Description
Establish a Data Governance Body consisting of [Assignment: organization-defined roles] with [Assignment: organization-defined responsibilities].
Supplemental Guidance
A data governance body can help ensure that the organization has coherent policies and the ability to balance the utility of data with security and privacy requirements. The data governance body establishes policies for the governance of personal data (or data from which personal data is derived) and non-personal data across the information life cycle. The data governance body provides recommendations on data management based on the organization's mission and business needs, and privacy requirements.
Changes from Rev 4
New control in Rev 5. Establishes data governance structure.