Data Governance Risk Assessment Checklist
Use this checklist to review data governance risks across your department, systems, and data assets. Complete each section with the most accurate information available.
Assessment Context
Respondent Name
*
First Name
Last Name
Job Title or Role
*
Department or Business Unit
*
Please Select
Executive
Finance
Human Resources
Information Technology
Legal
Operations
Sales
Marketing
Procurement
Customer Support
Other
Assessment Date
*
-
Month
-
Day
Year
Date
Assessment Scope / Data Domain(s) in Scope
*
Customer Data
Employee Data
Vendor Data
Financial Data
Marketing Data
Operational Data
Other
Data Inventory and Classification
Primary data set or system name
*
Data classification level
*
Please Select
Public
Internal
Confidential
Highly restricted
Is personal data processed?
*
Yes
No
Is sensitive data processed?
*
Yes
No
Is data shared externally or across teams?
*
Yes
No
Governance Controls Review
Data ownership clarity
*
Rows
Strong
Adequate
Needs Improvement
Not in Place
Ownership roles are clearly defined
1
2
3
4
Access control appropriateness
*
Rows
Strong
Adequate
Needs Improvement
Not in Place
Access permissions are aligned to job responsibilities
5
6
7
8
Retention and deletion process
*
Rows
Strong
Adequate
Needs Improvement
Not in Place
Retention schedules are defined and deletion is executed consistently
9
10
11
12
Change management for data definitions
*
Rows
Strong
Adequate
Needs Improvement
Not in Place
Changes to data definitions are reviewed and approved before implementation
13
14
15
16
Data quality monitoring and metadata completeness
*
Rows
Strong
Adequate
Needs Improvement
Not in Place
Data quality issues are monitored
17
18
19
20
Metadata and documentation are complete and current
21
22
23
24
Approval and exception handling
*
Rows
Strong
Adequate
Needs Improvement
Not in Place
Exceptions are approved, documented, and tracked to closure
25
26
27
28
Risk Findings and Prioritization
Identified Risks or Gaps
*
Likelihood of Impact
*
1
2
3
4
5
Impact Severity
*
1
2
3
4
5
Overall Risk Level
*
Please Select
Low
Moderate
High
Critical
Existing Mitigation Actions
Owner Responsible for Remediation
*
Target Remediation Date
-
Month
-
Day
Year
Date
Follow-up Priority
*
Please Select
Low
Medium
High
Urgent
Submit Assessment
Should be Empty: