Skip to content

Proposed core capabilities

A brief description of each of the 10 capabilities developed for the ooperational Data Governance Framework (oDGF). This description was written by Kevin Sweeney and published in April 2018. 

Core capabilities - operational Data Governance Framework [PDF 182 KB]

Data Point of Contact

Those delivering this capability will represent a coordinator or staff focal point for data assets within a particular business unit or area of responsibility, including:

  • acting as the designated ‘go-to’ person for internally and externally sourced questions, issues or information requests about the data
  • resolving, delegating or coordinating escalation, as appropriate.

Subject matter expertise

The delivery of this capability facilitates the proper management and business use of organisational data assets through the provision of a sufficient level of expertise in either:

  • the technical specifications of the data itself
  • public expectations and commitments made at the time of data collection
  • the processes used to manipulate the data
  • the part(s) of the business where that data is critically utilised
  • a combination of these knowledge sources.

If a suitable level of insight isn’t readily available, those applying this capability will understand how to access it from other sources or, having identified a genuine knowledge gap, be able to escalate the issue appropriately for resolution.

Access control

This capability involves the administration of, and accountability for, proper access to relevant data assets, promoting good practice data security.

Drawing on the proper level of implicit or delegated authority to make decisions, staff delivering this capability ensure data assets designated as sensitive are only accessed by individuals with the proper authority, clearance and permissions.

While exercising this capability, staff will also account for commitments made at the time of collection about how the data would be used, any potential harm to individuals, households, iwi and organisations, and public expectations.

Risk management

Those delivering this capability will administer data assets under their responsibility such that they can identify, manage and mitigate potential risks to the organisation or likewise, potential harm from the use of that data that would affect external people or organisations.

This can involve coordinating with other parts of the business, drawing insights from risk registers, and publishing risk profiles for relevant data assets. It might also involve contributing to the detection of potentially harmful data incidents, like breaches, responding appropriately and in a timely manner when they do occur, and helping to minimise the possibility of future occurrences.

The successful delivery of this capability promotes good practice data management and helps inform other parts of the organisation with data dependencies or more general risk management concerns.

Internal relationship management

Proper oversight of the business process links between and across those parts of an organisation where data changes hands is vital to ensuring that those data assets consistently add operational and strategic value.

This capability involves the active management of those internal business relationships to incorporate a data perspective, with data assets properly connected to and aligned with those preceding and those following them, thereby maintaining data lifecycle flow that positions those assets to deliver persistent value.

External relationship management

Delivery of this capability involves the successful management of relationships with external entities that direct or influence the organisation’s data lifecycle across its jurisdictional boundary.

This involves adopting an external perspective, including considering the views of data suppliers and users on the sensitivity of data, taking appropriate protection measures to prevent unauthorised disclosure, and understanding the interests of iwi and Māori in the data to inform data management and access practice.

In many instances this capability will be the responsibility of those interacting with data providers at the start of a business process and customers at the end of that process, with the goal of maximising the inherent value to the organisation of those data assets.

In the case of an open operating model, where data can be directed externally at any point in its lifecycle, this capability is a continuous requirement throughout the lifecycle and the responsibility of all data-handling staff.

Quality assurance/quality control management

This capability involves leveraging a data governance framework that provides administrative touch points for data assets, creating opportunities to apply best practice quality assurance and quality control measures and influencing how those assets contribute to organisational quality requirements.

This results in a data-centric view positioned to support other parts of the organisation with similar responsibilities for ensuring quality.

Depending on the organisation’s needs, this capability may reflect different points along a quality management spectrum, from providing a hands-on, quality control focus, to maintaining oversight, with an assurance-based perspective.

Its delivery will provide an acceptable level of confidence that the data assets within a particular business area satisfy organisational quality requirements.

Data management

Working closely and regularly with data assets means those tasked with this capability must be familiar with, and confidently able to apply, relevant data and information management legislation, policy and guidance to contribute positively to the organisation’s data practice.

When not in possession of that knowledge themselves, those equipped with this capability will know how to access it from other sources, or having identified a genuine organisational-level gap, be able to escalate the issue to an enterprise governance body for resolution.

In this capacity they serve as a data and information management representative for the organisation, encouraging good practice and helping to embed it within business systems and processes.

Data champion

The delivery of this capability involves active and visible promotion of the important role of the organisation’s data assets to provide value to its customers and to the broader data system.

This will in the first instance involve the specific data with which this individual is associated but should also include the capacity to promote the inherent value of data throughout the organisation and by extension the value opportunities that arise when it is used within the broader data system.

The goal of this capability is support of a positive data value perspective across the organisation, ensuring it remains top of mind while staff perform their duties.

This will be achieved through advocacy and a coordinated communications approach, including educating others in the role of good data and information management practice. It further involves being aware of and highlighting opportunities where the organisation’s data can benefit individuals, communities, iwi and businesses throughout the data system.

Data innovation

Those delivering this capability will be positioned and compelled to contribute to innovative thinking in regards to organisational data assets, helping promote a culture of continuous improvement.

With a view across both operational and strategic considerations of those assets, they will be motivated by an inherent openness to better ways of doing things and a penchant for nurturing ideas and presenting them in a meaningful way, including to senior leadership, for consideration.

Contact us

If you’d like more information, have a question, or want to provide feedback, please email

Content last reviewed 02 July 2021.