Free DAMA CDMP Governance Practice Exam: Data Governance Specialist

This free full-length DAMA CDMP Data Governance Specialist practice exam includes 100 original IT Mastery questions across the exam domains.

These are original IT Mastery practice questions. They are not official exam questions, copied live-exam content, or exam dumps. Use them for self-assessment, scope review, and deciding what to drill next.

Count note: this page uses the full-length practice count maintained in the Mastery exam catalog. Some certification vendors publish total questions, scored questions, duration, or unscored/pretest-item rules differently; always confirm exam-day rules with the sponsor.

Exam snapshot

• Practice target: DAMA CDMP Data Governance Specialist
• Practice-set question count: 100
• Time limit: 90 minutes
• Practice style: mixed-domain diagnostic run with answer explanations

Full-length exam mix

Use this as one diagnostic run. IT Mastery gives you timed mocks, topic drills, analytics, code-reading practice where relevant, and interactive practice.

Practice questions

Questions 1-25

Question 1

Topic: Governance Metrics Maturity and Improvement

A financial services company has an approved data governance charter and enthusiastic executive statements. In practice, project teams bypass stewards to meet deadlines, and analysts continue using local metric definitions. Quality issues are fixed manually after reports are published. Which response best addresses the adoption gap?

Options:

• A. Republish the governance charter with stronger executive sponsorship

• B. Report the number of governance policies approved each month

• C. Increase catalog completion targets for technical metadata fields

• D. Embed stewardship decisions into delivery and operating workflows

Best answer: D

Explanation: When governance is accepted in principle but ignored in delivery and daily use, the issue is adoption and behavior change. A DAMA-aligned response is to put governance decision rights into the normal flow of work: project stage gates, definition approval, stewardship review, issue escalation, and operating controls. Measures should show whether teams are using governed definitions, resolving issues through stewardship, and preventing recurring data problems. Awareness and sponsorship help, but they do not prove that governance is influencing decisions. Activity counts, such as policies approved or metadata fields populated, can support monitoring but are weak substitutes for evidence that governed practices are being followed.

• Charter refresh may reinforce intent, but it does not make teams involve stewards during project delivery.
• Catalog targets improve metadata administration, but they do not address bypassed decision rights or local metric definitions.
• Policy counts measure governance activity, not whether governed behavior is occurring in projects and daily reporting.

Question 2

Topic: Security Privacy Ethics and Compliance Alignment

A bank is creating a customer analytics workspace that will combine CRM data, transaction history, and call-center notes. The security team can implement access controls, but no business owner has approved the data classification or retention period. Privacy has flagged that call-center notes may contain sensitive personal information. The business wants access within 30 days for a high-value retention campaign. What is the best governance decision?

Options:

• A. Allow the security team to classify the workspace and approve access based on existing technical roles.

• B. Give the analytics team temporary full access and review classification after the campaign.

• C. Have privacy approve only the call-center notes and let each source system keep its current retention rule.

• D. Convene owners and stewards to classify the data, approve access criteria, define retention, and assign monitoring responsibilities.

Best answer: D

Explanation: Data governance supports security and privacy by making business-accountable decisions about classification, access criteria, retention, monitoring, and policy exceptions. In this scenario, the security team is a custodian that can implement controls, but classification and access approval need accountable data owners and stewards. Privacy input is required because sensitive personal information may be present, but privacy alone should not define all business usage, retention, and monitoring responsibilities. A governed decision can still meet the 30-day business need by using a focused approval path, clear criteria, and assigned control monitoring rather than delaying or bypassing governance. The key distinction is that governance sets decision rights and policies; technical teams enforce them.

• Technical ownership trap fails because security can enforce controls but should not replace business accountability for classification and access decisions.
• Speed over governance fails because temporary full access increases privacy and compliance risk before classification and retention are approved.
• Narrow privacy review fails because the workspace combines multiple domains and also needs retention, access, and monitoring decisions.

Question 3

Topic: Business Glossary Metadata and Definition Governance

Marketing and Finance each use “active customer” for different but valid business purposes. Board dashboards currently mix the two counts, creating inconsistent enterprise reporting. The data governance council owns enterprise KPI definitions, domain stewards are available, and the business glossary lacks usage context and lineage links. Which governance decision is BEST?

Options:

• A. Let BI developers rename fields inside dashboard code

• B. Require all domains to adopt Finance’s audited definition

• C. Govern both definitions with context and an enterprise KPI mapping

• D. Keep both definitions informal until the glossary is redesigned

Best answer: C

Explanation: When two definitions are both valid, semantic governance should not force a false single meaning. The better action is to govern the meanings explicitly: record each context-specific glossary definition, assign accountable owners and stewards, document usage rules, and link the terms to reports, lineage, and the enterprise KPI definition approved by the governance council. This allows Marketing and Finance to keep fit-for-purpose definitions while preventing mixed use in board reporting. The key is controlled coexistence: distinct names or qualifiers, approved mappings, and clear report-level guidance.

• Single imposed meaning fails because Finance’s audited need does not invalidate Marketing’s legitimate business definition.
• BI-only renaming fails because technical changes do not establish business decision rights, stewardship, or governed semantic standards.
• Informal notes fail because the current reporting confusion needs active governance, not a delayed glossary cleanup.

Question 4

Topic: Governance Operating Model and Organization

A company has domain data stewards for Customer, Product, and Finance data. Each steward can document definitions and raise issues, but none has authority to resolve cross-domain conflicts. A new profitability dashboard is blocked because Product and Finance disagree on the definition of “net revenue,” and the compliance team needs a documented decision owner for regulated reporting. Which governance decision best completes the forum structure?

Options:

• A. Create a metadata catalog working group for glossary updates

• B. Ask the BI development team to choose the dashboard definition

• C. Assign the database administration team as data custodian

• D. Establish an enterprise data governance council with decision rights

Best answer: D

Explanation: Cross-domain conflicts require a governance body with recognized decision rights, not only stewardship activity or technical support. Domain stewards are important for documenting definitions, analyzing issues, and recommending decisions, but the scenario states they lack authority to resolve conflicts between Product and Finance. Because the dashboard affects regulated reporting, the decision also needs clear accountability and a documented outcome. An enterprise data governance council, or equivalent cross-domain authority, is the missing forum that can arbitrate competing business definitions, approve standards, assign ownership, and provide escalation beyond individual domains. Technical teams may implement the decision, but they should not become the business decision authority for enterprise data meaning.

• BI team ownership fails because dashboard developers can implement a definition but should not arbitrate enterprise business meaning.
• Catalog working group helps maintain metadata, but it does not supply cross-domain decision authority.
• Database custody addresses technical management of data stores, not ownership of regulated business definitions.

Question 5

Topic: Data Quality Governance

A sales dashboard shows duplicate customer counts every month. The BI team can correct the dashboard extract, and the data operations team can run a one-time de-duplication script. A data steward’s issue log shows the root cause is inconsistent customer creation rules across two business units. Which response best reflects quality remediation accountability?

Options:

• A. Assign a business data owner to sponsor rule alignment and accountable remediation

• B. Have the BI team permanently adjust the dashboard calculations

• C. Close the issue after the steward documents the duplicates

• D. Ask data operations to run monthly cleansing scripts

Best answer: A

Explanation: Quality remediation accountability focuses on fixing the business-controlled cause of poor data, not only cleaning symptoms. The BI team may repair a report, and data operations may execute cleansing, but neither owns the business decision about how customers should be created and matched across business units. The data steward can analyze, document, coordinate, and monitor the issue, but accountable remediation requires a data owner or governance authority with decision rights to align rules, approve standards, and drive adoption. Temporary cleansing can be part of the plan, but it should support root-cause remediation rather than replace it.

• Report repair fails because correcting the dashboard masks the quality issue without changing customer creation rules.
• Recurring cleansing fails because monthly scripts treat symptoms while leaving inconsistent business rules in place.
• Documentation only fails because recording duplicates is stewardship evidence, not remediation ownership or closure.

Question 6

Topic: Governance Issue Management and Resolution

A data governance team reports that monthly data issue volume has fallen by 35% after introducing a standard intake form and triage rules. However, three high-impact customer master data issues have recurred for two quarters and remain unresolved because remediation requires changes across Sales, Billing, and Customer Support. What is the best continuous-improvement action?

Options:

• A. Escalate recurring issues for root-cause remediation decisions

• B. Reduce stewardship review frequency because volume is lower

• C. Add more issue categories to the intake form

• D. Reclassify recurring issues as operational exceptions

Best answer: A

Explanation: A decrease in issue volume is an activity or process-efficiency signal, not proof that governance outcomes have improved. High-impact recurring issues that remain open show that the issue management process is not resolving root causes or securing the needed decision rights across business areas. Continuous improvement should use the metric trend to identify unresolved patterns, escalate them through the governance operating model, confirm accountable data owners, and drive remediation decisions with measurable outcomes. The key distinction is between making issue intake smoother and improving business trust in critical data through resolution of systemic problems.

• Lower review cadence mistakes reduced intake volume for reduced risk; unresolved high-impact issues still need governance attention.
• Operational exceptions would normalize recurring failures instead of forcing accountability for remediation.
• More categories may improve classification detail, but it does not address cross-functional ownership or root causes.

Question 7

Topic: Master Reference and Architecture Governance

A finance dashboard and a sales dashboard both report “active customer” counts from the enterprise warehouse. The data governance team confirms that both dashboards use approved warehouse tables, the lineage from source systems is documented, and the audience has appropriate access. The disagreement comes from Finance excluding customers with overdue balances while Sales includes them if they had activity in the last 90 days. Which governance response best fits the situation?

Options:

• A. Assign database administrators as data owners

• B. Rebuild lineage from source systems to the dashboards

• C. Restrict dashboard access until counts match

• D. Convene stewards to approve a shared metric definition

Best answer: D

Explanation: A BI disagreement should be matched to the governance cause. Here, lineage, source use, and access are already acceptable. The unresolved issue is semantic: Finance and Sales apply different inclusion rules to the same business term. Data governance should bring the accountable data owner and relevant stewards together to define the metric, document approved calculation rules in the business glossary or metric catalog, and establish change control for future revisions. If different business views are legitimate, governance can name them distinctly rather than allowing one ambiguous term to drive conflicting decisions. The key takeaway is that inconsistent BI numbers are not always a technical warehouse problem; they often reveal an unresolved business definition.

• Lineage rebuild is unnecessary because the source-to-dashboard path is already documented and approved.
• DBA ownership confuses technical custody with business accountability for data meaning and usage.
• Access restriction does not address the stated cause because the audience already has appropriate access.

Question 8

Topic: Governance Metrics Maturity and Improvement

A data governance team is reviewing results from its first maturity assessment. Which assessment finding most clearly indicates a control weakness, rather than mainly a capability gap or adoption issue?

Options:

• A. Stewards completed training, but few submit issues through the workflow.

• B. The governance roadmap does not yet cover all data domains.

• C. Restricted-data access exceptions are not logged, time-bound, or reviewed.

• D. No formal role is defined for approving business glossary terms.

Best answer: C

Explanation: A governance maturity assessment separates different kinds of improvement needs. A capability gap means an expected capability, such as defined ownership or a decision forum, is missing or immature. An adoption issue means the capability exists but people are not using it consistently. A control weakness means a policy, standard, or required control is not being performed or evidenced well enough to manage risk. Unlogged, open-ended, and unreviewed access exceptions show that exception handling is not controlled, even if an access policy exists. That should drive a priority around control design, monitoring, evidence, and escalation.

• Undefined glossary approval points to a missing governance capability, not a failed control operation.
• Low workflow use points to adoption and behavior change, since trained stewards are not using the process.
• Incomplete roadmap coverage points to capability development and prioritization, not an operating control failure.

Question 9

Topic: Governance Strategy Business Case and Value

A finance, sales, and operations leadership group complains that monthly revenue dashboards are not trusted because teams use different customer and revenue definitions. Issue fixes are handled ad hoc by IT, and no business area accepts accountability for recurring data defects. Executives want a six-month governance initiative with visible measures of improved reporting trust and accountability. What is the best next initiative?

Options:

• A. Draft an enterprise data policy and defer reporting changes until it is approved.

• B. Ask IT operations to reconcile the reports manually before each month-end close.

• C. Replace the reporting tool and require all teams to use the new dashboards.

• D. Launch a governed reporting pilot with owners, stewards, glossary terms, quality rules, scorecards, and escalation.

Best answer: D

Explanation: The strongest next initiative is a focused governance pilot around the critical revenue reports. It addresses both needs in the scenario: trusted reporting and accountability. Business data owners should approve definitions and quality expectations, stewards should coordinate issue analysis and remediation, and IT custodians should support implementation. A business glossary, quality rules, scorecards, and an escalation path make progress measurable within six months. This approach also creates evidence of value, such as fewer definition disputes, fewer recurring defects, faster issue resolution, and higher stakeholder confidence. A broad policy or tool replacement may be useful later, but neither creates accountable decision rights and measurable reporting trust by itself.

• Tool replacement fails because common definitions, ownership, and issue accountability are governance problems, not only reporting-platform problems.
• Manual reconciliation may reduce near-term errors, but it leaves recurring defects and unclear business accountability unresolved.
• Policy-first delay creates governance intent, but it postpones the measurable reporting improvements executives requested.

Question 10

Topic: Governance Operating Model and Organization

A company is launching a data governance council after an audit found inconsistent revenue reporting between Sales and Finance. The program must resolve cross-domain definition conflicts, show accountable approval of critical data terms, and work with part-time stewards using the existing catalog.

Charter excerpt:

Purpose: Improve trust in customer and revenue data.
Scope: Business glossary, data quality rules, and stewardship forums.
Council: Reviews monthly scorecards and unresolved data issues.
Stewards: Document terms, collect issues, and monitor scorecards.
IT: Maintains the catalog and reporting pipelines.

Which governance decision would most strengthen the charter before launch?

Options:

• A. Let each department publish its own glossary terms

• B. Add data owner approval rights and escalation authority

• C. Assign IT as the owner of revenue definitions

• D. Delay governance until a new catalog is purchased

Best answer: B

Explanation: A governance charter should define the mandate, scope, roles, decision rights, and escalation path needed to make governance executable. The excerpt names activities and forums, but it does not say who has authority to approve shared business terms or resolve disputes between Sales and Finance. Because the audit concern involves inconsistent revenue reporting, accountability must sit with business data owners and the governance council, not only with stewards or IT custodians. Part-time stewardship and an existing catalog are workable constraints if the charter clarifies who decides, who documents, and where unresolved conflicts go. The key gap is not tooling or documentation volume; it is authority and accountability for cross-domain decisions.

• IT ownership confuses technical custody with business accountability for revenue meaning and approval.
• New catalog does not address the missing mandate or decision rights in the charter.
• Separate glossaries would preserve the Sales and Finance conflict instead of creating governed shared definitions.

Question 11

Topic: Master Reference and Architecture Governance

A bank is implementing a customer master. Sales wants household-level customer records for relationship reporting, while Finance requires legal-entity customer records for regulatory reporting. Project analysts have merged several records manually, but the conflict keeps reappearing in new integrations. What governance response best creates a durable resolution?

Options:

• A. Let each consuming system keep its preferred customer definition

• B. Have data stewards manually correct duplicates after each load

• C. Ask the integration team to pick the most common source format

• D. Escalate the definition and survivorship decision to accountable data owners

Best answer: D

Explanation: Master and reference data conflicts are durable only when governance assigns and uses clear decision rights. In this case, Sales and Finance have legitimate but different business needs for “customer.” Accountable data owners, usually working through the appropriate governance forum, should decide the authoritative enterprise definition, allowed representations, survivorship rules, and exceptions. Data stewards can prepare impact analysis and manage issue workflow, but they should not silently choose between competing business definitions. Technical teams then implement the approved rules in integrations and master data processes. Manual cleanup may reduce symptoms, but it does not resolve the ownership and policy decision that causes the recurring conflict.

• Source-format voting fails because frequency in source systems does not establish business authority or regulatory fitness.
• System-by-system definitions preserve local inconsistency and prevent trusted enterprise master data.
• Repeated manual cleanup treats symptoms after each load instead of resolving definition, ownership, and survivorship rules.

Question 12

Topic: Governance Operating Model and Organization

A national insurer is formalizing data governance after repeated disputes over customer definitions across claims, policy administration, and billing. The board requires consistent privacy classification and enterprise data policies, but each business domain has mature stewards who understand local rules. The central data office is small and cannot approve every glossary, quality-rule, and metadata decision. Which governance operating model best fits these constraints?

Options:

• A. Distributed governance fully owned by each domain

• B. Project-based governance through delivery teams

• C. Centralized governance led by the data office

• D. Federated governance with enterprise guardrails and domain stewardship

Best answer: D

Explanation: Federated data governance fits organizations that need both enterprise consistency and strong business-domain participation. A central governance council or data office defines common policies, decision rights, standards, escalation paths, and controls. Domain data owners and stewards then apply those guardrails to local glossaries, quality rules, metadata, and issue resolution. In this scenario, a purely centralized model would overload the small central team, while a fully distributed model would weaken consistency for privacy classification and customer definitions. Federated governance balances scalability with common authority.

• Centralized control fails because the central data office lacks capacity to approve every domain-level governance decision.
• Fully distributed ownership fails because separate domain authority would not reliably enforce common privacy classification or enterprise definitions.
• Project-based governance fails because delivery teams do not provide durable decision rights, stewardship accountability, or cross-domain escalation.

Question 13

Topic: Governance Program Operations and Sustainability

A data governance lead is asked to “run the program plan” for a new enterprise governance initiative. Three delivery teams already maintain project schedules for a catalog rollout, data quality dashboards, and access-control automation. The executive sponsor wants assurance that governance will remain aligned to business priorities after those projects deliver. What should the governance lead do?

Options:

• A. Track sprint velocity for each tool team

• B. Assign developers to catalog configuration tasks

• C. Create a governance roadmap and operating cadence

• D. Consolidate all delivery-team task plans

Best answer: C

Explanation: Governance program management is not the same as coordinating technical delivery. For a sustained governance initiative, the governance lead should manage the operating model: priorities, decision forums, stewardship participation, issue escalation, policy adoption, and value measures. Delivery teams may own the schedules for tools and automation, but the governance program needs a roadmap and regular rhythm that connects those efforts to business outcomes and accountable decision-making.

The key distinction is scope of control. Project scheduling manages tasks, dates, and resources for a deliverable. Governance program operations manage how decisions are made, how accountability is sustained, and whether governance practices continue after implementation work ends.

• Task consolidation treats governance as a project management office activity rather than a business accountability and decision-rights function.
• Developer assignment belongs to technical delivery management, not governance program leadership.
• Sprint velocity tracking may help tool teams, but it does not establish stewardship cadence, escalation, or governance value measurement.

Question 14

Topic: Governance Operating Model and Organization

A bank is formalizing data governance after an audit found inconsistent customer definitions across business domains. Customer and product leaders disagree on who can approve the enterprise definition, newly named stewards lack an escalation path, and regulators expect evidence of accountability for data decisions. Which governance decision is BEST?

Options:

• A. Publish a customer data policy

• B. Write a stewardship operating manual

• C. Create a project initiation document

• D. Approve a data governance charter

Best answer: D

Explanation: A data governance charter defines the mandate for the governance operating model. It establishes why governance exists, what scope it covers, who has authority, which forums make decisions, how roles such as owners and stewards participate, and how unresolved issues escalate. Those are the missing elements in the bank’s situation.

A policy states required behavior, a data standard defines approved formats, definitions, or quality rules, and a procedure or operating manual explains repeatable steps. A project initiation document authorizes a temporary project. The bank needs enduring governance authority and accountability, not only a rule, work instruction, standard, or delivery document.

• Policy alone may state requirements for customer data, but it does not establish the council mandate or decision rights.
• Operating manual can document steward workflows, but those workflows depend on defined authority and escalation.
• Project initiation can launch implementation work, but it does not create an ongoing governance operating mandate.

Question 15

Topic: Governance Operating Model and Organization

A data governance council meets monthly and publishes minutes, but business units continue to use conflicting customer definitions. Stewards say they can document issues but cannot require remediation. A privacy audit also found that classification decisions are not consistently followed in downstream reporting. Which charter revision is the best governance decision?

Options:

• A. Assign all definition and classification decisions to the data catalog administrator

• B. Ask each business unit to create its own customer definition standard

• C. Increase council meeting frequency and require longer status updates

• D. Define council decision rights, escalation authority, and required adoption of approved standards

Best answer: D

Explanation: A governance charter should define purpose, scope, decision rights, accountabilities, escalation paths, and how decisions become binding across the organization. In this scenario, the council is active but ineffective because it lacks an enforcement mandate. The right revision strengthens authority: approved definitions, classifications, and standards must be adopted, and unresolved noncompliance must have a clear escalation route. This preserves business accountability while giving governance decisions operational effect. More meetings do not solve a weak mandate, and assigning business decisions to a tool administrator confuses governance authority with technical custody.

• More meetings may improve communication, but it does not create authority to enforce approved definitions or classifications.
• Catalog administration supports metadata maintenance, but it should not own business decision rights for definitions and classification policy.
• Local standards would increase cross-domain inconsistency when the problem is lack of enterprise adoption.

Question 16

Topic: Security Privacy Ethics and Compliance Alignment

A bank’s marketing analytics team has approved access to customer transaction data under the access policy. A new profiling model flags customers likely to accept overdraft-fee products, and customer advocates report that low-income customers are being disproportionately targeted. Current policies cover access and retention but not acceptable analytic use or stakeholder harm, and no single data owner can decide across Marketing, Risk, and Compliance. Which governance decision is best?

Options:

• A. Mask customer identifiers so analysts cannot see individual names.

• B. Ask the data custodian to verify access logs and continue deployment.

• C. Have Marketing approve the model because it owns the revenue goal.

• D. Convene the governance council for a responsible-use decision before further deployment.

Best answer: D

Explanation: Approved access does not by itself make a data use ethical or acceptable. When analytics creates potential stakeholder harm, especially across business domains, governance must address decision rights, responsible-use criteria, and controls. A data governance council or equivalent forum is appropriate because Marketing, Risk, and Compliance have competing responsibilities and no single owner has clear authority. The decision should include whether the use may proceed, what conditions apply, who is accountable, and whether new policy or standards are needed. Technical custody tasks, revenue ownership, or de-identification may support the response, but they do not resolve the ethical governance decision.

• Access log review checks whether access was authorized, but the issue is whether the approved use is acceptable.
• Marketing approval ignores cross-domain risk and gives revenue goals priority over stakeholder harm.
• Identifier masking may reduce privacy exposure, but profiling can still create harmful targeting outcomes.

Question 17

Topic: Policies Standards Rules and Controls

A data governance council approved enterprise standards for customer status definitions and date formats. Six months later, three high-priority projects are still creating local variations because delivery teams say the standards are unclear for their domains. Business owners want comparable metrics for a regulatory report due next quarter, and the stewardship network is newly formed. What is the best governance decision?

Options:

• A. Let each project keep local definitions if they publish mappings afterward

• B. Ask the data architecture team to redesign the physical data models

• C. Suspend the standards until all projects agree on a single format

• D. Assign data stewards to review local variations, resolve definition gaps with owners, and require approved exceptions

Best answer: D

Explanation: Standards adoption requires more than publishing a document. When projects keep creating local definitions, governance should activate decision rights, stewardship review, and exception management. The council has already approved the standards, but the scenario shows ambiguity, a new stewardship capability, and a regulatory need for comparable metrics. The strongest response is to have stewards work with accountable data owners to clarify domain-specific gaps, update glossary or standard guidance where needed, and require approved exceptions for any justified deviation. This supports compliance and business value without turning enforcement into a purely technical task.

Allowing local variation with later mapping treats inconsistency as normal, while redesigning data models addresses implementation rather than governance adoption.

• Mapping later fails because it preserves inconsistent meanings during a time-sensitive regulatory reporting need.
• Physical redesign may help implementation, but it does not resolve ownership, definitions, or exception decisions.
• Suspending standards removes the governance baseline when the needed response is clarification and controlled enforcement.

Question 18

Topic: Roles Responsibilities and Decision Rights

A data governance office launched a stewardship community to improve adoption of glossary and quality-rule practices. Stewards completed onboarding, have 20% of their time allocated, and receive recognition in department goals. After three months, definition conflicts still remain unresolved because stewards can only recommend changes, while each department manager continues approving local meanings independently. What is the most likely root cause of the adoption problem?

Options:

• A. Insufficient steward capacity

• B. Lack of decision authority

• C. Inadequate stewardship training

• D. Weak incentive alignment

Best answer: B

Explanation: Stewardship adoption problems should be diagnosed by the barrier that prevents the desired behavior. Here, capacity, training, and incentives are already addressed: stewards have allocated time, have completed onboarding, and are recognized in department goals. The remaining blocker is that stewards can only recommend changes while local managers retain independent approval over conflicting definitions. In a DAMA-aligned governance model, stewards often facilitate, document, and recommend, but cross-functional decisions need clear decision rights, accountable data owners, and escalation to an appropriate governance forum when agreement cannot be reached. The key issue is not effort or awareness, but missing authority to settle shared business meaning.

• Capacity constraint does not fit because the scenario states stewards have 20% of their time allocated.
• Training gap does not fit because stewards completed onboarding and understand the process.
• Incentive gap does not fit because stewardship participation is recognized in department goals.

Question 19

Topic: Governance Metrics Maturity and Improvement

A company launched a data governance program with approved policies and named stewards, but business teams still bypass the stewardship workflow and resolve definition disputes in project meetings. A recent survey shows that teams see governance as extra work with unclear benefits. Which response best supports governance adoption?

Options:

• A. Require the governance council to approve every project definition

• B. Issue a stricter policy reminding teams that stewardship is mandatory

• C. Ask data custodians to enforce all glossary decisions in the catalog

• D. Embed stewardship steps in project workflows and publish feedback-based success stories

Best answer: D

Explanation: Governance adoption depends on behavior change, not only formal authority. When teams bypass stewardship because it feels like extra work, the better response is to make the expected behavior part of existing work patterns and show why it matters. Embedding stewardship checkpoints into project intake, requirements, or change workflows reduces friction. Using survey feedback and success stories helps communications address real concerns and demonstrates business value. Sponsorship and policy still matter, but they are not enough when users do not understand the benefit or find the process difficult to follow.

• Custodian enforcement confuses technical custody with business accountability for definitions and adoption.
• Council approval for every definition creates a bottleneck and discourages routine stewardship.
• Stricter policy reminders may clarify expectations but do not address workflow friction or perceived lack of value.

Question 20

Topic: Governance Operating Model and Organization

A bank has two business units using different definitions of “active customer” for enterprise risk reporting. Data stewards have documented the conflict and proposed impacts, but neither business unit has authority over the other. Which governance body is best suited to approve the enterprise definition and resolve the cross-domain decision?

Options:

• A. Data governance council

• B. Executive oversight group

• C. Technical metadata working group

• D. Data stewardship forum

Best answer: A

Explanation: Governance bodies exist to place the right decisions at the right level of authority. A cross-domain definition conflict that affects enterprise reporting requires a body with delegated decision rights across business areas. A data governance council commonly approves shared policies, definitions, priorities, and escalated issue resolutions. Stewardship forums prepare analysis and recommendations, working groups handle focused specialist tasks, and executive oversight groups provide sponsorship and strategic direction rather than adjudicating each business definition.

• Technical working group is too implementation-focused for approving an enterprise business definition.
• Stewardship forum can analyze impacts and recommend wording, but it usually lacks final cross-domain authority.
• Executive oversight sponsors and removes major barriers, but routine definition approval belongs closer to the governance council.

Question 21

Topic: Roles Responsibilities and Decision Rights

A sales reporting issue has appeared in the data quality log for three quarters. Each month, analysts meet with CRM and billing teams, agree on a temporary mapping, and IT updates the reporting job. The issue reopens when a new product bundle is launched because Sales and Finance still use different definitions of “active customer.” What best explains why the issue remains unresolved?

Options:

• A. The analysts need more frequent status meetings

• B. The IT custodian needs full authority over customer definitions

• C. No accountable data owner has resolved the business definition conflict

• D. The reporting job needs stricter automated validation rules

Best answer: C

Explanation: Repeated meetings and operational fixes often fail when the underlying issue is a governance decision, not a technical defect. Here, IT can adjust mappings and analysts can coordinate temporary workarounds, but Sales and Finance still disagree on the meaning of “active customer.” That requires explicit decision rights: an accountable business data owner, or escalation to a data governance council if the conflict crosses domains. Once the definition is approved, stewardship can update the glossary, standards, quality rules, and implementation requirements. Automation may help enforce the decision, but it cannot decide the business meaning.

• Automation-first thinking fails because validation rules can enforce an agreed definition but cannot settle disagreement between business functions.
• More meetings fails because the scenario already shows repeated coordination without a decision authority.
• Custodian authority fails because IT manages technical implementation and custody, not business ownership of customer meaning.

Question 22

Topic: Security Privacy Ethics and Compliance Alignment

A bank’s analytics team has approved access to customer transaction data for a retention model. Profiling results will be used to identify customers likely to leave, but consumer advocates warn that the same profile may target financially vulnerable customers with higher-fee products. Existing access approvals and privacy notices do not address this potential harm. What is the best governance action?

Options:

• A. Ask IT to further restrict database permissions

• B. Escalate for responsible-use review and mitigation controls

• C. Allow the work because access was approved

• D. Document the model in the technical catalog only

Best answer: B

Explanation: Ethical data governance includes responsible use of data, not only lawful access or technical security. Here, the analytics team has permission to use the data, but the proposed profiling may create unfair or harmful outcomes for a stakeholder group. The appropriate response is to bring the use case into a governance forum or responsible-use process that can evaluate intended use, affected stakeholders, acceptable purposes, mitigation controls, monitoring, and escalation. The outcome may include policy clarification, use restrictions, review conditions, or controls over how model outputs may influence offers. Technical permission changes or metadata documentation may support the decision, but they do not address whether the profiling use is acceptable.

• Access approval alone fails because permission to reach data does not decide whether a profiling use is fair or acceptable.
• Permission restriction is too narrow because the concern is harmful use of approved data, not unauthorized database access.
• Catalog documentation may improve transparency, but documentation alone does not assess or mitigate stakeholder harm.

Question 23

Topic: Roles Responsibilities and Decision Rights

A company has recurring customer-status discrepancies in sales dashboards and support reports. A few analysts have been volunteering to clean extracts before monthly reviews, and subject-matter experts answer questions when asked. The data governance council has approved business ownership for the customer domain, and an upcoming audit requires named accountability for definitions, quality rules, and issue escalation. What is the best governance decision?

Options:

• A. Assign a formal customer data steward under the domain owner

• B. Ask subject-matter experts to continue advising project teams

• C. Direct the database team to correct source records monthly

• D. Make the volunteer analysts permanent report cleaners

Best answer: A

Explanation: Formal data stewardship is an accountable governance role, not just helpful participation by knowledgeable people. In this scenario, the council has already approved business ownership, and the audit requires named accountability for definitions, quality rules, and escalation. The appropriate governance move is to establish a steward role connected to the customer domain owner, with responsibilities documented in the stewardship model or RACI. Subject-matter experts can still contribute knowledge, and analysts or custodians may perform technical work, but they should not become the default accountability mechanism for business meaning and issue decisions.

The key distinction is responsibility: consultation provides input, while stewardship owns ongoing coordination, standards, rule maintenance, and escalation paths.

• SME advice helps interpret business context, but it does not create durable accountability for definitions, rules, or escalation.
• Volunteer cleanup treats symptoms in reports and leaves ownership, quality rules, and root-cause governance unresolved.
• Database correction assigns technical custody work to IT but does not address business decision rights for customer data meaning.

Question 24

Topic: Governance Operating Model and Organization

A global manufacturer is redesigning its data governance operating model. Corporate finance needs enterprise-wide standards for customer identifiers, data classification, and metric naming. Regional sales domains have strong local expertise and valid market-specific rules that affect customer segmentation and reporting. Which approach best balances enterprise consistency with domain ownership?

Options:

• A. Let each reporting project define rules for its own deliverables

• B. Centralize all definitions and rule changes in the governance office

• C. Allow each region to set independent standards without escalation

• D. Use a federated model with enterprise standards and domain stewardship

Best answer: D

Explanation: A federated governance model fits when an organization needs common enterprise standards but also depends on domain expertise. The governance council or central governance function should define enterprise policies, shared standards, decision rights, and escalation paths. Domain owners and stewards then apply those standards within their business context, maintain local rules where justified, and raise cross-domain conflicts for resolution. This avoids both over-centralization, which can ignore legitimate business variation, and uncontrolled distribution, which can create inconsistent definitions and metrics.

• Full centralization can produce consistency, but it underuses regional expertise and may not handle valid local segmentation rules well.
• Independent regional standards preserve local control, but they weaken enterprise identifiers, classification, and comparable metrics.
• Project-level rule setting treats governance as delivery work, which causes repeated definition conflicts and poor reuse.

Question 25

Topic: Roles Responsibilities and Decision Rights

A data governance council is resolving a dispute over changing the enterprise definition of active customer. Sales wants to include trial users, while Finance says the definition feeds revenue reporting and master customer matching. Which decision-rights assignment best fits the change?

Options:

• A. Each department approves its own definition independently

• B. Project manager approves because the reporting release needs the change

• C. Business data owner approves; stewards assess impact; custodians implement

• D. Data custodian approves because the definition is stored in systems

Best answer: C

Explanation: Decision rights should match the nature and scope of the change. A definition used across revenue reporting and master customer matching is an enterprise business definition, not just a system configuration or project deliverable. The accountable business data owner, often working through the governance council when domains or functions conflict, should approve the definition. Data stewards should coordinate analysis, document the glossary change, assess impacts, and prepare recommendations. Data custodians then implement approved changes in systems and metadata repositories. The key distinction is accountability for business meaning versus technical custody.

• Technical custody fails because storing a definition in a system does not give IT authority to decide enterprise business meaning.
• Project delivery fails because a release deadline does not override governed decision rights for shared data definitions.
• Local definitions fail because independent departmental approval would preserve the conflict and weaken enterprise consistency.

Questions 26-50

Question 26

Topic: Governance Operating Model and Organization

A bank’s customer data program has reached an unresolved conflict. Retail Banking and Wealth Management use different definitions of “active customer,” and both metrics feed an executive risk dashboard due for regulatory review next month. The stewardship forum documented the definitions and business impacts, but neither domain has authority to impose a cross-domain standard. Which governance decision is BEST?

Options:

• A. Let Retail Banking keep its definition as the larger data producer

• B. Defer the decision until both domains voluntarily agree

• C. Ask the data catalog administrator to select the glossary definition

• D. Escalate the definition decision to the data governance council

Best answer: D

Explanation: Governance operating models assign decisions to the lowest forum with the right authority, but escalation is needed when an issue crosses domains, affects enterprise reporting, or carries regulatory risk. Here, the stewardship forum has done the right preparation by documenting definitions and impacts, but it lacks authority to set a cross-domain standard. The data governance council is the appropriate body to resolve the conflict, approve the enterprise definition or exception, and make the decision visible for accountability. Technical catalog maintenance can record the decision, but it should not create the decision. The key is matching decision rights to business scope and risk.

• Producer dominance fails because source size does not grant enterprise authority over a shared business definition.
• Catalog administration fails because maintaining metadata is custody work, not business decision-making.
• Voluntary agreement fails because regulatory timing and unresolved cross-domain impact require formal escalation.

Question 27

Topic: Business Glossary Metadata and Definition Governance

A bank’s catalog shows three different lineage paths for the same customer profitability metric. ETL developers maintain the mappings, business teams disagree on the definition, and auditors want evidence that lineage updates are reviewed when source systems or calculation rules change. Which governance response best establishes accountability for the metadata and lineage?

Options:

• A. Run a one-time documentation project to capture the current lineage and close the audit issue

• B. Make ETL developers the sole owners of lineage because they maintain the transformations

• C. Let the catalog administrator choose one lineage path and publish it as authoritative

• D. Assign business ownership and stewardship for definitions, lineage standards, quality expectations, and change review

Best answer: D

Explanation: Metadata and lineage governance defines who is accountable for meaning, standards, quality expectations, and lifecycle maintenance. In this scenario, the decisive need is not just technical mapping knowledge; it is governed accountability for business definitions and ongoing review when source systems or calculation rules change. Data owners provide authority for business meaning and approval. Data stewards coordinate glossary, metadata, lineage, and issue processes. Data custodians and ETL teams provide technical metadata and implement approved changes. The catalog administrator may manage the tool, but should not unilaterally decide business meaning or authoritative lineage.

• Technical custody is not enough because ETL teams can explain transformations but do not own business meaning or governance standards.
• Tool administration fails because publishing in the catalog does not create decision rights or resolve definition conflicts.
• One-time documentation fails because lineage accountability requires lifecycle review, not only a point-in-time audit response.

Question 28

Topic: Security Privacy Ethics and Compliance Alignment

A marketing analytics team has approved access to customer purchase, service, and demographic data. During profiling, the team creates a segment that strongly correlates with age and disability status and plans to use it to exclude customers from a premium support offer. Existing access controls and approvals were followed. What is the best governance action before the segment is used?

Options:

• A. Escalate for responsible-use impact review

• B. Let the marketing data owner approve deployment

• C. Ask the data custodian to encrypt the dataset

• D. Confirm the analysts completed access training

Best answer: A

Explanation: Ethical data governance covers more than whether users are authorized to see data. Approved access does not automatically make every analytic use acceptable. When profiling may create unfair treatment, exclusion, discrimination, or other stakeholder harm, the issue should go through a responsible-use or ethics-oriented governance process. That review should consider business purpose, affected stakeholders, fairness, transparency, proportionality, controls, and whether the use aligns with data policy and organizational values. The decision may involve the data owner, stewards, privacy, legal, risk, and a governance council, but it should not be treated as a routine access-control matter. The key distinction is between permission to access data and permission to use derived insights in a way that affects people.

• Access training addresses user awareness, not whether the profiling outcome creates unacceptable harm.
• Encryption protects confidentiality but does not address unfair segmentation or exclusion.
• Owner-only approval is too narrow when responsible use requires cross-functional governance and impact assessment.

Question 29

Topic: Roles Responsibilities and Decision Rights

A data governance council is finalizing a RACI for approving enterprise definitions of customer status values. Data stewards from Sales, Service, and Finance will analyze conflicts and recommend wording. Data architects will update metadata models after approval, and affected reporting teams will be informed of the decision.

Which assignment best reflects decision accountability?

Options:

• A. Name data architects as accountable for approval

• B. Name the data owner as accountable for approval

• C. Name reporting teams as accountable after notification

• D. Name all data stewards as jointly accountable

Best answer: B

Explanation: In a governance RACI, accountability is not the same as doing analysis, being consulted, implementing a change, or receiving notice. The accountable role has decision authority and is answerable for the outcome. Here, stewards participate by analyzing definition conflicts and recommending wording. Architects implement the approved decision in metadata structures. Reporting teams are informed so they can align reports. The data owner is the appropriate accountable role because the decision affects business meaning and cross-functional use of customer status values.

A good accountability design avoids assigning final approval to every participant, because shared participation can obscure who has the authority to decide and who must resolve escalation if consensus fails.

• Stewards as approvers confuses participation and recommendation with final decision accountability.
• Architect approval confuses technical implementation with authority over business meaning.
• Reporting notification means teams need awareness and adoption, not ownership of the approval decision.

Question 30

Topic: Policies Standards Rules and Controls

A data governance council is reviewing controls for publishing new analytical datasets. The proposed workflow will block a dataset from being released until the data owner confirms the data classification and the steward confirms that approved quality rules are attached. What type of control is this primarily?

Options:

• A. Corrective control

• B. Detective control

• C. Preventive control

• D. Directive control

Best answer: C

Explanation: A preventive control is designed to stop an unwanted condition before it occurs. In this scenario, the workflow blocks publication until classification and quality-rule governance steps are completed, so the risk is prevented at the release point. A detective control would identify a problem after release, such as a periodic audit finding missing classifications. A corrective control would repair or remediate an issue already found. A directive control would communicate required behavior, such as a policy or standard stating that all datasets must be classified. The key distinction is that this control enforces compliance before the dataset becomes available.

• Detective control fails because no post-release monitoring or exception detection is being described.
• Corrective control fails because the workflow is not remediating an already-published defective dataset.
• Directive control fails because the scenario describes an enforcing gate, not only a policy or instruction.

Question 31

Topic: Policies Standards Rules and Controls

A data governance council reviews an exception register for waivers to enterprise customer data standards. Policy requires every exception to include a business rationale, accountable owner, expiration or review date, and compensating control.

Which governance risk is most directly indicated by the register?

Options:

• A. Every waiver must be escalated immediately to executive management.

• B. Data custodians lose authority to implement technical controls.

• C. Waivers may become unmanaged policy bypasses without accountability or mitigation.

• D. The business glossary will contain duplicate customer definitions.

Best answer: C

Explanation: An exception register is a governance control for managing approved departures from policy or standards. Each exception should be justified, owned, time-bound, reviewed, and supported by an appropriate compensating control when risk remains. In the exhibit, missing expiration dates allow waivers to continue indefinitely, missing owners weaken accountability, missing rationales make approvals hard to defend, and missing compensating controls leave residual risk unmanaged. The main concern is not the existence of exceptions, but the lack of governance discipline around them.

• Executive escalation may be needed for high-risk or unresolved exceptions, but the register alone does not require immediate escalation of every waiver.
• Technical custody remains with custodians; poor exception documentation does not remove their implementation responsibilities.
• Glossary duplication is a possible metadata issue, but the visible problem is weak waiver governance, not conflicting definitions.

Question 32

Topic: Master Reference and Architecture Governance

A bank is creating an enterprise customer model to align CRM, loan servicing, and analytics. Business units disagree on the meaning of “active customer,” the privacy team requires lineage for regulated attributes, and the platform team wants to optimize tables for a new cloud warehouse. Which governance decision best addresses the situation?

Options:

• A. Require the data architects to implement one physical schema across all platforms

• B. Approve modeling standards and decision rights, then delegate physical optimization to technical teams

• C. Let the cloud warehouse team choose the model that gives the lowest query cost

• D. Ask each system owner to keep its current model and publish mappings later

Best answer: B

Explanation: Architecture and modeling governance sets decision rights, principles, standards, and accountability for shared data structures. In this case, governance must resolve cross-domain meaning, assign ownership for the enterprise customer concept, and require lineage for regulated attributes. Those decisions guide architecture and modeling work, but they are not the same as choosing indexes, partitions, storage formats, or cloud warehouse performance tactics. Technical teams should optimize the physical implementation within the approved governance constraints. The key distinction is that governance defines what must be consistent and accountable; implementation teams decide how to make it work efficiently on each platform.

• Cost-first design fails because query cost cannot override unresolved business definitions, lineage needs, and decision rights.
• Deferred mappings fail because keeping conflicting models preserves the ownership gap and delays governance of shared meaning.
• One physical schema fails because governance should not force identical platform implementation when logical consistency and standards are the real need.

Question 33

Topic: Governance Program Operations and Sustainability

A healthcare analytics team is building a readmission-risk data product that will feed operational dashboards. The project has a fixed release date, uses patient and claims data, and has unresolved conflicts over the definition of “avoidable readmission.” Data stewards exist in each domain, but governance has not been included in the delivery workflow. Which governance decision is BEST?

Options:

• A. Have IT custodians correct the source data before release

• B. Let the analytics team choose the definition for release

• C. Require the governance council to approve every dashboard change

• D. Add governance checkpoints to the delivery workflow

Best answer: D

Explanation: Governance should be built into normal delivery and operational processes, not added after release or handled only by a central forum. In this scenario, the best decision is to add governance checkpoints to the data product lifecycle: confirm the accountable data owner, involve domain stewards in resolving the definition conflict, apply classification and access requirements for patient data, document glossary and lineage metadata, and define quality controls that continue after release. This supports the fixed delivery date while managing business meaning, risk, and operational trust. A council may be needed for escalation if stewards cannot resolve the definition, but it should not approve every routine dashboard change.

• Project-only definition fails because a cross-domain business term needs governed ownership and steward participation.
• Council approval for every change creates an impractical bottleneck and does not embed governance into routine delivery.
• Custodian-led correction confuses technical custody with business accountability for definitions, policy, and quality rules.

Question 34

Topic: Data Governance Foundations and Principles

A bank has separate teams defining customer, account, and consent data for each project. Reports are inconsistent, privacy controls vary by channel, and reusable data products are not trusted outside their source systems. Which governance principle best addresses the underlying problem?

Options:

• A. Data access should be managed only by technical custodians

• B. Data is a shared enterprise asset with accountable decision rights

• C. Data definitions should be optimized within each project

• D. Data quality is primarily a source-system operations task

Best answer: B

Explanation: Data governance is based on the principle that data is a valuable shared asset, not merely a by-product of systems or projects. In the bank scenario, the failures span definitions, reuse, trust, and compliance, so the remedy is not only operational cleanup or tool administration. Governance should assign business accountability, clarify decision rights, and create shared policies, standards, and stewardship practices across domains and systems. That enables consistent meaning, reusable data, compliant handling, and decisions aligned to business objectives. Technical teams may implement controls and manage platforms, but governance defines who is accountable for decisions about data and how conflicts are resolved.

• Source-system focus is too narrow because local operations cannot resolve enterprise definition, reuse, and compliance conflicts.
• Project optimization reinforces the cause of inconsistent definitions and weak reuse across the bank.
• Technical custody only confuses platform administration with business accountability for data meaning, use, and policy decisions.

Question 35

Topic: Business Glossary Metadata and Definition Governance

A bank is preparing for a regulatory review of customer reporting lineage. The metadata catalog contains technical mappings maintained by IT, but business terms have conflicting definitions across Risk and Finance. No role is accountable for approving lineage changes after source-system releases, and recent data quality exceptions could not be traced to an approved business rule. Which governance decision is best?

Options:

• A. Assign business ownership for glossary terms and lineage approval

• B. Freeze source-system releases until the catalog is complete

• C. Ask IT custodians to certify all catalog mappings

• D. Let each project define lineage for its own reports

Best answer: A

Explanation: Metadata and lineage governance should define who owns business meaning, who approves changes, what standards apply, and how quality expectations are linked to data use. In this situation, IT custody of mappings is not enough because the unresolved issues involve business definitions, approved quality rules, and accountability for lineage after system changes. A governance decision should assign data owners and stewards for the glossary and lineage approval process, define standards for metadata updates, and connect quality exceptions to approved business rules. That creates lifecycle responsibility from definition through change and review. Technical catalog maintenance remains important, but it should operate under business-approved governance rules rather than become the source of business authority.

• IT certification alone addresses technical custody but does not resolve business definition conflicts or rule ownership.
• Release freeze may reduce immediate change risk but does not establish decision rights or sustainable lifecycle accountability.
• Project-defined lineage creates inconsistent metadata and weakens enterprise standards needed for regulatory evidence.

Question 36

Topic: Data Governance Foundations and Principles

A bank is resolving a dispute about the enterprise definition of “active customer.” The issue affects customer master data, marketing segmentation, regulatory reporting, access classification, and data quality rules. Each area has a steward, but none has authority to align the affected disciplines or prepare a decision for the governance council. Which role best fits the need?

Options:

• A. Data governance lead

• B. Data custodian

• C. Application owner

• D. Data quality analyst

Best answer: A

Explanation: Cross-domain data issues require governance coordination, not only technical execution or subject-area analysis. A data governance lead or similar governance program role facilitates the decision process across data domains, stewards, owners, and related disciplines such as quality, metadata, privacy, and architecture. The role does not unilaterally define the data; it ensures the right accountable parties are involved, conflicts are documented, impacts are understood, and decisions are escalated to the appropriate governance forum when needed. In this case, the active customer definition affects multiple DAMA knowledge areas, so a coordinating governance role is needed to align decision rights and prepare a council-level resolution.

• Technical custody fails because custodians manage platforms and controls but do not own enterprise semantic decisions.
• Quality analysis is too narrow because quality rules depend on the agreed business definition.
• Application ownership is too local because the definition affects enterprise use beyond one system.

Question 37

Topic: Roles Responsibilities and Decision Rights

A governance council is updating the RACI for approving the enterprise definition of “active customer.” The charter states that the customer data owner has decision rights for customer business definitions. Data stewards prepare impact analysis, data custodians implement approved metadata and reporting changes, and affected report users receive release notes. Which role should be accountable for the approval decision?

Options:

• A. Affected report users

• B. Data custodian

• C. Customer data steward

• D. Customer data owner

Best answer: D

Explanation: Decision accountability means owning the authority and answerability for a decision, not merely helping it happen. In a RACI-style design, the accountable role is the one with decision rights for the outcome. Here, the charter explicitly assigns customer business definition decisions to the customer data owner. Stewards may analyze impacts and coordinate input, custodians may implement the approved change in systems or metadata, and users may be informed so they can adjust reporting practices. Participation, consultation, implementation, and notification can all be important, but they do not transfer decision accountability.

• Steward analysis supports the decision with expertise and coordination, but it does not replace the owner’s approval authority.
• Custodian implementation executes approved changes in technical environments, but custody is not business decision ownership.
• User notification keeps stakeholders aware of the change, but being informed is not decision accountability.

Question 38

Topic: Data Governance Foundations and Principles

A customer analytics program has conflicting definitions of “active customer.” The database administrator controls the customer tables, and a senior analyst is often asked for advice because she understands campaign behavior. Finance and Marketing both use the metric for official reporting. Which governance boundary best prevents authority from being confused with informal consultation or technical ownership?

Options:

• A. Let each department keep its own definition without escalation

• B. Let the senior analyst decide because she is the most consulted subject-matter expert

• C. Let the database administrator decide because the tables are under IT control

• D. Name an accountable business data owner to decide the definition

Best answer: D

Explanation: Data governance separates decision authority from expertise and technical custody. A database administrator may control platforms and implement changes, but that is custody, not business ownership. A subject-matter expert or analyst may provide valuable consultation, but being frequently consulted does not create decision rights. For an official metric used across functions, an accountable business data owner, often working through stewardship and governance forums, should approve the definition and handle escalation when departments disagree. The key boundary is accountability for business meaning versus advice or technical control.

• Technical custody fails because controlling tables or systems does not grant authority over enterprise business definitions.
• Informal expertise fails because subject-matter knowledge supports the decision but does not replace assigned decision rights.
• Local definitions fail because unresolved cross-functional conflicts weaken consistency for official reporting.

Question 39

Topic: Roles Responsibilities and Decision Rights

A governance council is resolving a conflict over the enterprise definition of preferred contact method for customer data. Marketing uses the field in campaigns, the CRM analyst knows the current screen behavior, the integration team maintains the database and ETL jobs, and a customer-domain steward has documented proposed definitions and impacts. Who should be accountable for approving the final business definition and rule?

Options:

• A. The customer-domain data owner

• B. The integration team data custodian

• C. The customer-domain data steward

• D. The CRM subject-matter expert

Best answer: A

Explanation: When responsibilities overlap, DAMA-aligned governance separates accountability from support and execution. The data owner is the business role accountable for decisions about a data domain, including approving business definitions, rules, and acceptable use. A data steward typically coordinates analysis, documents definitions, manages issue workflows, and prepares recommendations. A custodian implements and operates technical controls or changes. A subject-matter expert provides detailed operational knowledge, but does not normally hold enterprise decision rights unless formally assigned ownership. The key distinction is who has authority to decide, not who knows the field best or who can implement the change.

• Steward as approver is tempting because the steward prepared the definition, but stewardship usually supports and coordinates the decision rather than owns it.
• Custodian as approver confuses technical custody with business accountability; the integration team can implement the approved rule.
• SME as approver relies on process knowledge, but expertise alone does not grant enterprise data decision rights.

Question 40

Topic: Governance Program Operations and Sustainability

A data governance council was created to set enterprise priorities, approve policies, and resolve cross-domain conflicts. After three months, most meetings are spent reviewing individual data defects, assigning cleanup tasks, and discussing catalog field updates. Strategic decisions on ownership and policy exceptions are repeatedly deferred. What is the best action to restore an effective operating rhythm?

Options:

• A. Move all issue decisions to IT operations

• B. Delegate operational triage to stewardship working groups

• C. Add more council meetings each month

• D. Pause policy work until defects are resolved

Best answer: B

Explanation: A governance council should focus on enterprise decision rights, priorities, policies, funding trade-offs, and escalated cross-domain issues. When it becomes a detailed operational work queue, the operating model needs clearer separation between strategic governance and stewardship execution. Routine defect triage, catalog maintenance, and cleanup coordination belong in stewardship working groups or issue-management processes. The council should receive summarized metrics, unresolved escalations, and decisions requiring authority across domains. Clear agendas, delegation rules, and escalation criteria preserve accountability without burying strategic decision-makers in task-level detail.

The key is not to remove governance oversight, but to route the right work to the right forum.

• More meetings may increase capacity, but it does not correct the mismatch between operational work and strategic authority.
• IT-only decisions confuse custody and execution with business accountability for data definitions, quality, and policy decisions.
• Pausing policy work lets urgent defects crowd out the governance responsibilities needed to prevent recurring issues.

Question 41

Topic: Roles Responsibilities and Decision Rights

Sales and Finance disagree about who may approve a change to the valid values for a shared Customer Status attribute used in reporting, billing, and customer service. The database team can make the technical update, but no current RACI names an approver for this shared data. Which role clarification best fits DAMA-aligned data governance?

Options:

• A. Have the governance council assign an accountable data owner for approval

• B. Let the database custodian approve because they control implementation

• C. Have data stewards approve all shared attribute changes

• D. Let each consuming team approve its own local values

Best answer: A

Explanation: Data governance separates decision authority from technical custody and stewardship support. A shared business attribute affects multiple processes, so approval should not default to the team that can update the database or to whichever consuming team is most affected. When the RACI does not name an approver, the governance council or equivalent forum should resolve the decision-rights gap by assigning or confirming an accountable data owner. Data stewards can document impacts, facilitate definition alignment, and prepare recommendations. Data custodians implement approved changes and maintain technical controls. The key governance action is to establish clear accountability before the change is approved.

• Technical custody is not approval authority; database control supports implementation, not business accountability.
• Local approvals would create inconsistent shared data and weaken enterprise alignment.
• Steward approval overstates the steward role; stewards usually coordinate, analyze, and recommend rather than own final decision rights.

Question 42

Topic: Data Quality Governance

A regulatory reporting data quality rule is generating frequent exceptions. The rule was created by the data engineering team, has no named business owner, and its threshold is disputed by Finance and Risk. The reporting deadline is approaching, and the current quality policy requires business approval for material reporting rules. What is the BEST governance decision?

Options:

• A. Route the rule to the stewardship forum for owner assignment, threshold approval, and escalation definition

• B. Let each reporting team set its own threshold until the deadline passes

• C. Disable the rule until Finance and Risk agree informally

• D. Assign temporary ownership to data engineering and keep enforcing the rule

Best answer: A

Explanation: A material data quality rule needs business accountability, approved relevance, an agreed threshold, and a path for unresolved exceptions. Because Finance and Risk dispute the threshold and no business owner exists, the governance response should not be technical tuning or local workaround. A stewardship forum or governance body should assign the appropriate data owner or steward, confirm the rule’s business purpose, approve the threshold, and define escalation for unresolved issues before relying on it for regulatory reporting. Technical teams may implement and monitor the rule, but they should not own the business decision about what the rule means or when exceptions are acceptable.

• Technical ownership fails because engineering can implement controls but should not approve business thresholds for material reporting.
• Local thresholds create inconsistent reporting and bypass the required business approval.
• Disabling the rule removes evidence of a known reporting risk instead of governing its ownership and escalation.

Question 43

Topic: Governance Issue Management and Resolution

A renewal-risk dashboard shows a 12% duplicate-customer rate. Triage finds three causes: service agents create new customer records during reactivation, Sales and Finance disagree on the definition of “active customer,” and the warehouse team needs approved rules before changing matching logic. The customer data policy says business data owners approve definitions and controls; data custodians implement approved technical changes. Revenue forecasting and audit reporting are affected. Which governance decision is BEST?

Options:

• A. Escalate the full issue to the governance council to design the matching logic.

• B. Split the problem into separate tickets and close the governance issue after the warehouse patch.

• C. Assign the warehouse team as issue owner because the duplicate rate appears in reporting.

• D. Assign the customer data owner as accountable issue owner and coordinate stewards, the process owner, and custodians.

Best answer: D

Explanation: A cross-domain data issue needs one accountable business owner plus coordinated remediation across roles. Here, the customer data owner has decision rights for definitions and controls, so that role should own the issue outcome. Data stewards can work through the Sales-Finance definition conflict, the source process owner can correct reactivation behavior, and data custodians can implement approved warehouse matching logic. If the definition dispute cannot be resolved by the accountable owner and stewards, it can be escalated to the governance council, but the council should not replace normal ownership or technical execution.

• Reporting symptom fails because the warehouse team is a custodian of the report logic, not the accountable owner of business definitions or source behavior.
• Separate tickets fails because isolated fixes can leave the definition dispute and source-process cause unresolved.
• Council execution fails because the council provides authority and escalation, not detailed technical design or operational ownership.

Question 44

Topic: Governance Strategy Business Case and Value

A data governance council reviews a 12-month roadmap for a customer data program. The roadmap lists activities such as appointing stewards, implementing a glossary, profiling customer records, and drafting data standards. However, the executive sponsor says funding depends on showing how these activities support the stated business goal: reducing duplicate customer contacts and improving campaign conversion. The council also notes unclear ownership between Marketing and Sales and no agreed success measures. What is the BEST governance decision?

Options:

• A. Delay the roadmap until all customer data is profiled

• B. Map each roadmap activity to business outcomes, owners, and measures

• C. Prioritize the glossary because terminology must come first

• D. Assign IT custody for customer data quality remediation

Best answer: B

Explanation: A governance roadmap should show a clear line of sight from business objectives to governance activity. In this case, the missing link is not another technical task; it is the connection between the campaign goal, cross-domain ownership, planned governance work, and measurable value. The council should clarify who has decision rights for customer definitions and quality rules, assign business accountability across Marketing and Sales, and define success measures such as duplicate-contact reduction or conversion improvement. That makes the roadmap fundable and manageable because activities can be prioritized by business value and risk reduction. A glossary or profiling may still be useful, but only as part of an outcome-driven roadmap.

• Glossary first is too narrow because terminology work must be tied to ownership and measurable campaign outcomes.
• IT custody confuses technical support with business accountability for customer data decisions and quality rules.
• Profiling delay adds analysis but does not resolve the missing business-value linkage or ownership gap.

Question 45

Topic: Policies Standards Rules and Controls

An enterprise standard requires master customer records to use enterprise segment codes before they appear in sales dashboards. A regional CRM migration will take 5 months. The region requests an exception to keep using local segment codes during the migration. The customer data owner accepts the risk, a steward proposes weekly mapping reconciliation, and the migration plan has a target completion date. The standard allows exceptions only with a named risk owner, compensating control, remediation date, and review. What is the most appropriate governance response?

Options:

• A. Approve a time-bound waiver with reconciliation and scheduled review

• B. Approve a permanent waiver for the regional CRM

• C. Reject the request because standards require uniform coding

• D. Delegate the decision to the CRM technical custodian

Best answer: A

Explanation: A waiver is appropriate when an exception is justified, risks are accepted by the right business owner, compensating controls reduce exposure, and there is a clear path back to compliance. Here, the migration is temporary, the data owner accepts the risk, reconciliation limits reporting inconsistency, and the remediation date supports review. That makes a time-bound waiver stronger than either blanket approval or rigid rejection. Governance should maintain the authority of the standard while allowing a controlled exception that is visible, monitored, and revisited before it expires.

• Permanent approval weakens the enterprise standard because the facts support only a temporary exception during migration.
• Rigid rejection ignores the documented owner, control, remediation date, and review conditions allowed by the standard.
• Technical delegation confuses custody with governance decision rights; the custodian may implement controls but should not approve the waiver.

Question 46

Topic: Governance Program Operations and Sustainability

A project is integrating supplier master data from procurement and finance into a shared reporting layer. Profiling shows conflicting legal supplier names for the same tax ID, and the current standard does not state which system is authoritative. The conflict affects payment controls and tax reporting. What governance response best fits the situation?

Options:

• A. Ask stewards to clean the duplicates only

• B. Escalate for owner decision and standards update

• C. Have IT merge records using match scores

• D. Let the project manager choose the source

Best answer: B

Explanation: When a project exposes a conflict about authoritative data, data governance should not treat it as a simple technical merge. The issue affects business controls and tax reporting, and the standard is incomplete. Data stewards should document the issue, prepare impact and lineage facts, and route it to the accountable data owners or governance council for a decision. After the decision, the standard and related glossary or metadata entries should be updated so future projects and operations apply the same rule. Technical remediation can follow, but it should implement the governed decision rather than create it.

• Project choice fails because source authority is a business accountability decision, not a delivery preference.
• IT merge logic fails because match scores do not resolve which source is authoritative for legal supplier name.
• Duplicate cleanup only fails because temporary correction leaves the ownership and standards gap unresolved.

Question 47

Topic: Governance Strategy Business Case and Value

A bank’s commercial lending division has delayed loan approvals because customer exposure amounts are defined differently in credit, treasury, and risk reports. The data governance lead is preparing a business case for glossary governance and stewardship workflows. Which value statement best supports the investment?

Options:

• A. Create more glossary entries for lending data

• B. Assign stewards to every lending data domain

• C. Reduce approval delays by standardizing exposure definitions

• D. Deploy a metadata tool for report inventory

Best answer: C

Explanation: A strong governance value proposition connects governance activities to business outcomes, risk reduction, cost avoidance, revenue protection, compliance, or better decisions. In this scenario, the pain point is delayed loan approval caused by inconsistent business definitions. Standardizing exposure definitions through glossary governance and stewardship directly addresses the cause of the delay and improves decision quality in lending. Counts of glossary entries, steward assignments, and tool deployment may be useful activity or capability measures, but they do not by themselves prove business value. The business case should show how governance changes business behavior or reduces a named risk or cost.

• Glossary volume measures activity, not whether lending decisions improve or delays decrease.
• Steward coverage can support accountability, but assigning roles alone does not express the business outcome.
• Tool deployment may enable metadata management, but the tool is not the value unless it addresses the lending pain point.

Question 48

Topic: Policies Standards Rules and Controls

A marketing analytics team requests a waiver from the enterprise standard that requires personal data to be masked before use in nonproduction analytics environments. The request is for 60 days because the masking service will not be ready before a campaign test. The data is classified as confidential personal data, and the waiver policy requires business-owner approval, privacy review, compensating controls, an expiry date, and governance council review for elevated privacy risk. What is the best governance response?

Options:

• A. Approve the waiver because it is short term

• B. Time-bound the waiver with required reviews and compensating controls

• C. Let the data custodian decide based on technical feasibility

• D. Reject the waiver because standards cannot have exceptions

Best answer: B

Explanation: Exception and waiver management should balance business need, policy intent, risk, and accountability. A waiver is not simply permission to ignore a standard; it should be formally assessed, approved by the right accountable roles, limited in duration, and supported by compensating controls. Because confidential personal data is involved, the stated policy requires privacy review and governance council involvement for elevated risk. The response should also document the expiry date and remediation plan so the waiver does not become an unmanaged permanent exception. Technical teams may support controls, but they do not own the risk decision.

• Short-term approval fails because duration alone does not satisfy privacy review, ownership, controls, and escalation requirements.
• Automatic rejection fails because the policy allows waivers when governed through the defined process.
• Custodian decision fails because technical custody is not the same as business risk acceptance or governance approval.

Question 49

Topic: Master Reference and Architecture Governance

Two delivery teams are designing new applications that both use the shared business concept customer. One model treats a customer as a legal entity with one identifier; the other treats a customer as a billing account that may belong to a legal entity. The differences will affect reporting, integration, and master data. What is the best governance response?

Options:

• A. Allow both projects to keep separate structures and reconcile later

• B. Add both meanings to the glossary without changing the models

• C. Resolve the shared definition and model through governance architecture review

• D. Have database administrators select the most efficient physical schema

Best answer: C

Explanation: In DAMA-aligned governance, incompatible structures for the same shared business concept are not only technical design differences. They are enterprise definition, ownership, and architecture alignment issues. The appropriate response is to use the governance process, involving the data owner, stewards, data architecture, and the governance forum if needed, to agree on the business meaning, permitted subtypes or relationships, authoritative identifiers, and modeling standard. Projects should then align their application models or request a documented exception. The key is that governance establishes decision rights and standards for shared data; implementation teams apply those decisions in their designs.

• Deferred reconciliation leaves the semantic conflict unresolved and usually increases integration, reporting, and master-data costs.
• Physical schema choice addresses storage implementation, not ownership of the shared business meaning or logical structure.
• Glossary-only update may document ambiguity, but it does not govern the model changes needed for consistent use.

Question 50

Topic: Governance Issue Management and Resolution

A customer-status defect is causing rejected orders, incorrect invoices, and inconsistent regulatory reports. The customer data is shared across Sales, Finance, and Compliance. Each department says it consumes the data but does not own the definition or quality rule. Stewards can document the issue, but they lack authority to assign accountability. The data governance policy requires unresolved cross-domain ownership disputes to be escalated. What is the BEST first governance decision?

Options:

• A. Have each department cleanse its own downstream records

• B. Delay action until the business glossary is completed

• C. Escalate to the data governance council to assign accountable ownership

• D. Ask the data custodian to correct the source-system mapping

Best answer: C

Explanation: When a data issue affects multiple business processes and no business area accepts accountability, the first governance move is to resolve the ownership and decision-rights gap. DAMA-aligned governance separates authority from execution: custodians may implement fixes, and stewards may document issues, but accountable ownership for shared data definitions and quality rules must be assigned through the governance operating model. The stated policy also directs unresolved cross-domain disputes to escalation. Once the council assigns ownership and decision rights, stewards and custodians can triage root cause, agree on the rule, prioritize remediation, and monitor outcomes. Jumping directly to cleanup risks repeated local fixes without accountable control.

• Technical fix first fails because the custodian lacks authority to decide the shared business definition or quality rule.
• Local cleansing fails because it fragments remediation across processes and leaves the ownership gap unresolved.
• Glossary delay fails because metadata improvement may help later, but it does not address urgent accountability and escalation needs.

Questions 51-75

Question 51

Topic: Roles Responsibilities and Decision Rights

A billing team wants to change the allowed values for a shared Customer Status field used by Sales, Billing, and Support. Sales says its product owner can approve the change because Sales captures the field. The governance charter names Customer as an enterprise master data domain with a business data owner. Which role clarification best resolves the disagreement?

Options:

• A. The database administrator approves the change.

• B. The data steward approves and implements the change.

• C. The Customer data owner approves the change.

• D. The Sales product owner approves the change.

Best answer: C

Explanation: For shared enterprise data, approval authority should follow assigned decision rights, not the system or team that first captures the data. A business data owner is accountable for decisions about the data domain, including changes that affect meaning, permitted values, and cross-functional use. Data stewards typically coordinate analysis, document definitions, assess impacts, and prepare recommendations. Data custodians or database administrators implement approved changes in systems. When a field is part of an enterprise master data domain, local project or product ownership does not override the domain-level governance authority.

• Sales capture role fails because creating or collecting a field does not grant enterprise approval authority.
• Steward approval confuses facilitation and documentation responsibilities with formal decision rights.
• Database administration confuses technical custody and implementation with business accountability for shared data meaning.

Question 52

Topic: Data Governance Foundations and Principles

A bank is building an enterprise customer dashboard. Sales defines an active customer as anyone with activity in the last 24 months, while Finance uses 12 months for revenue reporting. Both areas have named data owners, the BI team only operates the reporting platform, and a regulatory reporting deadline requires an approved definition that both domains will use. What is the best governance decision?

Options:

• A. Control: ask BI to enforce the Finance definition in the dashboard

• B. Authority: allow Sales to define the term because it owns the relationship

• C. Decision coordination: escalate the definition conflict to the governance council

• D. Accountability: assign the BI manager as customer data owner

Best answer: C

Explanation: The central issue is decision coordination across domains. Sales and Finance both have legitimate business ownership interests, and the BI team is a custodian, not the authority for business meaning. A governance council or equivalent forum should resolve the conflict, document the approved definition, and ensure it is applied consistently for the regulatory deadline. This is not mainly a technical control problem, because enforcing one definition before business approval would bypass governance. It is also not an accountability gap, because named owners already exist. The key is using shared governance to coordinate a decision that affects multiple domains and reporting obligations.

• Technical enforcement fails because BI can implement a definition but should not choose the enterprise business meaning.
• Custodian ownership fails because operating the reporting platform does not make BI accountable for customer semantics.
• Single-domain authority fails because Sales has an interest, but the definition affects Finance and regulated reporting.

Question 53

Topic: Data Quality Governance

A monthly governance scorecard flags a critical data element used in regulatory liquidity reporting.

Commercial Banking and Treasury both claim decision rights for the definition. The reporting deadline is 6 weeks away, and the stewardship standard sends unresolved cross-domain definition disputes to the data governance council. What is the best governance decision?

Options:

• A. Accept the current score because most records pass the rule

• B. Escalate to the governance council for definition ownership and remediation direction

• C. Have IT standardize the field mapping without council review

• D. Monitor the trend for another reporting cycle

Best answer: B

Explanation: A scorecard should drive governance action based on severity, business impact, trend, and decision rights. Here the quality result is below the target for a critical data element, the trend is worsening, and the defect has already affected a regulatory report. Because the root cause is a conflicting business definition across domains, the issue is not only a technical data-quality defect. The governance council is the right escalation body because the stewardship standard assigns it unresolved cross-domain definition disputes. The expected outcome is a governed decision on definition ownership and a directed remediation plan before the reporting deadline. Technical correction can follow, but only after the business definition and accountability are settled.

• Accepting the score ignores the target breach, worsening trend, and regulatory reporting impact.
• Monitoring only is too passive because the issue has a known impact and a near-term deadline.
• IT-only mapping treats the symptom as technical custody while bypassing business decision rights.

Question 54

Topic: Governance Program Operations and Sustainability

A data governance program completed its first 90-day launch. Customer data defects were cleaned for a regulatory report, but the same issues are reappearing in new records. Business units disagree on customer ownership, data stewards have no regular work queue, and executives want evidence that governance is reducing risk beyond the launch project. Which governance decision is BEST?

Options:

• A. Hold a relaunch workshop to reinforce governance awareness

• B. Create an ongoing stewardship operating cycle with escalation and outcome measures

• C. Let the reporting project define customer ownership for its delivery scope

• D. Extend the cleanup team until all known defects are corrected

Best answer: B

Explanation: Sustainable governance operations turn launch activity into repeatable decision-making, issue management, and accountability. The scenario shows recurring defects, unclear business ownership, immature stewardship workflow, and a need to prove risk reduction. A continuing operating cycle can assign stewardship work, route unresolved ownership conflicts to the appropriate governance forum, track root causes, and report outcomes such as defect recurrence, policy exceptions, and regulatory risk reduction. Temporary remediation can fix existing records, but it does not establish the decision rights or controls needed to prevent recurrence. Awareness activities may help adoption, but they are not a substitute for operational governance practices.

• More cleanup treats symptoms but leaves ownership, escalation, and prevention unresolved.
• Project-level ownership narrows a cross-domain governance decision to a delivery team that lacks enterprise decision rights.
• Relaunch awareness may improve communication, but it does not create a steward work queue or outcome measurement.

Question 55

Topic: Governance Issue Management and Resolution

A finance director reports that monthly revenue differs between the enterprise dashboard and the regulatory filing extract. The BI team can patch the dashboard within one day, but the conflict appears in three downstream reports and no steward is assigned for the shared revenue definition. The filing deadline is in two weeks, and audit has asked for evidence of ownership and resolution. What is the best governance decision?

Options:

• A. Manually correct the dashboard for this month

• B. Log a BI defect for the project backlog

• C. Open a governed data issue and assign accountable ownership

• D. Submit a help-desk ticket to refresh the dashboard

Best answer: C

Explanation: Data issue management is used when a data problem affects business meaning, accountability, risk, or multiple consumers. Here, the revenue discrepancy spans several reports, lacks an assigned steward for the shared definition, and has audit implications. A governed data issue should be formally captured, triaged for severity and scope, assigned to an accountable data owner or steward, and tracked through root-cause analysis, remediation, approval, and closure evidence. A technical ticket or report correction may be part of execution, but it does not establish decision rights or resolve the ownership gap. The key governance move is to manage the issue as a business data problem with accountable resolution.

• Dashboard refresh treats the symptom as an operational support request and does not address shared definition ownership or audit evidence.
• BI defect logging may help delivery teams schedule work, but it does not provide governance triage or business accountability.
• Manual correction may meet a short-term reporting need, but it leaves the cross-report conflict and root cause unresolved.

Question 56

Topic: Governance Metrics Maturity and Improvement

A data governance lead reviews the latest maturity assessment for a business unit. Which capability should be strengthened next?

Options:

• A. Expanded glossary term collection

• B. Formal issue escalation and decision-rights process

• C. A new enterprise data policy

• D. Additional data profiling automation

Best answer: B

Explanation: A maturity profile should guide the next capability investment toward the limiting weakness, not simply add more artifacts. Here, the organization has named roles, an approved policy, and substantial glossary coverage. The weak signal is that many quality issues remain open for more than 90 days while cross-domain disputes are left to project teams. That indicates the governance operating model is not yet converting findings into accountable decisions and remediation. Strengthening formal issue escalation, decision rights, and council involvement would help resolve disputes that exceed project authority. More glossary work or profiling may reveal additional problems, but they do not address the decision bottleneck.

• Glossary expansion may improve shared meaning, but the maturity gap is unresolved issue decision-making, not term inventory.
• Profiling automation can detect defects, but detection is already producing issues that are not being resolved.
• New policy writing duplicates an existing approved policy and does not create an escalation path for disputes.

Question 57

Topic: Governance Program Operations and Sustainability

A data governance office reviews quarterly trends after launching approved data standards and a stewardship workflow.

Which next action best addresses the most evident governance program weakness?

Options:

• A. Add more controls for issue owner assignment

• B. Expand steward capacity by assigning more analysts

• C. Strengthen authority by creating another approval forum

• D. Improve adoption through project intake and communication

Best answer: D

Explanation: Sustaining a governance program requires interpreting whether trends show weak adoption, authority, capacity, controls, or value measurement. Here, standards are being approved, stewardship capacity is stable, and issue ownership is consistently high. The lagging indicator is that only about one quarter of projects are using the approved standards. That points to an adoption problem: governance decisions are not yet embedded into delivery routines, project intake, training, communications, and compliance checkpoints.

Value measurement is also modest, but the clearest operational weakness is that approved standards are not being used widely enough to create value. More forums, more staff, or more issue-assignment controls would not address that primary gap.

• More analysts is tempting because capacity matters, but available steward hours are stable and not the visible constraint.
• Another forum addresses authority, but standards are already being formally approved.
• More issue controls targets control effectiveness, but owner assignment is already above 90% and improving.

Question 58

Topic: Data Quality Governance

A data governance council reviews the monthly quality scorecard for the Customer Legal Name data element.

Which governance focus best addresses the scorecard finding?

Options:

• A. Assign more stewards to correct records

• B. Remediate the web signup source process

• C. Add a new scorecard monitoring control

• D. Redefine the legal-name standard

Best answer: B

Explanation: A quality scorecard should drive governance attention to the cause of the quality gap, not just the visible symptom. Here, the definition is already approved, the target is clear, and other sources meet the standard. The poor score is concentrated in web signup, and the root-cause note identifies a capture process that permits nicknames and lacks evidence. Governance should therefore direct ownership and remediation toward the source process, such as changing entry rules, validation, evidence requirements, and accountability for preventing defects at creation.

Adding stewardship capacity would treat the backlog after defects occur. Adding another control would measure the issue, but the scorecard already provides enough evidence to act.

• Definition change fails because the standard is approved and other sources can meet it.
• More stewardship fails because manual correction is already high and does not prevent new defects.
• More monitoring fails because the existing scorecard identifies a clear process root cause.

Question 59

Topic: Governance Issue Management and Resolution

A data steward is asked to intake a data issue before it is triaged by the stewardship group. Sales says the customer churn dashboard shows 8%, while Finance says the approved month-end figure is 5%. The issue may affect executive reporting and bonus calculations. What information should the steward capture first to support effective triage?

Options:

• A. Preferred metric definition, target dashboard layout, and delivery deadline

• B. All open reporting defects, tool licenses, and backlog ranking

• C. Dashboard screenshots, SQL query text, developer name, and refresh schedule

• D. Business impact, affected data, owner, severity, suspected cause, and decision needed

Best answer: D

Explanation: Effective data issue intake should capture enough information to triage the issue, not jump straight to technical repair or solution design. For a governance issue, the steward needs to document the business impact, the affected data or reports, the accountable owner or decision authority, severity or priority, any known or suspected cause, and the decision needed. In this scenario, the conflict affects executive reporting and compensation, so impact and severity are essential. The conflicting churn definitions also require clear ownership and a governance decision about the approved metric. Technical artifacts can support later investigation, but they do not replace the core triage record.

• Technical evidence only misses business impact, severity, ownership, and the governance decision needed.
• Solution design details assume the preferred outcome before the issue has been triaged and assigned.
• Portfolio backlog data is too broad and does not capture the specific issue context needed for ownership and prioritization.

Question 60

Topic: Governance Strategy Business Case and Value

A data governance council has capacity to sponsor one new initiative next quarter. The council wants the initiative most likely to reduce material data risk or improve trust in business decisions.

Which initiative should the council sponsor first?

Options:

• A. Document all analytics tables in the catalog

• B. Govern the loan delinquency rate definition and controls

• C. Cleanse the legacy marketing product codes

• D. Standardize warehouse column abbreviations

Best answer: B

Explanation: Governance prioritization should focus on material risk, decision trust, business accountability, and cross-functional impact. The loan delinquency rate affects board risk reporting, has inconsistent definitions across business areas, and lacks a named owner. A governance response should establish decision rights, approve a shared business definition, assign stewardship, and define controls or escalation for future disputes. That directly improves trust in a high-value decision process.

Broad metadata work, local cleanup, and technical naming improvements can be useful, but they are weaker priorities when no material decision, control, or risk exposure is shown.

• Local cleanup has a visible defect, but the impact is limited to a retired campaign rather than a material business decision.
• Broad cataloging may improve discoverability, but the evidence does not tie it to a specific risk or decision-trust problem.
• Technical naming helps maintainability, but the scenario says reporting outcomes are not affected.

Question 61

Topic: Governance Program Operations and Sustainability

A data governance council resolves a conflict between Sales and Finance over the approved definition of “active customer.” The decision will affect enterprise reports, glossary entries, data quality rules, and future exception requests. The governance lead needs an artifact that can be referenced later to show what was decided, why, who is accountable, and when it takes effect. Which artifact best fits this need?

Options:

• A. Weekly project status notes

• B. Detailed meeting minutes

• C. A governance decision record

• D. An informal stakeholder update

Best answer: C

Explanation: A governance decision record is used when a governance body makes an authoritative decision that must be durable, traceable, and reusable. In this case, the council has resolved a cross-functional definition conflict with enterprise impact. The record should preserve the decision, rationale, decision authority, affected scope, accountable roles, effective date, and any required follow-up actions. Meeting minutes may document discussion, but they are not the best artifact for maintaining an approved governance position. Status notes track delivery progress, and stakeholder updates communicate awareness rather than preserve decision authority.

• Meeting minutes may include discussion and attendees, but they often mix background conversation with decisions and are less suitable as the authoritative reference.
• Project status notes focus on progress, risks, and tasks, not enterprise decision rights or approved data definitions.
• Informal updates help communicate outcomes, but they do not provide reliable traceability, accountability, or audit support.

Question 62

Topic: Master Reference and Architecture Governance

A company expanded self-service BI so business teams can build dashboards without waiting for the central analytics team. Cycle time improved, but executives now see different definitions of “active customer” and “net revenue” across dashboards. Which action best preserves self-service speed while restoring trusted enterprise measures?

Options:

• A. Establish governed metric definitions with business owners and stewards

• B. Ask each department to document its local metric formulas

• C. Restrict BI tool access to certified report developers

• D. Require the central analytics team to rebuild all dashboards

Best answer: A

Explanation: Self-service analytics needs governance guardrails, not necessarily centralization. When teams can publish dashboards quickly but enterprise measures diverge, the governance response is to define and approve common business terms, assign accountable owners, involve stewards, and publish certified metric definitions through a glossary, semantic layer, or BI standard. This keeps local analysis flexible while making enterprise measures consistent for executive decisions.

Moving all work back to a central team may improve control but undermines the stated speed benefit. Local documentation alone improves visibility but does not resolve conflicting definitions. Access restriction treats the symptom as a tool-permission issue rather than a decision-rights and definition-governance issue.

• Central rebuild over-corrects by reducing self-service rather than governing shared measures.
• Local formulas may document variation, but it does not create enterprise agreement or ownership.
• Tool restriction confuses BI access control with governance of metric definitions and decision rights.

Question 63

Topic: Business Glossary Metadata and Definition Governance

A bank discovers that Active Customer is defined differently in Sales dashboards, Finance regulatory reports, and the CRM system. No single business owner is named in the glossary, but the term affects board-level revenue metrics and an upcoming audit. Data stewards exist in each business unit, but they have not previously approved shared definitions. What is the best governance decision?

Options:

• A. Ask data quality analysts to cleanse customer records before changing the glossary.

• B. Allow each business unit to keep its own definition in separate glossary entries.

• C. Have the data governance council assign ownership and approve one governed definition with documented context-specific exceptions.

• D. Let the CRM team define the term because the CRM is the source system.

Best answer: C

Explanation: Definition governance resolves inconsistent business term usage by clarifying authority, accountability, approval, and permitted variation. Because Active Customer affects board metrics and audit reporting, the decision cannot be left to a source-system team or informal local practice. A data governance council should confirm the accountable business owner, involve the relevant stewards, approve the enterprise definition, and document any legitimate context-specific exceptions. The glossary should then link the approved meaning to reports, systems, lineage, and controls so users understand when each approved interpretation applies.

The key takeaway is that a governed business definition is a business decision supported by metadata, not a technical naming preference or a one-time data cleanup task.

• Source-system authority fails because technical custody of CRM data does not create enterprise decision rights for a business term.
• Separate local definitions may preserve current practice but does not resolve board-level metric inconsistency or audit risk.
• Data cleansing first treats symptoms in records while leaving the disputed meaning and approval gap unresolved.

Question 64

Topic: Security Privacy Ethics and Compliance Alignment

A marketing analytics team wants to combine loyalty-card purchases with mobile app location data to identify customers likely to visit a competitor. The data is classified as permitted for internal analytics, but the original privacy notice described use for loyalty offers and store operations. The team asks data governance to approve the model because no regulated data elements are being added. What is the most appropriate governance response?

Options:

• A. Approve the model because the data is already permitted for analytics

• B. Ask IT security to mask customer identifiers and proceed

• C. Delegate the decision to the marketing project sponsor

• D. Require responsible-use review and stakeholder communication before approval

Best answer: D

Explanation: Ethical data governance considers more than whether data is technically available or legally classified for internal use. A new combination of purchase and location data can create a materially different use, especially when it may affect customer expectations, perceived surveillance, fairness, or trust. The appropriate response is to route the initiative through responsible-use review, confirm whether the stated purpose is compatible with prior notices and policies, and communicate with affected stakeholders before approval. Technical controls such as masking may reduce some risk, but they do not resolve purpose limitation or stakeholder transparency concerns.

• Analytics permission is too broad because permitted internal analytics does not automatically authorize a new, sensitive purpose.
• Masking identifiers may reduce exposure but does not address whether the use is appropriate or expected.
• Sponsor decision is insufficient because ethical use and purpose limitation require governance accountability, not only project approval.

Question 65

Topic: Governance Strategy Business Case and Value

A regional bank is launching a data governance program after repeated disputes over the definition of “active customer” in regulatory reports and sales dashboards. The COO has agreed to sponsor the effort, but the CRM team currently makes definition changes alone. Compliance has warned that reporting controls must be demonstrable, and branch managers say the current definition does not reflect how they use customer data. Which governance decision is best?

Options:

• A. Assign the CRM system administrator as the final definition approver

• B. Let compliance define the term and publish it to all teams

• C. Ask branch managers to vote on the preferred definition

• D. Form a cross-functional governance group with sponsor, owners, stewards, custodians, risk, and consumers

Best answer: D

Explanation: Effective data governance depends on engaging the right stakeholders for the decision being governed. In this case, the definition affects regulatory reporting, sales use, CRM implementation, and business accountability. The executive sponsor can remove barriers and reinforce priority, but definition ownership should sit with accountable business data owners. Stewards help coordinate definitions, metadata, and issue resolution. Custodians advise on system impacts and implement approved changes. Risk and compliance functions confirm control and regulatory needs. Data consumers, such as branch managers and reporting users, provide usage requirements and adoption feedback. A cross-functional governance structure is stronger than allowing any single operational or control function to decide alone.

• Technical approval alone fails because custodians implement and advise but should not own business meaning or regulatory decision rights.
• Compliance-only definition fails because risk input is necessary but does not replace business ownership and consumer engagement.
• Consumer voting fails because user input matters, but governance decisions require accountable ownership, controls, and escalation.

Question 66

Topic: Governance Issue Management and Resolution

A bank has recurring duplicate customer records that cause billing errors and inconsistent regulatory reports. Data engineering can run a matching script within two days, but Sales and Finance disagree on the definition of an “active customer,” no accountable customer data owner is named, and the data quality policy requires business approval for customer-impacting rules. What is the best governance decision?

Options:

• A. Purchase a master data tool to prevent future duplicates

• B. Run the matching script immediately to stop billing errors

• C. Let the reporting team choose the active-customer definition

• D. Escalate ownership and rule approval before technical remediation

Best answer: D

Explanation: Root-cause remediation in data governance addresses the decision and accountability gap behind the defect, not only the visible data error. Here, engineering can clean duplicate records, but the unresolved business definition, missing customer data owner, and policy requirement for business approval make a technical cleanup insufficient. The governance path should escalate the issue through the agreed forum, name an accountable owner or stewardship group, approve the active-customer rule, and then direct technical remediation with controls and monitoring. This protects business value and regulatory reporting because the fix is tied to governed rules rather than a one-time correction.

• Immediate cleanup reduces short-term pain but can apply the wrong matching or status rules without approved business accountability.
• Reporting-led definition shifts a cross-domain business decision to one consuming team and bypasses the ownership gap.
• Tool purchase may help later, but technology cannot resolve conflicting business rules or decision rights by itself.

Question 67

Topic: Business Glossary Metadata and Definition Governance

A bank’s Customer Profitability metric is a critical data element used in board reporting and a regulatory capital model. An audit found that the glossary definition is approved, but lineage from CRM, billing, and warehouse transformations is incomplete. The governance policy gives the Finance data owner decision rights for the metric, while IT custodians operate the pipelines. Which governance decision best addresses the situation?

Options:

• A. Have the Finance data owner approve lineage, with stewards maintaining it using custodian evidence

• B. Ask the governance council to maintain lineage for all transformations

• C. Use the existing glossary approval as sufficient lineage evidence

• D. Let IT custodians approve lineage because they control the pipelines

Best answer: A

Explanation: Lineage accountability separates business approval from technical maintenance. For a critical data element, the business data owner should approve whether the documented lineage is acceptable for governance, reporting, and regulatory use because the owner holds decision rights for the metric. Data stewards should maintain the governed metadata record, coordinate issue resolution, and ensure the lineage links to the approved glossary definition. IT custodians provide technical evidence about systems, jobs, and transformations because they operate the pipelines. The governance council may review escalations or policy exceptions, but it should not become the maintainer of operational lineage details.

• Custodian approval fails because pipeline control does not grant business decision rights over the metric’s governed lineage.
• Council maintenance fails because councils set direction and resolve escalations, not maintain detailed transformation metadata.
• Glossary-only evidence fails because an approved definition does not prove source-to-report lineage for regulated use.

Question 68

Topic: Governance Metrics Maturity and Improvement

A data governance council has completed its first year. Executives say the program is visible but cannot show whether governance decisions are being adopted or whether business risk is decreasing. Current reporting counts council meetings held and policies drafted. The council wants a concise scorecard for the next quarter that reflects adoption, decision effectiveness, issue resolution, policy compliance, stewardship engagement, and business outcomes. Which metric set is the best fit?

Options:

• A. Server uptime, database growth, ETL job failures, and storage cost trend

• B. Number of council meetings, policies drafted, glossary terms created, and catalog scans completed

• C. Number of training sessions, emails sent, intranet visits, and survey response count

• D. Decision adoption rate, issue aging, compliance exceptions, stewardship participation, and value/risk impact

Best answer: D

Explanation: A mature governance scorecard should move beyond activity counts and show whether governance changes decisions and business behavior. Useful measures include adoption of approved decisions or standards, timeliness and backlog of issue resolution, policy compliance and exception trends, active steward participation, and evidence of business outcomes such as reduced risk, fewer rework costs, or improved trusted reporting. Meeting counts and documents produced can help track program activity, but they do not prove decisions were followed or risks were reduced. Technical operational metrics may be useful elsewhere, but they do not measure governance effectiveness unless tied to governance decisions and outcomes.

• Activity counts are easy to collect, but meetings, drafted policies, terms, and scans do not show adoption or value.
• Technical operations may indicate platform health, but they do not measure governance decision effectiveness or stewardship behavior.
• Communications volume can support change management, but emails, visits, and response counts do not prove policy compliance or issue resolution.

Question 69

Topic: Data Quality Governance

A data quality dashboard flags the rule “customer email completeness must be at least 98%” as failing across several business units. The rule was created by a profiling team during a project, but no business data owner approved the threshold, no steward owns its maintenance, and unresolved failures have no escalation route. Which governance action should be taken first?

Options:

• A. Lower the threshold so most units pass the dashboard

• B. Keep the rule and add failures to the remediation backlog

• C. Pause enforcement until ownership, approval, and escalation are defined

• D. Ask the data engineering team to tune the validation logic

Best answer: C

Explanation: Data quality governance requires quality rules and thresholds to be business-owned and approved, not merely discovered through profiling or implemented by technical teams. Before a rule is used for compliance reporting or remediation, governance should confirm that the rule is relevant to a business need, assign an accountable owner, define stewardship responsibilities, approve the threshold, and specify how unresolved issues are escalated. In this scenario, the rule may still be useful, but it lacks the decision rights and operating process needed to make it authoritative. Technical tuning, backlog work, or threshold changes can follow only after the governance basis is clarified.

• Technical tuning addresses implementation accuracy, but the visible gap is missing business authority and ownership.
• Lowering the threshold changes a business decision without accountable approval.
• Adding backlog items treats symptoms while leaving the rule’s relevance, owner, and escalation path unresolved.

Question 70

Topic: Security Privacy Ethics and Compliance Alignment

A financial services company must prove to an auditor that its customer-record retention policy is being enforced, exceptions are approved, and accountable business roles can be traced. Which governance artifact best supports that audit need?

Options:

• A. An approved retention policy describing required retention periods

• B. A control-evidence matrix linking policy, owner, rule, results, and exceptions

• C. A business glossary defining customer-record data elements

• D. A backup schedule maintained by the infrastructure team

Best answer: B

Explanation: Audit support in data governance depends on traceable evidence, not only approved intent. A retention policy states what must happen, but auditability requires evidence that controls were applied, tested, and tied to accountable roles. A control-evidence matrix or similar control register can show the policy requirement, the responsible data owner or steward, the retention rule, the control test result, exception approvals, and remediation status. That structure supports compliance evidence, policy enforcement, traceability, and data accountability in one place. Technical schedules and glossary entries may support governance, but they do not by themselves demonstrate that retention obligations are governed and enforceable.

• Policy alone sets retention expectations but does not prove enforcement, testing, exceptions, or accountability.
• Backup schedule is operational custody evidence, not governance evidence for retention policy compliance.
• Glossary definitions improve semantic clarity but do not show control execution or exception approval.

Question 71

Topic: Policies Standards Rules and Controls

A data governance council has approved a customer address standard. Six months later, teams still use inconsistent abbreviations, and audit evidence shows no consistent follow-up when rules are breached. The council wants to strengthen standards adoption without treating every breach as misconduct. Which action best demonstrates enforcement?

Options:

• A. Monitor conformance, assign remediation owners, and escalate unresolved exceptions

• B. Post the standard and require a one-time awareness course

• C. Configure validation alerts with no assigned review responsibility

• D. Revoke system access for the first nonconforming data load

Best answer: A

Explanation: Enforcement in data governance means applying approved policies and standards through ongoing controls, monitoring, accountable remediation, and escalation for unresolved exceptions. It is not simply making a standard available or telling people about it. Training and publication can support adoption, but enforcement creates a repeatable mechanism that changes behavior and provides evidence of conformance. A tool can support enforcement by detecting exceptions, but the governance process must define who reviews results, who owns remediation, when exceptions are approved, and when issues are escalated. Punitive reaction may be appropriate in severe cases, but sanctions alone do not constitute a governance enforcement model. The key discriminator is routine, accountable follow-through against an approved standard.

• Punishment alone fails because immediate sanctions after a first breach do not establish routine compliance monitoring or remediation.
• Publication and training fail because awareness activities do not verify or compel conformance.
• Tool alerts alone fail because controls need accountable review, exception handling, and governance escalation.

Question 72

Topic: Governance Metrics Maturity and Improvement

A data governance program has approved data owner and steward roles, but several business units are resisting. Managers say the roles feel like extra work, and stewards are bypassing the issue workflow because they do not see how it helps their teams. Which adoption tactic best fits this resistance?

Options:

• A. Delay the issue workflow until every unit volunteers to participate

• B. Ask IT custodians to enforce steward participation through system permissions

• C. Use targeted change communications and role-based enablement tied to business outcomes

• D. Transfer stewardship responsibilities to the central data governance office

Best answer: C

Explanation: Governance adoption depends on changing behavior, not only publishing roles or workflows. When stakeholders resist because responsibilities feel burdensome or unclear, the best tactic is targeted change management: explain the business value, clarify role expectations, provide practical training, and show how the workflow improves outcomes such as faster issue resolution or better data trust. This keeps accountability with business data owners and stewards while helping them adopt the expected way of working. Moving ownership to a central office or relying on technical enforcement may create compliance theater without real accountability.

• Centralizing stewardship weakens business accountability and treats resistance as a staffing problem rather than an adoption problem.
• Waiting for volunteers delays governance maturity and allows inconsistent decision processes to continue.
• IT enforcement confuses technical custody with governance accountability and does not address why stakeholders are resisting.

Question 73

Topic: Data Quality Governance

A data governance council can escalate only one data quality issue this month. A policy says escalation should be based on business impact, regulatory exposure, trend severity, and accountable ownership. Two domains dispute responsibility for customer contact data used in regulatory notices and retention campaigns. Which scorecard evidence best supports prioritizing the issue for governance action?

Options:

• A. Failed notice rate, customer impact, worsening trend, unresolved owner

• B. Steward comments that users dislike the CRM screens

• C. A one-time profiling result with no business process link

• D. High number of duplicate rows in a staging table

Best answer: A

Explanation: A governance scorecard should support prioritization by connecting data quality evidence to business consequences and decision accountability. In this scenario, the council needs evidence that justifies escalation, not just technical defect counts. The strongest evidence shows that customer contact quality affects regulatory notices and revenue-related campaigns, is getting worse, and lacks clear ownership between domains. That combination indicates risk, business value, trend severity, and a decision-rights problem that a governance body is suited to resolve. Technical counts or user complaints may be useful inputs, but they do not by themselves establish why the issue should outrank others for governance action.

• Technical defect count is incomplete because duplicate rows in staging may not show business impact, regulatory exposure, or ownership conflict.
• User preference feedback may indicate usability concerns, but it does not prove a governed data quality priority.
• One-time profiling is weak because it lacks trend evidence and a link to a governed business process.

Question 74

Topic: Data Governance Foundations and Principles

Sales and Finance use different definitions of active customer in executive reporting. The CRM team maintains the source system but does not own the business meaning. Data stewards have documented both definitions in the glossary, and an upcoming audit will test consistency of revenue-related reports. Which governance decision best applies the relevant governance principle?

Options:

• A. Keep both definitions and require report users to decide which one applies.

• B. Ask data stewards to publish both terms and defer standardization until after the audit.

• C. Let the CRM team choose the definition because it controls the system of record.

• D. Escalate to the governance council to assign accountable business ownership and approve an enterprise definition.

Best answer: D

Explanation: The governing principle is that decision rights and business accountability must be clear for shared data, especially when definitions affect enterprise reporting and audit risk. The CRM team is a custodian of the system, but custody does not make it the owner of business meaning. Data stewards can document terms, facilitate analysis, and manage glossary workflow, but they should not unilaterally settle a cross-domain business definition. A governance council or equivalent forum should assign accountable ownership, approve the enterprise standard, and define any allowed domain-specific exceptions. The key takeaway is that governance resolves competing priorities by making accountable business decisions visible and enforceable.

• Technical custody fails because maintaining the CRM does not confer authority over enterprise business definitions.
• User-by-user choice fails because it preserves inconsistent reporting where a standard is needed.
• Deferred standardization fails because documenting disagreement does not resolve audit risk or decision accountability.

Question 75

Topic: Governance Program Operations and Sustainability

A data governance council resolves a cross-domain conflict over the definition of “active customer” for regulatory reporting and marketing analytics. The council has formal decision rights, but prior decisions are often rediscovered months later, stewards are unsure who owns follow-up actions, and audit reviewers want evidence that approved definitions are being applied consistently. Which governance decision best addresses these constraints?

Options:

• A. Publish a decision record with rationale, owner, scope, actions, and reuse guidance

• B. Let the metadata tool administrator update the glossary entry without council notes

• C. Schedule a monthly meeting to revalidate the definition with all stakeholders

• D. Ask each project team to document the definition in its own delivery repository

Best answer: A

Explanation: Governance communication is not just announcement activity; it turns decisions into usable, auditable organizational knowledge. A council decision should be recorded with the decision, rationale, accountable owner, affected domains, effective date or scope, required stewardship actions, and links to glossary, policy, lineage, or control evidence as appropriate. That record helps people understand why the decision was made, who must act on it, and where it should be reused. It also reduces repeated debate and supports adoption by making the decision visible through normal governance channels. Updating a glossary alone may capture the term, but it does not preserve decision context or accountability.

• Project-only documentation fragments the decision and makes reuse across domains dependent on local repositories.
• Tool-only update captures metadata but omits rationale, authority, ownership, and follow-up evidence.
• Repeated revalidation may increase discussion, but it does not create a durable record that supports adoption or auditability.

Questions 76-100

Question 76

Topic: Governance Strategy Business Case and Value

A CDO is trying to gain commitment for enterprise customer-data standards. Sales, Service, and Finance use different definitions of “active customer”; prior standards were issued centrally and ignored; line managers are concerned about stewardship workload; and a regulatory reporting deadline is six months away. Which governance decision best addresses stakeholder commitment?

Options:

• A. Run sponsor-backed workshops to agree roles, standards, and escalation

• B. Have the council approve standards before business review

• C. Delay governance until the full glossary is complete

• D. Ask IT custodians to publish the active-customer standard

Best answer: A

Explanation: Stakeholder commitment is strongest when governance makes decision rights visible and involves accountable business stakeholders in shaping standards they must follow. Here, the issue is not only a missing definition; it is weak adoption caused by prior central issuance, cross-domain disagreement, workload concerns, and compliance pressure. A sponsor-backed workshop approach can bring data owners, stewards, and affected managers together to agree a practical active-customer standard, clarify stewardship responsibilities, define escalation for unresolved conflicts, and connect the work to regulatory reporting value. Executive sponsorship provides authority, but participation creates ownership. Technical publication or council approval alone may create artifacts without behavioral commitment.

• IT publication treats custodians as the decision authority, but custodians should implement and maintain controls after business ownership is clear.
• Council-first approval may provide authority, but repeating a top-down pattern risks poor adoption by affected domains.
• Full glossary delay over-scopes the effort when the urgent need is a committed standard and decision process for a high-risk term.

Question 77

Topic: Business Glossary Metadata and Definition Governance

Sales and Finance both use the term “active customer,” but Sales counts accounts with any opportunity in the last 12 months, while Finance counts accounts with billable revenue in the current quarter. Two executive reports and three systems use the same label with different meanings. The governance charter requires owner approval for glossary terms used in enterprise metrics. Which action best resolves the definition-governance issue?

Options:

• A. Create separate glossary entries for each system meaning

• B. Have custodians rename source fields to one common label

• C. Obtain owner-approved glossary definition and map usage variants

• D. Let the BI team standardize the KPI calculation in reports

Best answer: C

Explanation: Definition governance resolves inconsistent business term usage by assigning decision rights to accountable business owners and recording the approved meaning in the business glossary. In this case, the same label is used for different concepts across business units, reports, and systems, and it affects enterprise metrics. The stewardship lead should facilitate owner approval, escalate disagreement if needed, and document the authoritative definition plus allowed contextual variants and mappings to reports and systems. Technical changes may follow, but they should not substitute for business approval of meaning. The key distinction is that glossary governance decides business meaning; BI teams and custodians implement or reflect that decision.

• BI standardization may align reports, but it bypasses the required business ownership decision for an enterprise term.
• Field renaming addresses technical labels, not the approved business meaning or usage rules.
• Separate system entries preserves fragmentation unless the entries are governed as variants under an approved enterprise definition.

Question 78

Topic: Security Privacy Ethics and Compliance Alignment

A bank’s analytics team proposes using customer service call transcripts and location signals to create a “financial stress score” for adjusting credit card limits. The data was collected for service quality and fraud alerts, the privacy notice does not describe credit-limit decisions, credit risk does not own the transcript data, and early model testing is difficult to explain and performs worse for non-native speakers. Which governance decision is BEST?

Options:

• A. Reassign transcript custodianship to credit risk and document lineage.

• B. Approve a limited pilot after credit risk accepts accountability.

• C. Proceed after anonymizing transcripts and publishing aggregate score statistics.

• D. Send the proposal to the governance council for responsible-use review.

Best answer: D

Explanation: Ethical data governance evaluates whether a proposed use is compatible with the original purpose, transparent to affected people, proportionate to the business need, and fair in its effects. Here, data collected for service quality and fraud alerts would be reused for credit-limit decisions without clear notice. The model is also difficult to explain and shows worse performance for a protected or vulnerable language group. Those facts create responsible-use risks that exceed a project-team approval. A governance council or equivalent forum should require purpose review, ownership clarification, minimization, explainability expectations, and bias assessment before any production use. Technical custody or a narrow pilot does not resolve the ethical governance risk.

• Limited pilot fails because business accountability alone does not address notice, reuse, explainability, or fairness concerns.
• Anonymization claim is weak because individual credit-limit decisions require person-level scoring and still need purpose and bias review.
• Custodianship transfer confuses technical responsibility with governance approval for a sensitive new use.

Question 79

Topic: Policies Standards Rules and Controls

A data governance council approved an enterprise customer identifier standard six months ago. Adoption remains low because project teams say they do not know who owns the standard, exception requests are handled inconsistently, conformance is not measured, and missed compliance has no delivery impact. Which action best addresses the decisive gap in standards adoption and enforcement?

Options:

• A. Have data stewards remind project teams during design reviews.

• B. Publish the approved standard in the business glossary and metadata catalog.

• C. Ask application custodians to add validation checks in affected systems.

• D. Assign an accountable owner with authority for communication, monitoring, exceptions, and enforcement.

Best answer: D

Explanation: A standard is not adopted merely because it has been approved or documented. Effective standards adoption needs an accountable owner, clear communication, incentives or consequences, monitoring of conformance, a consistent exception process, and authority to escalate or enforce when teams do not comply. In this scenario, the failures are governance operating-model failures: no clear owner, inconsistent exceptions, no measurement, and no enforcement impact. Technical controls and stewardship reminders may support adoption, but they do not replace accountable decision rights and enforcement authority.

• Publishing alone improves visibility, but it does not create ownership, exception handling, monitoring, or enforcement.
• Technical validation may help implement a rule, but custodians do not normally define governance accountability or exception authority.
• Steward reminders support communication, but informal reminders lack the authority and measurement needed for consistent adoption.

Question 80

Topic: Business Glossary Metadata and Definition Governance

A bank has installed an enterprise data catalog that automatically scans databases and ETL jobs. Audit findings still cite inconsistent definitions for “active customer,” unclear lineage for regulatory reports, and no accountable owner for resolving glossary conflicts across Retail and Commercial Banking. Which governance decision best addresses the situation?

Options:

• A. Make database administrators approve all business glossary definitions

• B. Create metadata ownership, glossary standards, lineage accountability, and escalation processes

• C. Expand automated scanning to every platform before assigning metadata owners

• D. Let each reporting project maintain its own definitions and lineage notes

Best answer: B

Explanation: Metadata governance is the accountability framework for defining, controlling, and improving metadata so it supports business meaning, trust, lineage, and compliance. In this case, the catalog is collecting technical metadata, but the unresolved problems are governance problems: conflicting business definitions, unclear ownership, and missing accountability for regulatory lineage. The best response is to assign decision rights, define glossary and lineage standards, name responsible owners or stewards, and provide an escalation path for cross-domain conflicts. Automated scanning can populate technical metadata and reduce manual effort, but it cannot decide which business definition is authoritative or who must resolve a conflict.

• More scanning may improve coverage, but it delays the needed accountability for definitions and regulatory lineage.
• DBA approval confuses technical custody with business ownership of glossary meaning.
• Project-level notes create local consistency at best and reinforce enterprise definition conflicts.

Question 81

Topic: Data Quality Governance

A bank finds that duplicate customer records are causing incorrect complaints reporting. Sales creates most customer records, Operations uses the reports, and IT runs the matching rules. The governance policy says business data owners approve quality-rule changes and remediation closure, but no owner is named for the shared customer domain. Regulators have requested evidence that defects are remediated and validated. Which governance decision best addresses the situation?

Options:

• A. Make IT accountable for assigning, fixing, and closing the duplicate-record remediation.

• B. Let Operations close the issue after the next complaints report reconciles.

• C. Ask Sales stewards to clean records informally until a full ownership model is redesigned.

• D. Assign a customer data owner through the council and require steward-tracked remediation with owner validation.

Best answer: D

Explanation: Quality remediation accountability should separate governance authority from operational execution. Because the customer domain is shared and no business owner is named, the governance council should resolve the ownership gap and assign decision rights. Data stewards can coordinate the issue log, remediation tasks, evidence, dates, and escalation, while IT custodians implement approved matching-rule or data-fix changes. Closure should be validated and approved by the accountable business data owner because the risk affects regulatory reporting and business trust. A temporary cleanup or IT-only closure may improve data briefly, but it does not provide governed accountability or defensible evidence.

• IT ownership fails because technical custodians can implement fixes but should not approve business quality rules or accept reporting risk.
• Operations-only closure fails because report reconciliation is evidence, not formal approval by the accountable data owner.
• Informal steward cleanup fails because it bypasses assignment, tracking, escalation, and validation needed for regulated remediation.

Question 82

Topic: Governance Issue Management and Resolution

A data governance manager reviews the monthly issue backlog for customer data. The same issues remain open across three business units despite repeated cleanup work by the data quality team.

Which governance response best addresses the decisive backlog pattern?

Options:

• A. Escalate ownership and definition decisions to the governance council

• B. Ask data custodians to increase cleanup frequency

• C. Prioritize all items strictly by age

• D. Add more profiling rules to the data quality tool

Best answer: A

Explanation: Backlog analysis should identify why issues are not moving, not just count unresolved items. Here, aged high-impact issues recur after local cleanup, and the owner is blank or disputed. That pattern points to a governance failure in decision rights: no accountable business owner has authority to approve the shared customer definition and sponsor remediation. Escalating to the governance council is appropriate because the conflict spans business units and requires an authoritative decision, not only technical work.

Age, tooling, and cleanup capacity may be useful signals, but they do not fix a disputed business definition or missing accountability.

• Age-only ranking may improve queue order, but it does not resolve the ownership gap causing the backlog to stall.
• More cleanup treats symptoms, while recurring issues show that root-cause remediation has not been governed.
• More profiling rules may detect defects faster, but detection is not the same as resolving cross-unit definition authority.

Question 83

Topic: Policies Standards Rules and Controls

A data governance council has approved a policy requiring customer email addresses to be validated before loading into the CRM. A legacy acquisition feed cannot meet the rule for 60 days while integration work is completed, but the business wants to continue loading the feed because it supports contracted service renewals. Which response best treats this as a controlled exception rather than unmanaged noncompliance or a permanent policy change?

Options:

• A. Allow the load and note the issue informally

• B. Approve a time-bound waiver with compensating controls

• C. Update the policy to exclude acquisition feeds

• D. Ask IT to disable the validation rule

Best answer: B

Explanation: Exception and waiver management allows a policy requirement to be temporarily relaxed under defined governance control. The policy remains valid, but a specific case is approved with a business justification, risk assessment, owner, expiry date, remediation plan, monitoring, and compensating controls. In this scenario, the 60-day integration gap is temporary and tied to a business need, so a formal waiver is appropriate. Unmanaged noncompliance would mean continuing the feed without approval or monitoring. A permanent policy change would be appropriate only if the rule itself no longer reflects agreed business policy across the governed scope.

• Policy exclusion changes the standing rule and is too broad for a temporary 60-day integration constraint.
• Informal notation leaves the organization knowingly noncompliant without approval, ownership, monitoring, or remediation.
• Disabling validation treats the issue as a technical workaround and bypasses governance control over the policy requirement.

Question 84

Topic: Data Governance Foundations and Principles

A data governance council is launching a program to improve trust in customer data across Sales, Finance, and Service. The first proposed activity is to buy a catalog tool and let each department define customer terms independently so work can begin quickly. Which governance response best supports business alignment, accountability, transparency, stewardship, standardization, and sustainable data value?

Options:

• A. Make the IT operations team the sole customer data owner

• B. Create shared business definitions, assign owners and stewards, and publish decision rights

• C. Allow each department to maintain separate definitions for speed

• D. Delay governance until the catalog tool is fully implemented

Best answer: B

Explanation: Effective data governance is business-led and principle-based, not tool-led. For cross-functional customer data, the council should establish common definitions, decision rights, ownership, stewardship responsibilities, and transparent publication of decisions. This supports business alignment by resolving meaning across functions, accountability by naming owners and stewards, transparency by making decisions visible, standardization by using common terms and rules, and sustainable value by embedding repeatable governance practices. A catalog can help publish and manage metadata, but it does not replace the governance decisions that make the metadata trusted and usable.

• Local definitions may be fast, but they preserve conflicting meanings and weaken enterprise trust.
• IT-only ownership confuses technical custody with business accountability for customer data meaning and use.
• Tool-first sequencing delays the core governance decisions needed before the catalog can provide reliable value.

Question 85

Topic: Master Reference and Architecture Governance

A retailer has two executive dashboards showing different gross margin figures. The BI team finds that one data mart excludes promotional rebates during integration, while another includes them. Both dashboards are being used in management meetings, and neither rule has been formally approved. Which governance response best resolves the issue?

Options:

• A. Ask each dashboard team to document its current rule

• B. Merge the dashboards and keep both calculation filters

• C. Have ETL developers choose the rule with fewer defects

• D. Approve one integration rule and certify the official metric

Best answer: D

Explanation: Conflicting analytical results caused by inconsistent integration rules require a governance decision, not only technical cleanup. The relevant data owner or governance forum should approve the business definition and integration rule for gross margin, assign stewardship for maintaining it, and certify the official metric or dataset for management reporting. Documentation is useful, but it does not resolve decision rights. Developers can implement the rule, but they should not decide the business meaning of the metric. The key governance outcome is one authoritative, approved rule that controls certified analytical use.

• Documenting both rules preserves transparency but leaves executives with competing definitions.
• Developer selection shifts a business decision to technical custodians and ignores ownership.
• Keeping both filters may support analysis, but it does not establish an official metric for management reporting.

Question 86

Topic: Governance Issue Management and Resolution

A data governance lead is triaging intake for the next data governance council agenda. The council can accept one urgent item this week. Urgent items should reflect risk, business impact, recurrence, and cross-domain scope; remediation must have an accountable business data owner, not only an IT custodian.

Which governance decision should the data governance lead make first?

Options:

• A. Monitor the dashboard delay through operations

• B. Schedule HR phone-format cleanup as local stewardship

• C. Let merchandising resolve product category labels

• D. Prioritize duplicate customer IDs and assign business ownership

Best answer: D

Explanation: Data issue triage should separate operational incidents from governance issues that need decision rights, ownership, and cross-domain coordination. The duplicate customer ID problem is recurring, affects multiple business domains, touches billing and consent, and lacks an accountable business owner. Those facts make it the strongest candidate for council attention because remediation requires more than technical cleanup: it needs ownership, prioritization, shared rules, and escalation authority. The other items either have a responsible steward, are local in scope, or have already been corrected operationally.

The key takeaway is to prioritize issues where risk, business impact, recurrence, and cross-domain dependency combine with unclear accountability.

• Operational incident is weaker because the dashboard delay was one-time, already fixed, and owned by operations.
• Assigned steward reduces urgency for the product category mismatch because it has a clear path and limited stated impact.
• Local cleanup is insufficiently urgent because the HR phone-format issue has low downstream use and existing stewardship.

Question 87

Topic: Policies Standards Rules and Controls

A data governance council is reviewing a draft “Customer Data Policy” after an audit found inconsistent handling of consent flags across regions. The council owns enterprise policy decisions, business stewards can define cross-domain requirements, and system teams need room to implement controls in different platforms. Which decision best fits the governance need?

Options:

• A. Approve the CRM team’s screen-by-screen consent update instructions as the enterprise policy

• B. Replace the policy with a monthly control checklist for consent exceptions

• C. Let each regional system owner write local notes for consent handling

• D. Approve a policy stating intent and accountability, then govern separate standards, procedures, and controls

Best answer: D

Explanation: A governance policy should express enterprise intent, principles, obligations, decision rights, and accountability. In this scenario, the council has authority over enterprise policy, while stewards and system teams need to define more detailed requirements and implementation practices. Standards can specify required consent definitions and metadata expectations; procedures can describe operational steps; controls can test whether consent handling is working as required. Mixing all of these into one policy makes the document brittle, hard to govern, and too dependent on one platform or region.

The key distinction is that policy sets direction and authority, while standards, procedures, controls, and local implementation notes make that direction executable and testable.

• Tool instructions as policy fail because screen-level steps are procedures tied to one platform, not durable enterprise policy intent.
• Regional local notes fail because they preserve inconsistency where the audit shows an enterprise consent-handling risk.
• Control checklist only fails because controls verify compliance but do not establish the governing intent, accountability, or required standard.

Question 88

Topic: Data Governance Foundations and Principles

A financial services firm has a data governance program, but business leaders rarely attend forums and most decisions are made by the data management team. The chief data officer wants to revise the approach so governance is visibly connected to business priorities. Which proposed change would most clearly strengthen business engagement?

Options:

• A. Move all unresolved data issues to the IT operations backlog

• B. Let the catalog team publish glossary terms after technical review

• C. Measure engagement by the number of governance workflow tasks closed

• D. Appoint business data owners to approve definitions, quality rules, and priorities

Best answer: D

Explanation: Business engagement in data governance depends on meaningful business accountability, not just participation in administrative activity. A stronger approach gives business data owners and stewards clear decision rights over data meaning, quality expectations, issue priorities, and policy choices that affect business outcomes. Technical teams and custodians still execute, maintain tools, and implement controls, but they should not become the default authority for business definitions or priorities. Governance is weakened when decisions are shifted into tool administration, IT backlogs, or activity metrics that do not show business commitment or value. The key distinction is whether the approach changes who is accountable for business decisions about data.

• Technical review only may improve metadata consistency, but it keeps business meaning under a tool-centered process.
• IT backlog ownership can support remediation work, but it removes prioritization and accountability from business data owners.
• Task closure counts show activity volume, not whether business leaders are making or using governance decisions.

Question 89

Topic: Governance Strategy Business Case and Value

A data governance lead is updating the 12-month roadmap. Three proposed initiatives are competing for funding:

Which action best supports roadmap priority and sponsorship decisions?

Options:

• A. Prioritize the customer glossary as the broadest business need

• B. Prioritize catalog expansion to improve metadata coverage

• C. Sequence all initiatives equally to maintain stakeholder neutrality

• D. Prioritize payment data controls with executive risk sponsorship

Best answer: D

Explanation: Governance roadmap decisions should weigh risk, business value, sponsorship readiness, and dependency. The payment data control issue has explicit audit evidence and unclear ownership, so it represents a governance risk that can affect compliance, accountability, and control effectiveness. That makes it a strong candidate for priority funding and executive sponsorship. The customer glossary issue is also valuable because inconsistent definitions can damage reporting trust, but the visible risk is less immediate than an audit finding involving payment data. Catalog expansion may be useful, but low adoption suggests the need for a clearer value case or sequencing after higher-risk accountability issues are addressed. A governance roadmap should not treat all work as equal when risk and value differ.

• Broadest business need is tempting, but definition conflicts do not outweigh the visible audit risk on payment data.
• Metadata coverage may support governance, but low adoption weakens its immediate investment case.
• Stakeholder neutrality avoids hard decisions, which is not effective risk- and value-based prioritization.

Question 90

Topic: Roles Responsibilities and Decision Rights

A company has appointed data stewards in each business unit. After six months, glossary definitions, data-quality issue handling, and policy interpretation vary widely by unit. The governance council wants better consistency and adoption without making the central data office approve every routine stewardship decision. Which stewardship practice best fits this situation?

Options:

• A. Hold a one-time refresher training for all stewards

• B. Create a steward community of practice with shared playbooks

• C. Require the governance council to approve all glossary updates

• D. Move stewardship tasks to the database administration team

Best answer: B

Explanation: A stewardship network or community of practice supports consistent, sustainable governance operations across distributed business areas. It gives stewards a regular forum to compare decisions, share templates, agree on working practices, surface adoption barriers, and escalate only the issues that require formal governance decisions. This approach fits when the organization needs consistency and collaboration but does not want to centralize every routine decision in the governance council or data office. The key is an ongoing operating practice, not a one-time communication or a transfer of accountability to technical custodians.

• Council approval for everything creates a bottleneck and weakens delegated decision rights for routine stewardship work.
• Database administration ownership confuses technical custody with business stewardship and data accountability.
• One-time training may improve awareness but does not provide an ongoing forum for collaboration, issue sharing, and practice alignment.

Question 91

Topic: Governance Strategy Business Case and Value

A company is launching data governance after an audit found inconsistent customer reporting across Sales, Support, and Finance. The executive sponsor wants a reliable churn metric within 6 months, but there are no named data owners, stewardship is informal, and policy exceptions are handled differently by each function. Which roadmap sequence is the BEST governance decision?

Options:

• A. Write enterprise-wide policies for all domains before assigning owners or stewardship responsibilities.

• B. Deploy a metadata catalog first, then ask each function to document its own customer definitions.

• C. Have IT cleanse customer records first, then create a governance council after reporting improves.

• D. Define decision rights and owners, prioritize customer/churn standards, then implement issue tracking and outcome metrics.

Best answer: D

Explanation: A governance roadmap should sequence capabilities so later work has clear authority and measurable value. In this case, the immediate constraints are a cross-domain definition conflict, no named ownership, inconsistent exception handling, and a 6-month business target for churn reporting. Establishing decision rights, data ownership, stewardship responsibilities, and an escalation forum gives the organization a way to make binding decisions. Focusing first on customer and churn standards keeps the scope tied to business value and audit risk. Issue tracking and outcome metrics then show whether governance is changing decisions and improving trust, rather than only creating documents or tools.

The key takeaway is to build just enough operating model first, then apply it to priority data and measure results.

• Tool-first cataloging may expose definitions, but it does not resolve ownership, decision rights, or cross-functional conflicts.
• IT-led cleanup treats symptoms as an operational task and leaves business accountability and standards unresolved.
• Policy-first expansion creates broad documentation before the organization has authority, roles, or a prioritized use case.

Question 92

Topic: Governance Operating Model and Organization

A bank finds that Marketing, Risk, and Compliance use different definitions of customer consent. A privacy audit is due in 60 days, no enterprise data owner is accountable for the term, and stewards have documented business impacts but lack authority to impose a common rule. Which governance decision is BEST?

Options:

• A. Have Compliance publish a local definition for audit reporting

• B. Let the stewardship forum choose the enterprise consent definition

• C. Ask data custodians to update consent values in source systems

• D. Escalate to the data governance council for ownership and policy approval

Best answer: D

Explanation: Governance bodies exist to make, recommend, or oversee decisions at the right level of authority. In this scenario, the issue crosses business domains, involves regulatory risk, and has an ownership gap. Stewards have done the analysis, but they do not have enterprise decision rights to impose a common rule. A data governance council or similar decision forum should resolve the cross-domain conflict, assign accountable ownership, approve the governing policy or standard, and direct implementation through stewardship and custodial channels. Working groups and stewardship forums can prepare evidence and recommendations; custodians implement approved decisions. The key is matching the body to the decision authority required.

• Custodian cleanup treats the issue as a system fix, but the unresolved definition and ownership decisions must come first.
• Stewardship-only decision overextends a forum that can recommend and coordinate but lacks enterprise authority in the scenario.
• Local compliance definition may satisfy one report but leaves the cross-domain conflict and enterprise policy gap unresolved.

Question 93

Topic: Governance Operating Model and Organization

A regional sales governance group has clear owners, stewards, and issue workflows for its own CRM data. Finance, Operations, and Sales are now using the same domain-by-domain approach independently, but enterprise revenue reports conflict and customer master records are duplicated because each domain approves its own definitions and matching rules. Which adjustment best addresses the failure while preserving domain expertise?

Options:

• A. Centralize all ownership in the data governance office

• B. Move matching-rule decisions to IT data custodians

• C. Create federated governance for shared definitions and master-data rules

• D. Keep distributed governance and let each domain publish its definitions

Best answer: C

Explanation: A model that works inside one domain can fail when data is reused across enterprise reports and shared master data. The needed adjustment is federated governance: domains retain subject-matter stewardship and operational knowledge, while an enterprise governance council or similar forum sets decision rights, standards, escalation paths, and conflict resolution for shared definitions, metrics, and master-data rules. This addresses cross-domain inconsistency without treating every local data issue as a central-office decision. The key distinction is not more autonomy or more tool administration; it is adding enterprise authority where data crosses domain boundaries.

• Pure distribution fails because independent domain approvals caused the conflicting revenue definitions and duplicate customer records.
• Full centralization weakens business ownership and is heavier than needed when domain expertise remains important.
• IT custody fails because custodians can implement and operate data controls, but business decision rights belong with governance roles.

Question 94

Topic: Data Quality Governance

A customer billing scorecard shows completeness improved from 82% to 97% after mandatory fields were added. Finance still does not trust invoices because tax codes are often valid-looking but wrong for the customer jurisdiction, causing credits and audit concerns. Sales and Finance share the data, and the governance charter gives business data owners approval rights over quality dimensions and thresholds. Which governance decision best addresses the situation?

Options:

• A. Add a glossary note that completeness does not prove correctness

• B. Let IT change tax-code validation without owner approval

• C. Keep the completeness metric and tighten mandatory-field enforcement

• D. Revise the scorecard around approved tax-code accuracy and remediation

Best answer: D

Explanation: Quality scorecards should measure dimensions that reflect the business purpose and risk of the data. Completeness improved, but the business problem is accuracy or validity of tax codes for billing and audit outcomes. The governance response is not to celebrate a better score on the wrong dimension. The appropriate decision is to have the accountable business owners and stewards revise the quality measure, approve thresholds, and track remediation against the tax-code issue. This connects the scorecard to trust, controls, and business value rather than a technical activity measure.

• More completeness fails because mandatory fields can be populated with wrong values and still leave invoice risk unresolved.
• IT-only validation bypasses the stated decision rights for business data owners over dimensions and thresholds.
• Glossary caveat may improve understanding, but it does not change the governed measure or drive remediation.

Question 95

Topic: Governance Metrics Maturity and Improvement

A company’s data governance council has approved policies, role definitions, and a business glossary. Project teams still skip steward review to meet release dates, and analysts continue using local metric definitions in daily reporting. What is the best governance response to improve adoption?

Options:

• A. Move glossary administration entirely to the technology team

• B. Ask data stewards to correct each project’s data issues directly

• C. Publish the approved governance policy again to all employees

• D. Embed governance checkpoints into delivery and reporting routines

Best answer: D

Explanation: When governance is accepted in principle but ignored in practice, the issue is usually adoption and behavior change, not lack of documentation. The stronger response is to make governance part of how work gets done: add steward and owner reviews to delivery checkpoints, require approved definitions for recurring reports, track compliance or exceptions, and escalate repeated bypassing through the agreed governance forum. This connects governance to project delivery and daily data use without turning stewards into cleanup staff or tool administrators. Effective change management combines visible sponsorship, practical workflow integration, accountability, and measurable adoption indicators.

• Policy reminder may raise awareness, but it does not change release gates, reporting habits, or accountability.
• Steward cleanup treats symptoms and can weaken business ownership by making stewards operational fixers.
• Technology ownership confuses tool administration with governance accountability for definitions and decision rights.

Question 96

Topic: Data Governance Foundations and Principles

A bank is launching an enterprise customer profitability dashboard. Sales defines “active customer” as any account with contact in the last 18 months, while Finance defines it as any account with booked revenue in the last 12 months. Both definitions are used in executive reports, and the dashboard must provide one governed enterprise metric. Which governance response best fits this situation?

Options:

• A. Let each department keep its own dashboard definition

• B. Ask the reporting project manager to approve the definition

• C. Escalate the definition conflict to the data governance council

• D. Have the data warehouse team select the most available field

Best answer: C

Explanation: Data governance provides authority, control, and shared decision making for data assets that cross organizational boundaries. An enterprise metric used in executive reporting should be resolved through an authorized governance forum, typically involving data owners, stewards, and affected business areas. The decision should be documented in the business glossary or metric standard, with ownership, usage rules, and exception handling made clear. Technical teams can implement the approved definition, but they should not decide the business meaning of a shared data asset. The key governance move is to use established decision rights and escalation rather than allowing conflicting local definitions to persist.

• Technical convenience fails because field availability does not determine the approved business meaning of an enterprise metric.
• Local definitions fail because the dashboard requires one governed enterprise metric, not separate departmental interpretations.
• Project approval fails because delivery accountability does not replace formal governance authority over shared business definitions.

Question 97

Topic: Governance Metrics Maturity and Improvement

A data governance council finds that the Customer domain has active stewards, approved glossary terms, and recurring quality scorecards, while the Product and Supplier domains have informal ownership and rarely apply enterprise naming, definition, or issue-escalation standards. Business leaders want faster consistency without stopping current delivery work. What should the council do next?

Options:

• A. Assign the catalog administrator to enforce standards across domains

• B. Pause domain projects until every standard is fully implemented

• C. Require all domains to adopt Customer domain practices immediately

• D. Create a domain capability roadmap using a common maturity assessment

Best answer: D

Explanation: When governance capabilities vary by domain, the governance council should use a common maturity or capability assessment to identify gaps, compare domains consistently, and prioritize improvement actions. The response should balance enterprise consistency with practical adoption: define minimum standards, assign accountable owners and stewards, set target maturity levels, and track progress through scorecards or roadmaps. Stronger domains can provide reusable patterns, but their practices should not be imposed without confirming enterprise fit. Governance should guide decision rights and improvement priorities while stewards and custodians carry out domain-specific execution.

• Immediate adoption overuses one domain’s practices before validating whether they fit enterprise standards and other domain contexts.
• Project pause creates an excessive delivery barrier when a phased capability roadmap can improve consistency while work continues.
• Catalog enforcement confuses tool administration with governance authority, ownership, stewardship, and council-backed standards.

Question 98

Topic: Business Glossary Metadata and Definition Governance

A bank is preparing a regulated risk report. Finance and Risk use different definitions for the same exposure metric, lineage from source systems to the report is incomplete, and prior audit findings require evidence of who approved definition and rule changes. Data stewards exist in each domain, but decision rights are unclear. Which metadata governance action is the BEST decision?

Options:

• A. Create governed glossary and lineage ownership for critical data elements

• B. Let each domain maintain separate definitions in its local catalog

• C. Run one-time profiling on the report tables before submission

• D. Have the BI team rename report fields to match user expectations

Best answer: A

Explanation: Metadata governance should establish accountable business ownership for critical data elements, not just document technical fields. In this case, the bank needs governed definitions, approved decision rights, lineage from source to report, quality rules tied to the agreed terms, and auditable change evidence. A business glossary connected to lineage and stewardship workflows supports discovery because users can find approved meanings, impact analysis because changes can be traced through data flows, auditability because approvals are recorded, and trusted reporting because quality rules align to common definitions. Technical cataloging and profiling can support the process, but they do not resolve unclear authority or conflicting business meaning by themselves.

• Report renaming improves labels but does not establish approved definitions, lineage, quality-rule ownership, or audit evidence.
• One-time profiling may identify defects, but it does not govern ongoing metadata decisions or change approvals.
• Separate local definitions preserve the cross-domain conflict and weaken trust in regulated reporting.

Question 99

Topic: Policies Standards Rules and Controls

A bank’s data policy states that any change to a critical data element used in regulatory reporting must have business owner approval and evidence of monitoring. Audit finds that project teams have repeatedly changed validation rules for Customer Residency Status without approval, and no one can show which changes were reviewed. Which control best addresses this governance risk?

Options:

• A. Add the field definition to the business glossary

• B. Schedule a quarterly council discussion on regulatory data

• C. Ask data custodians to profile the field monthly

• D. Require owner approval workflow with change evidence and exception reporting

Best answer: D

Explanation: A governance control should reduce the specific risk and provide evidence that the policy requirement is being followed. Here, the failure is not merely poor documentation or unknown data quality; it is unauthorized change to a critical data element’s validation rules, plus missing proof of review. A workflow that requires data owner approval before changes and produces exception reporting addresses both sides: preventive control through approval and detective monitoring through evidence and exceptions.

Glossary documentation, profiling, and council discussion can support governance, but they do not directly enforce the stated decision right or prove that changes were approved. The stronger control links policy, ownership, change management, and monitoring evidence.

• Glossary update helps clarify meaning but does not prevent or evidence unauthorized validation-rule changes.
• Monthly profiling may detect data anomalies, but it does not confirm that rule changes had business owner approval.
• Council discussion may raise awareness, but a standing agenda item is weaker than an enforceable approval and exception-monitoring control.

Question 100

Topic: Master Reference and Architecture Governance

A company is implementing a customer master. Sales wants the CRM account number to be the enterprise customer identifier, Finance wants the billing account number, and Compliance objects because both can change after mergers. The MDM team also needs an approved hierarchy and survivorship rule before loading production data. What governance response best fits this situation?

Options:

• A. Delay governance until duplicate records appear in production

• B. Let the MDM administrator select the most complete source field

• C. Escalate to the data governance council for an enterprise identifier and survivorship decision

• D. Ask each business unit to maintain its own identifier mapping

Best answer: C

Explanation: Master and reference data governance establishes decision rights for shared identifiers, hierarchies, code sets, match rules, and survivorship rules. In this case, the conflict crosses Sales, Finance, Compliance, and the MDM implementation team, so it needs an enterprise-level governance decision with accountable data owners and stewards providing input. The decision should define the approved enterprise customer identifier, the hierarchy standard, and the survivorship logic before production loading. The MDM team can implement the approved rules, but it should not unilaterally decide business meaning or authority across domains. The key distinction is governance accountability versus technical custody.

• Technical completeness is not enough because the most complete source field may not be stable, authoritative, or acceptable across business functions.
• Local mappings preserve disagreement and undermine the purpose of a shared customer master.
• Waiting for duplicates treats governance as cleanup rather than preventing inconsistent master data rules before deployment.

Continue in the web app

Use IT Mastery for interactive DAMA CDMP Data Governance Specialist practice with mixed sets, timed mocks, topic drills, explanations, and progress tracking.

Try DAMA CDMP Data Governance Specialist on Web

Focused topic pages

• Data Governance Foundations and Principles
• Governance Strategy Business Case and Value
• Governance Operating Model and Organization
• Roles Responsibilities and Decision Rights
• Policies Standards Rules and Controls
• Governance Issue Management and Resolution
• Glossary and Metadata Governance
• Data Quality Governance
• Security and Compliance Alignment
• Master Reference and Architecture Governance
• Governance Metrics Maturity and Improvement
• Governance Program Operations