What does a fully operational data governance framework look like for law firms?

What is a data governance framework

Data Governance is the coordination of people, processes, and technology to manage and optimise the use of data as a valued asset. It utilises a collection of policies, practices and procedures which help to ensure the proper management, ownership and use of data assets within the firm.

Since Data Governance has the primary objective of affecting people’s data-related behaviour, it involves a culture change.

A data governance framework provides an operational context to this change by being the mechanism for controlling (planning, monitoring and enforcement) and leading data governance activities.

When do you create a data governance framework

Once you have articulated your firm’s data vision and objectives, the next step is to understand the documentation gaps and critical data challenges that need to be solved. You will include the activities to plug gaps and solve challenges (what and when) in your Data Governance Roadmap (or data strategy).

But this isn’t the end of your thinking. Now that you’ve figured out what has to get done, you should start thinking about the roles, accountabilities and responsibilities you will need to have in place to enable data governance activities to take place. This data governance framework is the who and how part of your firm’s Data Governance Roadmap.

The best practice is to develop your data governance framework in parallel with your roadmap since engagement, training and communications for your framework stakeholders will need to be timetabled alongside other deliverables.

What are the most common data governance framework mistakes

Iron Carrot has worked alongside several law firms to help them develop and implement their data governance frameworks and roadmaps. We have seen some common errors and misapprehensions that we’ve helped them address.

Assuming the framework can run by itself

When designing the strategic, tactical and operational layers of a data governance framework, it is easy to think that they can be self-organising. Creating a committee and appointing a chairperson responsible for setting up and running meetings is often seen as all that is necessary to make each layer of the framework work correctly.

For example, everyone assumes that the chair will take the minutes, but no one communicates that, so the minutes don’t get taken. Without minutes there cannot be transparency. Without transparent communication, stakeholders disengage from the framework as another failed initiative.

Once the framework’s roles, responsibilities and accountabilities have been designed, stakeholder enthusiasm often encourages Data Governance Leads to make faster progress and jump straight into nominating people for positions. This ignores the necessary (but less exciting) step of figuring out the details of how the framework will work. It is just as essential to create and document an operating model for the framework as making the framework itself.

Framework designers cannot forget administrative tasks like setting agendas and coordinating communication between the layers when identifying roles and responsibilities. For example, mechanisms for escalating or delegating need to identify the person accountable for doing so explicitly.

Lack of expectation setting

It’s not uncommon for new frameworks to get launched with considerable publicity, and within a few weeks, be forgotten because group members behaviour doesn’t change. Senior members focus more on talking about objectives rather than getting them done. Junior members concentrate on their day-to-day tasks instead of working cross-functionally to improve their data.

Lack of change is not, as many people think, a result of a lack of commitment by the group members. It is a lack of clearly set expectations. It is not enough to define the role of a framework group or group member; you also need to explain what they are expected to do and how they will do it.

Senior members need to understand that the framework expects them to help junior members find the time in their week to contribute to data governance activities. Junior members are expected to highlight barriers to progress (lack of time, decision, or resources) with the framework.

Excluding key stakeholders

Because a data governance framework is a new structure for the firm, it is easy to forget critical stakeholders who add value to framework activities. This is always done accidentally, but excluding important roles can create barriers to the effectiveness and credibility of the framework.

As a result, finding them is much harder to convince these critical stakeholders of the benefits of a data governance framework if they have not been involved in all early stakeholder conversations.

When gathering stakeholders to contribute to your firm’s framework design,  cast the net as wide as possible. Make sure you don’t miss them by asking as many senior people as possible to review working group memberships and nominate ‘missing’ people.

Make sure that these people have a clear role in the framework and define their contribution. The data governance purpose of functions like Data Protection Officer (DPO) is evident but not clear for roles like Records Manager, I.T. Security Lead, Enterprise Architect, and Reporting Manager.

Data owners accountabilities checklist

Data Owners are the cornerstones of data governance framework activities, and identifying your data owners is foundational. Every firm will have different expectations of data owners, so it’s essential to set out the accountabilities for this group of people.

This checklist will guide you through twelve things to think about when defining and labelling this pivotal role.

What are the steps required to create a data governance framework

Set clear goals for the framework

The first step is to use your data governance vision and objectives to create clear goals for your data governance framework. Remember, this framework is the operational mechanism that enables and supports behavioural change for data management, so members of your framework groups need to understand these changes.

Think about what you want the framework to improve or create. You might also think about what needs to be done differently or isn’t being done at all.

Document the accountabilities and responsibilities

Once you have identified the goal (or the ‘what’), you can move on to thinking about ‘who’ will work on achieving them. There will probably be a hierarchy to your group, with appropriately senior or junior people in each layer depending on the decisions and actions needed from the group.

Documenting each group’s accountabilities and responsibilities also helps you create a profile of the ideal group member. You can test the profiles by ensuring that all of your key stakeholders fit into your framework groups.

Create the operating model

Finally, you need to spend an equal amount of time designing the operating model for your framework. This will be articulated in both your framework design documentation and the terms of reference document for each framework group.

Designing an operating model involves thinking about logistics, procedures and communications. It includes questions like:


  • When and how to meet
  • How often will meetings happen
  • Who takes the minutes
  • Who sets the agenda
  • How far in advance does pre-reading get circulated
  • What inputs will the group need to make decisions


  • Who is responsible for escalating or delegating items between the groups
  • How will they do that
  • Who needs to be made aware before, during or after an escalated or delegated item
  • How will decisions be taken (do they require a quorum)
  • What outputs will the group produce


  • Where do minutes get stored
  • How do minutes get shared
  • Are there distribution lists for the groups
  • Are there other communications channels to be timetabled into
  • How do decisions on issues get recorded and actioned

What are the sections to include in your data governance framework

Like most areas of law firm operations, a data governance framework is a matrix. It consists of strategic, tactical, and operational groups of business services (including I.T.) representatives. Depending on what your framework needs to do, it may also include members from the practices. Supporting and guiding this matrix is your data governance centre of excellence.

Data Governance Framework Groups

Data Steering Group

The steering group is the top layer where senior stakeholders who can make decisions about change work on strategic data governance issues. This group is responsible for influencing how time and money are spent and championing data governance activities throughout the firm. You usually find practice representatives in this group.

Data Owners Board

Data Owners are the engine of data governance activities. Every firm will define different accountabilities and responsibilities for this group that best reflect the needs of their data vision and objectives. This is the tactical layer of the framework which has accountability for specific deliverables and is responsible for data stewards.

Data Stewards Council

This layer is the operational layer of the framework, made up of subject matter experts (SMEs) responsible for supporting the data owners. Since these SMEs have a good grasp of the practical implications of changes or improvements that get trickled down from the other groups, they act as a sense check to timelines and project plans.

Other Supporting Roles

Data Governance Centre of Excellence

When creating a data governance roadmap, the firm will already have identified the business sponsor who has the role of championing and driving data governance for the firm and line managing the data governance lead.

It is usual for the Data Governance Lead to be the person who is creating the data governance framework. Within this matrix, they act as the conductor for the orchestra of framework group members and line manager of any supporting roles created in the Centre of Excellence (CoE)

As a framework matures, the data stewards may need specialist support for an aspect of their responsibilities. This executive or central data steward is part of the CoE and may or may not have responsibilities for specific data depending on the needs of the framework and the firm.

Data experts

Roles within the framework matrix must be found for critical stakeholders like Data Protection Officers and Enterprise Architects. Their knowledge of the firm and their specialist data roles are invaluable to the success of the data governance framework and data governance roadmap.

They may be appointed as advisors to one of the groups or have a supporting role within the centre of excellence. Like any other framework member, their participation should be documented to avoid confusion about their role accountabilities and responsibilities.

Summing up and next steps

Summary of steps

Use the data vision and objectives to set out what you want the framework to do, who will be involved in it, and how it will get it done. This should include the framework groups’ interactions with the Data Governance Centre of Excellence and other vital data roles that the firm already has.

Call to action

We have developed a unique data governance road-mapping approach to help law firm leaders launch the proper foundation for data governance through our extensive law firm background.

Our five-step road mapping process quickly helps law firms deliver a complete framework and plan for assuring the governance and quality of their data so that law firms can realise their strategic goals.

If you want to learn more about data governance, our road mapping process, or how we can help you: