewards embedded in different business units. The central team sets standards and ensures compliance, while local stewards manage data in context.
Final Thoughts
Data governance isn’t just red tape. It’s not just a checkbox for compliance. And it’s definitely not just IT’s problem. It’s a strategic function that determines whether data becomes an asset or a liability.
Everyone who touches data has a part to play, from the data engineer to the marketing analyst. But without clear leadership and accountability, data governance efforts tend to fizzle out or turn into compliance theatre.
So… Who Should Own It?
Honestly? Everyone. But someone has to lead the charge.
About Payal:
Payal Pandya is a self-proclaimed data nerd who has spent over a decade turning complex data challenges into people-first solutions that stick. As Data Governance Lead at Sportsbet, she is all about making data work for the business – not the other way around. Her background spans big tech, consulting, and digital transformation, and she thrives on asking the right questions, and building frameworks that actually get used. Payal believes data governance should be less about buzzwords and more about real-world impact -and she is on a mission to prove it, one meaningful conversation at a time.
See Payal’s Profile here
Building Better Coders: Why Online Courses Need to Narrow Their Focus
