Multimatics Insight

Understanding 6 Key Principles Data Governance in COBIT 2019

Data Governance in COBIT 2019

In today's data-driven world, organizations are faced with the challenge of managing and protecting their data effectively. Data is a valuable asset that plays a crucial role in decision-making, innovation, and compliance. To tackle these challenges, COBIT 2019, a globally recognized framework for enterprise governance and management of information and technology, provides a comprehensive approach to data governance.

  • Compliance and Regulatory Alignment

    COBIT®2019 assists organizations in aligning their data governance practices with relevant laws, regulations, and industry standards, reducing legal and financial risks. The first principle in COBIT 2019's data governance framework is "Meeting Stakeholder Needs." It emphasizes the importance of understanding and addressing the requirements and expectations of stakeholders, both internal and external. Organizations must engage with stakeholders to identify their data-related needs and expectations. In accordance with COBIT 2019 Implementation Life Cycle, this principle can ensure that data governance practices align with the business's goals, which is crucial for overall success. These stakeholders may include customers, regulators, partners, and internal business units.

    To meet stakeholder needs, organizations should establish a clear communication channel to gather and document requirements. Regular feedback loops and collaboration with stakeholders are essential to refine data governance policies and processes continuously.

  • Covering the Enterprise End-to-End:

    The second principle, "Covering the Enterprise End-to-End," underscores the need for a holistic approach to data governance. Data governance efforts should extend across the entire organization, ensuring that data is managed consistently and uniformly. In practice, this means that data governance should not be limited to specific departments or projects but should be integrated into the overall business strategy.

    Data governance policies, procedures, and controls should be applied consistently across all areas of the organization, irrespective of the technology, platforms, or applications used. This principle aims to prevent data silos and ensure that data is treated as a valuable asset throughout its lifecycle.

  • Applying a Single Integrated Framework

    COBIT 2019's third principle, "Applying a Single Integrated Framework," emphasizes the importance of having a unified approach to data governance. Organizations should establish a single framework that integrates all data governance activities, ensuring that they work in harmony and do not conflict with each other. This helps in reducing duplication of effort and streamlining data governance processes.

    A single integrated framework can also assist organizations in simplifying compliance and auditing processes, as all data governance activities are aligned within one comprehensive structure. This principle promotes efficiency, consistency, and transparency in data governance efforts.

  • Enabling a Holistic Approach

    The fourth principle, "Enabling a Holistic Approach," focuses on the need to consider data governance as part of a broader governance ecosystem. Data governance should be aligned with other governance frameworks, such as IT governance or corporate governance, to create a cohesive approach to managing information and technology.

    This holistic approach helps organizations understand the interdependencies between data governance and other governance areas, ensuring that data governance complements and supports the overall business strategy. It also helps in prioritizing data governance initiatives in alignment with the organization's goals and objectives.

  • Separating Governance from Management

    "Separating Governance from Management" is the fifth principle, which underscores the importance of maintaining a clear distinction between governance and management activities. While management involves day-to-day operations and execution, governance focuses on setting policies, making strategic decisions, and providing oversight.

    Data governance policies and procedures should be established by governance bodies, with defined roles and responsibilities. The separation of governance from management helps ensure objectivity, accountability, and compliance with regulatory requirements.

  • Tailoring to the Organization

    The final principle in COBIT 2019's data governance framework is "Tailoring to the Organization." This principle recognizes that one size does not fit all when it comes to data governance. Organizations should customize their data governance approach to fit their unique business context, size, industry, and regulatory environment as mentioned in COBIT 2019 Design Factors.

Customization may involve adapting data governance processes, controls, and policies to address specific risks and challenges that the organization faces. This principle encourages organizations to be agile and flexible in their approach to data governance to better address their evolving needs and circumstances.

In conclusion, COBIT 2019's six key principles of data governance provide organizations with a comprehensive and adaptable framework to effectively manage their data assets. By understanding and implementing these principles, organizations can align their data governance practices with their stakeholder needs, cover the entire enterprise, integrate governance activities, take a holistic approach, separate governance from management, and tailor their approach to their unique context. Data governance is no longer an option but a necessity in today's data-driven world, and COBIT 2019 offers a roadmap for success in this critical area of enterprise governance.


De Haes, S., Van Grembergen, W., Joshi, A., Huygh, T., De Haes, S., Van Grembergen, W., ... & Huygh, T. (2020). COBIT as a Framework for Enterprise Governance of IT. Enterprise Governance of Information Technology: Achieving Alignment and Value in Digital Organizations, 125-162.

Ikhsan, M., Widodo, A. P., & Adi, K. (2021). Systematic literature review on corporate information technology governance in indonesia using cobit 2019. Prisma Sains: Jurnal Pengkajian Ilmu dan Pembelajaran Matematika dan IPA IKIP Mataram, 9(2), 354-364.

Li, Y., & Rong, Y. (2021). Management Competency Framework of Adopting Information System and Data Governance based on COBIT 2019. Scientific Journal of Economics and Management Research Volume, 3(3).

Share this on:

Scroll to Top