CDMP — DAMA Data Management Fundamentals Exam Blueprint
Practical exam blueprint for DAMA International CDMP Data Management Fundamentals exam preparation.
How to Use This Exam Blueprint
Use this checklist as a practical study map for the DAMA International DAMA CDMP Data Management Fundamentals exam, exam code CDMP. It is organized around the data management knowledge areas and readiness skills a candidate should be able to apply, not just define.
For each area, ask:
- Can I explain the concept in plain language?
- Can I recognize the right term in a scenario?
- Can I distinguish similar concepts?
- Can I identify the best next action for a data management problem?
- Can I connect the topic to governance, quality, security, architecture, and business value?
This page does not state official exam weights or scoring rules. Treat each area as part of your final review until you can handle terminology, principles, roles, artifacts, and decision scenarios confidently.
Topic-Area Readiness Table
| Readiness area | What to review | You are ready when you can… |
|---|---|---|
| Data management fundamentals | Purpose of data management, data as an asset, lifecycle thinking, business alignment | Explain why data management exists and connect practices to business outcomes |
| DAMA knowledge areas | Governance, architecture, modeling, quality, metadata, security, integration, warehousing, reference/master data, documents/content, storage/operations | Recognize which knowledge area owns or supports a given activity |
| Data governance | Decision rights, policies, stewardship, accountability, councils, issue escalation, standards | Choose governance responses for ownership, policy, compliance, and prioritization scenarios |
| Data architecture | Enterprise data view, data flows, integration patterns, target-state planning, architectural principles | Distinguish architecture from modeling, governance, and technology implementation |
| Data modeling and design | Conceptual, logical, physical models; entities, attributes, relationships, keys, normalization, dimensional modeling | Interpret model artifacts and identify the level of model needed for a scenario |
| Data storage and operations | Databases, file stores, platforms, backup, retention, availability, performance, operational support | Connect operational requirements to data storage and lifecycle controls |
| Data security | Confidentiality, integrity, availability, access control, classification, privacy, masking, monitoring | Select appropriate controls based on data sensitivity and risk |
| Data integration and interoperability | ETL/ELT, APIs, messaging, replication, transformation, data movement, semantic consistency | Identify integration issues such as mapping, latency, lineage, and data meaning conflicts |
| Documents and content management | Unstructured data, records, retention, taxonomy, search, lifecycle, legal hold concepts | Recognize how content management differs from structured database management |
| Reference and master data | Codes, domains, hierarchies, golden records, survivorship, match/merge, stewardship | Explain why shared, trusted identifiers and definitions matter across systems |
| Data warehousing and business intelligence | Analytics platforms, dimensional models, facts/dimensions, reporting, metrics, dashboards | Distinguish operational data from analytical data and select suitable BI concepts |
| Metadata management | Business, technical, operational metadata; catalogs; lineage; glossaries | Use metadata to explain meaning, origin, quality, usage, and ownership |
| Data quality | Dimensions, profiling, rules, remediation, monitoring, root cause analysis | Diagnose quality problems and choose prevention or correction approaches |
| Data lifecycle management | Creation, acquisition, use, sharing, retention, archival, disposal | Apply lifecycle controls to governance, privacy, cost, risk, and value |
| Ethics and professional practice | Responsible data use, transparency, fairness, accountability, misuse prevention | Identify ethically stronger choices in data access, analytics, and sharing scenarios |
| Data management maturity | Capability assessment, maturity models, roadmaps, metrics, continuous improvement | Explain how an organization improves from ad hoc practices to managed practices |
Core Concepts You Should Be Able to Explain
Data as an Organizational Asset
Check that you can explain:
- Why data has value beyond the system where it is stored.
- How poor data management creates operational, regulatory, financial, and reputational risk.
- Why data management is a business discipline supported by technology, not only an IT function.
- How data ownership, stewardship, and accountability support asset management.
- Why shared definitions and standards reduce rework and inconsistent reporting.
Data Management vs. Data Governance
| Concept | Primary focus | Common exam trap |
|---|---|---|
| Data management | Planning, controlling, delivering, and improving data across its lifecycle | Treating it as only database administration |
| Data governance | Decision rights, accountability, policies, standards, escalation | Treating it as only compliance or only a committee |
| Data stewardship | Day-to-day responsibility for data definitions, quality, usage, and issue resolution | Confusing steward with system owner |
| Data ownership | Accountability for data meaning, access, value, and risk decisions | Assuming ownership is always technical |
| Data strategy | Direction, priorities, value proposition, roadmap | Confusing strategy with a tool implementation plan |
DAMA Knowledge Area Checklist
Data Governance
You should be ready to answer questions about:
- Governance goals: accountability, consistency, risk management, value realization.
- Decision rights: who can define, change, approve, access, or retire data.
- Data policies, standards, procedures, and controls.
- Data stewardship roles and responsibilities.
- Data governance councils, working groups, and escalation paths.
- Business glossary ownership and approval workflows.
- Issue management for data defects, definition conflicts, access disputes, and policy exceptions.
- Metrics for governance adoption, policy compliance, data quality improvement, and business impact.
- How governance supports privacy, security, quality, metadata, and master data.
Can you do this?
- Given a conflict between two departments using different definitions for the same metric, identify governance as the mechanism for definition approval and standardization.
- Given recurring data defects, distinguish between fixing individual records and establishing accountability for root-cause prevention.
- Given unclear access approval, identify the need for data classification, policy, and accountable decision rights.
Data Architecture
Review:
- Enterprise data architecture purpose and scope.
- Current-state and target-state data architecture.
- Data flows across applications, platforms, business processes, and external parties.
- Data domains and subject areas.
- Canonical models, integration architecture, and shared data services.
- Architectural principles such as reuse, interoperability, standardization, scalability, and security by design.
- Relationship between business architecture, application architecture, technology architecture, and data architecture.
- Tradeoffs between centralized, federated, distributed, and domain-oriented data approaches.
| Scenario cue | Likely concept to apply |
|---|---|
| Multiple applications store customer data differently | Data architecture, master data, integration, governance |
| A new analytics platform needs trusted source mapping | Architecture, metadata, lineage, data warehousing |
| Systems exchange data but interpret fields differently | Semantic consistency, canonical definitions, metadata |
| Future platform design must align with enterprise principles | Target-state architecture and roadmap |
Data Modeling and Design
Be able to distinguish model types:
| Model type | Purpose | Typical audience | Readiness check |
|---|---|---|---|
| Conceptual model | High-level business concepts and relationships | Business stakeholders, architects | Can you identify entities without implementation detail? |
| Logical model | Detailed business structure independent of technology | Data modelers, analysts, data stewards | Can you identify attributes, relationships, keys, and rules? |
| Physical model | Implementation design for a specific platform | DBAs, engineers, developers | Can you connect tables, columns, indexes, partitions, and storage choices to implementation? |
| Dimensional model | Analytics structure using facts and dimensions | BI teams, analysts | Can you distinguish measures, dimensions, grain, and hierarchies? |
Review these modeling concepts:
- Entity, attribute, relationship.
- Primary key, foreign key, candidate key, surrogate key, natural key.
- Cardinality and optionality.
- Normalization and denormalization.
- Business rules and constraints.
- Subtypes and supertypes.
- Model validation with stakeholders.
- Data model governance and version control.
- Dimensional modeling: fact tables, dimension tables, conformed dimensions, slowly changing dimensions, grain.
Common trap: assuming a physical database table is the same thing as a business entity. A business entity represents a concept; a table is an implementation structure.
Data Storage and Operations
Review:
- Operational data stores, relational databases, non-relational stores, files, object storage, and analytical platforms at a conceptual level.
- Backup, recovery, archiving, retention, and disposal.
- Availability, reliability, performance, capacity, and monitoring.
- Database administration responsibilities versus broader data management responsibilities.
- Data lifecycle controls from creation through deletion.
- Operational procedures for changes, incidents, access, and data refresh.
- Data replication, synchronization, and environment management.
- Production versus development/test data handling.
Can you do this?
- Explain why retention rules and disposal procedures are data management concerns, not just storage cost concerns.
- Identify when backup and recovery are insufficient without tested restore procedures.
- Distinguish operational availability requirements from analytical reporting requirements.
Data Security
Study security as a data management responsibility:
- Confidentiality, integrity, and availability.
- Data classification and sensitivity labeling.
- Role-based access, least privilege, segregation of duties.
- Authentication versus authorization.
- Encryption, masking, tokenization, anonymization, and pseudonymization at a conceptual level.
- Privacy principles and responsible handling of personal or sensitive data.
- Logging, monitoring, auditability, and access reviews.
- Security policies, standards, procedures, and exceptions.
- Secure data sharing with third parties.
- Data breach response concepts and escalation.
| If the scenario says… | Think about… |
|---|---|
| Users can see more data than needed | Least privilege, access review, classification |
| Sensitive data is used in non-production | Masking, synthetic data, policy controls |
| Reports expose personal identifiers | Privacy, minimization, aggregation, masking |
| No one knows who accessed restricted data | Logging, monitoring, audit trail |
| A vendor needs a data extract | Third-party risk, data sharing agreement, access controls |
Data Integration and Interoperability
Review:
- ETL and ELT concepts.
- Batch, real-time, near-real-time, streaming, and event-driven integration.
- APIs, messaging, file transfer, replication, and data virtualization at a conceptual level.
- Source-to-target mapping.
- Transformation rules and data validation.
- Error handling, reconciliation, restartability, and monitoring.
- Data lineage and impact analysis.
- Semantic interoperability: consistent meaning across systems.
- Structural interoperability: compatible formats and schemas.
- Integration governance: standards, reuse, security, and change control.
Decision prompt: If a question describes data arriving correctly formatted but with different business meaning, the issue is not only technical integration. Look for semantic consistency, definitions, governance, and metadata.
Documents and Content Management
Review:
- Structured versus semi-structured versus unstructured information.
- Document lifecycle: creation, capture, classification, storage, access, retention, archival, disposal.
- Records management concepts.
- Taxonomy, tagging, search, indexing, and retrieval.
- Version control and document control.
- Legal hold and defensible disposition concepts.
- Content security and access management.
- Relationship between content management, knowledge management, and data governance.
Readiness check: Can you identify when a problem is about managing records, documents, and unstructured content rather than relational data?
Reference and Master Data
Review:
- Reference data: controlled values, codes, domains, status lists, country codes, product categories.
- Master data: core business entities such as customer, product, supplier, location, employee, asset.
- Master data management goals: consistency, identity resolution, trust, reuse.
- Golden record concepts.
- Match, merge, survivorship, deduplication, and hierarchy management.
- Data stewardship for master and reference data.
- Data ownership and governance of shared domains.
- MDM implementation styles at a conceptual level.
- Downstream impact of changing codes, identifiers, or hierarchies.
| Question clue | Better answer direction |
|---|---|
| Same customer appears under multiple identifiers | Master data, identity resolution, match/merge |
| Different systems use conflicting product categories | Reference data governance, standard code sets |
| A reporting hierarchy changes frequently | Hierarchy management and controlled change |
| Teams argue over which customer address is correct | Survivorship rules and stewardship |
Data Warehousing and Business Intelligence
Review:
- Purpose of data warehousing and analytical data stores.
- Difference between operational processing and analytical reporting.
- Facts, dimensions, measures, grain, hierarchies.
- Star schema and snowflake schema concepts.
- Data marts and enterprise data warehouses at a conceptual level.
- BI reporting, dashboards, scorecards, metrics, and KPIs.
- Data lineage from source systems to reports.
- Reconciliation between source data and analytical outputs.
- Historical data, snapshots, and slowly changing dimensions.
- Self-service analytics governance.
Common trap: treating a dashboard problem as only a visualization issue. If users disagree about the number, check definitions, lineage, data quality, transformation rules, and governance.
Metadata Management
Review the three broad metadata categories:
| Metadata type | Examples | Why it matters |
|---|---|---|
| Business metadata | Definitions, business rules, data owners, glossary terms, valid values | Helps people understand meaning and accountability |
| Technical metadata | Schemas, tables, columns, data types, mappings, APIs, jobs | Helps teams build, integrate, and maintain systems |
| Operational metadata | Job runs, data volumes, refresh times, error logs, usage statistics | Helps monitor processes, quality, and performance |
Also review:
- Metadata repositories and data catalogs.
- Business glossaries.
- Data lineage and impact analysis.
- Metadata standards and ownership.
- Metadata capture: manual, automated, embedded in processes.
- Active versus passive use of metadata.
- How metadata supports governance, quality, security, integration, analytics, and compliance.
Can you do this?
- Given a reporting error, trace why lineage matters.
- Given a field name with unclear meaning, identify the value of business metadata.
- Given a planned source-system change, use metadata for impact analysis.
Data Quality
Review common dimensions:
| Dimension | Question it answers |
|---|---|
| Accuracy | Is the data correct? |
| Completeness | Is required data present? |
| Consistency | Does data agree across systems or records? |
| Timeliness | Is data available when needed and up to date enough? |
| Validity | Does data conform to rules, formats, and allowed values? |
| Uniqueness | Is the same entity represented only as intended? |
| Integrity | Are relationships and constraints maintained? |
| Fitness for purpose | Is the data good enough for the intended use? |
Review the data quality lifecycle:
- Define quality requirements based on business use.
- Profile data to discover patterns and defects.
- Define rules, thresholds, and controls.
- Measure and monitor quality.
- Identify root causes.
- Remediate defects.
- Prevent recurrence through process, system, governance, or training changes.
- Report quality metrics to accountable stakeholders.
Scenario cue: If data defects keep recurring after cleanup, the better answer often involves root cause analysis, process controls, ownership, and governance rather than repeated manual correction.
Cross-Knowledge-Area Decision Checks
Use these prompts to practice exam judgment.
| Scenario | First questions to ask | Likely readiness areas |
|---|---|---|
| A report shows different revenue numbers in two departments | Are definitions aligned? What sources and transformations were used? Who owns the metric? | Governance, metadata, quality, BI |
| A new system duplicates customer data already stored elsewhere | Is there an enterprise data architecture? Is customer master data governed? | Architecture, MDM, integration |
| A team wants broad access to sensitive production data for testing | What data classification applies? Can masking or synthetic data be used? | Security, privacy, governance |
| A source-system field is being retired | What downstream reports, integrations, models, and policies depend on it? | Metadata, lineage, architecture |
| A code list changes in one application but not others | Who governs reference data? How are changes communicated? | Reference data, integration, governance |
| Analysts do not trust dashboard numbers | Are definitions, lineage, transformation rules, and quality checks documented? | BI, metadata, quality |
| A database is backed up but recovery has never been tested | What recovery procedures and operational controls are in place? | Storage and operations |
| Data quality metrics exist but no one acts on them | Who is accountable? What escalation and remediation process exists? | Governance, quality, stewardship |
Role and Responsibility Checklist
Be able to distinguish the responsibilities of common roles. Exact titles vary by organization, so focus on function.
| Role or group | Typical responsibility | Do not confuse with… |
|---|---|---|
| Data owner | Accountable for data meaning, use, access decisions, and value/risk | The person who physically stores the data |
| Data steward | Manages definitions, quality issues, rules, and coordination day to day | A purely clerical role |
| Data custodian | Operates technical environments and safeguards data | Business accountability for meaning |
| Data architect | Designs enterprise or domain data structures, flows, and principles | Project-only database development |
| Data modeler | Creates conceptual, logical, and physical data models | Dashboard design only |
| Data quality analyst | Profiles, measures, reports, and investigates quality issues | One-time data cleanup |
| Data governance council | Sets priorities, resolves conflicts, approves policies and standards | A tool administration team |
| Security or privacy function | Defines and monitors controls for protected data | The only group responsible for data risk |
| BI or analytics team | Delivers analytical data, metrics, reports, and insights | Sole owner of business definitions |
Artifact Checklist
You should recognize the purpose of these artifacts and when each is useful.
| Artifact | Purpose | Readiness prompt |
|---|---|---|
| Data strategy | Defines direction, priorities, and value | Can you connect it to business goals? |
| Data governance policy | Establishes rules and accountability | Can you tell when policy is needed rather than ad hoc decision-making? |
| Data standards | Promote consistency in definitions, naming, formats, and controls | Can you identify inconsistent standards in a scenario? |
| Business glossary | Defines business terms and ownership | Can you separate glossary terms from technical metadata? |
| Data catalog | Helps discover, understand, and use data assets | Can you explain how it supports lineage and stewardship? |
| Data model | Represents data structures and relationships | Can you identify conceptual, logical, and physical purposes? |
| Source-to-target mapping | Documents integration transformations | Can you use it to trace data movement? |
| Data lineage diagram | Shows origin, movement, and transformation | Can you use it for impact analysis? |
| Data quality scorecard | Tracks quality measures and trends | Can you connect metrics to action? |
| Data classification scheme | Labels sensitivity and handling requirements | Can you select suitable controls? |
| Retention schedule | Defines how long data or records are kept | Can you distinguish retention from backup? |
| MDM survivorship rules | Determine trusted values across sources | Can you apply them to duplicate master records? |
Terminology Pairs Candidates Often Mix Up
| Pair | How to distinguish them |
|---|---|
| Data governance vs. data management | Governance sets decision rights and rules; data management includes the broader set of practices to deliver and control data |
| Data owner vs. data steward | Owner is accountable; steward manages and coordinates day-to-day data responsibilities |
| Business glossary vs. data dictionary | Glossary defines business meaning; dictionary documents technical structures |
| Data quality vs. data cleansing | Quality is an ongoing discipline; cleansing is a remediation activity |
| Backup vs. archival | Backup supports recovery; archival supports long-term retention and retrieval |
| Reference data vs. master data | Reference data is controlled code/value sets; master data describes core business entities |
| Lineage vs. mapping | Lineage shows end-to-end origin and movement; mapping defines specific source-to-target relationships |
| Conceptual vs. logical model | Conceptual is high-level business view; logical adds detailed structure without platform implementation |
| Logical vs. physical model | Logical is technology-independent; physical is implementation-specific |
| OLTP vs. analytics | OLTP supports transactions; analytics supports reporting, analysis, and decision-making |
| Data lake vs. data warehouse | Know the conceptual distinction: flexible raw/mixed data storage versus curated analytical structures |
| Privacy vs. security | Privacy governs appropriate use of personal data; security protects data from unauthorized access or misuse |
“Can You Do This?” Final Skills Checklist
Before exam day, you should be able to:
- Define data management and explain its business purpose.
- Identify the most relevant DAMA knowledge area from a short scenario.
- Explain how governance, stewardship, ownership, and policy work together.
- Distinguish conceptual, logical, physical, and dimensional models.
- Recognize entities, attributes, keys, relationships, and cardinality in simple examples.
- Explain why metadata is essential for lineage, impact analysis, quality, and governance.
- Select appropriate data quality dimensions for common defects.
- Distinguish one-time data cleansing from sustained quality management.
- Identify when master data or reference data management is needed.
- Explain the difference between business definitions and technical schemas.
- Recognize security controls appropriate to sensitive data handling.
- Explain lifecycle controls: creation, use, retention, archival, and disposal.
- Identify integration concerns beyond file movement, including mapping, meaning, validation, and monitoring.
- Connect BI trust issues to definitions, lineage, transformations, and quality.
- Recognize how architecture guides consistent data movement, reuse, and target-state planning.
- Choose governance escalation when there is a cross-functional data conflict.
- Explain how maturity assessment supports roadmap planning and continuous improvement.
- Avoid choosing tool-first answers when the scenario primarily describes accountability, policy, definition, or process gaps.
Common Weak Areas and Traps
Tool-First Thinking
Many data management questions are not asking which tool to buy. If the scenario describes unclear ownership, conflicting definitions, inconsistent processes, or recurring quality problems, the better answer often involves governance, stewardship, standards, root cause analysis, or policy.
Treating Data Quality as Cleanup Only
Data quality includes requirements, profiling, measurement, monitoring, accountability, prevention, remediation, and continuous improvement. Manual cleanup may be necessary, but it rarely solves the underlying management problem by itself.
Confusing Data Governance With Central Control
Governance is not always a single central team making every decision. It may include federated roles, councils, standards, escalation paths, and business accountability. The key is clear decision rights and consistent policy.
Ignoring Metadata
Metadata is often the bridge between concepts. It supports:
- Data discovery.
- Business meaning.
- Technical understanding.
- Lineage and impact analysis.
- Quality rules.
- Security classification.
- Stewardship and ownership.
- Auditability.
If a scenario asks “where did this value come from?” or “what will break if this field changes?”, think metadata and lineage.
Mixing Operational and Analytical Requirements
Operational systems optimize transactions and process execution. Analytical environments optimize reporting, trend analysis, historical context, and decision support. The exam may test whether you can recognize different design goals.
Missing the Lifecycle Angle
Data management is not only about storing data. Review how data is acquired, created, used, shared, retained, archived, and disposed of. Lifecycle thinking often changes the best answer in privacy, records, quality, and cost scenarios.
Overlooking Business Accountability
Data problems often appear technical but require business decisions:
- What does the term mean?
- Which value is authoritative?
- Who may access it?
- How accurate is accurate enough?
- How long should it be retained?
- Which rule wins when sources disagree?
Scenario Practice Prompts
Use these prompts for rapid self-testing.
Two systems define “active customer” differently.
- Which knowledge areas are involved?
- Who should approve the standard definition?
- What artifacts should be updated?
A dashboard metric changed after an ETL update.
- How would lineage help?
- What metadata would you review?
- What quality checks should exist?
A business unit creates its own customer list because the enterprise list is not trusted.
- Is this a data quality issue, MDM issue, governance issue, or all three?
- What short-term and long-term actions differ?
A project wants to copy production data into a test environment.
- What classification applies?
- What masking or minimization controls may be needed?
- Who approves the use?
A source application changes a field format.
- What mappings, reports, validations, and downstream processes may be affected?
- What artifact should reveal the impact?
A company has many data policies but low compliance.
- Are roles and decision rights clear?
- Are controls embedded in processes?
- Are metrics and escalation paths defined?
A report is technically correct but not useful to decision makers.
- Are the metrics aligned to business questions?
- Is the data fit for purpose?
- Are definitions and context available?
Final-Week Review Checklist
Three to Five Days Out
- Revisit every DAMA knowledge area and write a one-sentence purpose for each.
- Create a comparison sheet for commonly confused terms.
- Review governance roles: owner, steward, custodian, council, architect, quality analyst.
- Practice identifying the best knowledge area from scenario cues.
- Review artifact purposes: glossary, catalog, model, lineage, policy, standard, scorecard, retention schedule.
- Rework missed practice questions by identifying why the wrong options were attractive.
- Focus on scenario judgment, not only vocabulary recall.
One to Two Days Out
- Review data modeling levels and key modeling terminology.
- Review data quality dimensions and root-cause thinking.
- Review metadata types and uses.
- Review master data versus reference data.
- Review privacy and security controls conceptually.
- Review lifecycle terms: retention, archival, disposal, backup, recovery.
- Stop deep-diving into obscure tool features unless they clarify a core concept.
Exam-Day Readiness
- Read each question for the problem being solved, not just keywords.
- Look for accountability, definition, policy, quality, and lifecycle clues.
- Eliminate answers that are too narrow, tool-only, or one-time fixes when the scenario calls for management discipline.
- Prefer answers that address root cause, governance, repeatability, and business alignment when appropriate.
- Watch for terms that sound similar but belong to different knowledge areas.
Practical Next Step
Use this checklist to mark weak areas, then practice with mixed CDMP-style questions that force you to choose between governance, architecture, modeling, quality, metadata, security, integration, and lifecycle responses. After each missed question, write down the concept distinction you missed and the scenario clue that should have pointed you to the better answer.