“Governance” doesn’t need to mean committees and calendar invites. For builders, data governance is simply the minimum set of rules and metadata that answers three questions fast: Where did this data come from (lineage)? Who owns it (ownership)? When can we rely on it (SLAs)? This post shows a lightweight approach you can implement in a repo with a few conventions, a couple of checks, and zero drama.
Quickstart
If you want “minimum viable governance” that actually sticks, do these steps in order. Each one is designed to be small enough to ship this week and valuable enough to prevent the next late-night incident.
1) Pick your Tier-0 assets (the ones that hurt)
Start with the few tables/dashboards that trigger customer impact, revenue risk, or on-call pain. Governance scales from critical outward.
- List 10–20 “can’t be wrong” assets (tables, models, dashboards)
- Assign a tier: Tier-0 (critical), Tier-1 (important), Tier-2 (nice-to-have)
- Write the consumer: “used by X team for Y decision”
2) Add a single owner field to every Tier-0 asset
Ownership is the fastest way to turn chaos into a fix. It’s not about blame—it’s about routing.
- One DRI (directly responsible individual) or owning team
- A contact channel (Slack/email) for questions and incidents
- A backup owner for vacations and weekends
3) Define one SLA you can actually measure
The simplest useful SLA is freshness: “data is updated by 09:00 UTC daily.” Add completeness/quality later.
- Freshness target: max age or delivery time
- Scope: which partition/date column defines “fresh”
- Action: what happens when the SLA is missed
4) Capture lineage automatically (even if it’s imperfect)
Don’t hand-draw lineage diagrams. Generate lineage from your pipelines (dbt/Airflow/Dagster) and improve gradually.
- Start with transformation lineage: source → model → mart
- Link downstream “consumers” (dashboards/exposures)
- Store lineage where your team already works (repo/docs)
5) Create a tiny incident playbook
When a Tier-0 asset breaks, the first 15 minutes decide the outcome. A lightweight playbook removes guessing.
- How to check freshness and row counts
- Where to look for upstream failures (jobs, sources, APIs)
- Who to notify and what “fixed” means
If you can’t keep the metadata up to date with one PR, it won’t last. Put ownership, SLAs, and critical notes next to the code that builds the data.
Overview
Data governance for builders is not a policy deck—it’s the practical scaffolding that keeps analytics and product decisions stable as your data stack grows. You don’t need heavy process to get most of the value. You need a few consistent answers:
The 3 pillars (and what they prevent)
| Pillar | What it answers | What it prevents |
|---|---|---|
| Lineage | “Where did this come from, and what depends on it?” | Blind changes, surprise breakage, slow incident response |
| Ownership | “Who is responsible for this asset’s health?” | Orphaned tables, endless Slack pings, duplicated work |
| SLAs | “When is it ready, and what quality is expected?” | Trust collapse, dashboard whiplash, ad-hoc “is it updated?” checks |
This post covers a lightweight way to implement those pillars in a modern data stack (warehouse + transformations + BI): how to decide what to govern first, how to encode metadata as code, and how to set SLAs that map to real checks. You’ll also get copy/paste templates for ownership, data contracts, and a minimal monitoring loop.
You should be able to implement this with one repo convention, a few tests, and a dashboard/alert. If your governance requires weekly meetings, it’s already too heavy.
Core concepts
Good governance starts with clear vocabulary. The goal is to avoid debates like “Is this table owned by analytics or product?” and replace them with stable, documented defaults.
1) Data assets and tiers
A data asset is anything people rely on: a source table, a transformed model, a metric definition, a dashboard, or an API output. Not all assets need the same rigor—so tier them.
A simple tiering model
| Tier | Examples | Minimum governance |
|---|---|---|
| Tier-0 | Revenue dashboards, executive KPIs, customer-facing metrics | Owner + SLA + lineage + tests + incident playbook |
| Tier-1 | Team analytics marts, operational reporting | Owner + basic freshness + key tests |
| Tier-2 | Exploration tables, personal scratch | Light documentation; no strict SLA required |
2) Ownership: DRI vs steward (and why you want both)
Ownership is the routing layer. When something is wrong, the organization needs to know who can fix it (or decide what to do). Two roles are useful:
- Owner/DRI: accountable for correctness and changes; approves breaking changes.
- Steward: helps with documentation, definitions, and user support; may be the same person on small teams.
Shared ownership without a DRI usually means no ownership. Pick one name or one team and a backup. You can still collaborate—governance just needs a default decision-maker.
3) Lineage: technical vs business
Technical lineage tells you how data flows through systems: source tables → transforms → marts. Business lineage connects data to decisions: mart → metric → dashboard → team workflow. Builders usually start with technical lineage because tools can generate it, then add business context where it matters.
What lineage is for
- Impact analysis before changes (who will break?)
- Faster incident response (what upstream failed?)
- Reducing duplicated pipelines (reuse existing assets)
- Audits and reviews (what feeds this KPI?)
What lineage is not
- A perfect graph of every ad-hoc query
- A hand-made diagram you update manually
- Something you do for Tier-2 scratch tables
- A substitute for good tests
4) SLAs, SLOs, and what “reliable data” means
Teams use “SLA” loosely. The useful concept is: define an expectation, measure it, and decide what happens when it’s missed. If you like precision:
- SLI: the measurable indicator (e.g., minutes since last successful load).
- SLO: the target (e.g., 95% of days updated by 09:00).
- SLA: the promise and consequences (internal agreement, paging rules, communication).
Minimal SLA template (start here)
- Freshness: “Updated by 09:00 UTC daily” (or “max age 2 hours”).
- Completeness: “Daily partitions must exist for the last 7 days.”
- Quality: “No nulls in primary keys; referential integrity holds.”
- Response: “Tier-0 misses page owner; Tier-1 logs a ticket.”
5) Data contracts: governance that lives next to the code
A data contract is a compact, versioned description of what a dataset guarantees: schema expectations, ownership, sensitivity, and SLAs. The key builder advantage: it’s reviewable in PRs, and it can be validated automatically.
Treat governance metadata like code: version it, review it, and test it. That’s how you avoid “tribal knowledge governance.”
Step-by-step
This is a practical implementation path for data governance for builders. It assumes you have a warehouse and scheduled transforms (dbt/Airflow/etc.), but the ideas apply to any stack. The goal is to get value early and increase rigor only for assets that deserve it.
Step 1 — Inventory what matters (and stop there)
Don’t start with “govern everything.” Start with the data that drives decisions and incidents.
- Write down your Tier-0 assets (10–20 items is enough)
- For each: consumer, owner, and what “wrong” looks like
- Mark “sources of truth” (systems of record) separately from derived tables
Step 2 — Implement ownership with one default rule
You need a rule that works even when people don’t think about governance. Here are two defaults that keep teams moving:
Default A — Owner = team that changes it
If your team deploys the job/model that produces the asset, your team owns it.
- Works well for engineering-led stacks
- Clear for incident response
- Encourages clean interfaces (contracts)
Default B — Owner = domain steward
If the asset represents a business domain (billing, onboarding), the domain team owns it.
- Works well for domain-oriented orgs
- Aligns definitions with the business
- Requires clearer boundaries between domains
For Tier-0 assets, store: owner/team, contact, backup, and change policy (how breaking changes are announced). Everything else can be optional until it becomes Tier-0.
Step 3 — Encode contracts, lineage hooks, and SLAs as code
Put the metadata where builders already look: your transformation repo. The exact tool doesn’t matter; the pattern does: versioned metadata + automated checks.
Example: a minimal contract + owner + SLA (dbt-style)
This example shows how to attach owner, tier, and SLA metadata to a model, plus a couple of tests. Adapt the fields to your stack—what matters is that the information is structured and reviewable.
version: 2
models:
- name: fct_orders
description: "Canonical orders fact table used for revenue reporting and finance reconciliation."
meta:
tier: "tier0"
owner:
team: "data-platform"
contact: "#data-oncall"
backup: "finance-analytics"
sla:
freshness_minutes: 180
due_by_utc: "09:00"
incident_policy: "page_on_miss"
pii: "none"
consumers:
- "revenue_dashboard"
- "finance_month_end_close"
columns:
- name: order_id
tests:
- not_null
- unique
- name: customer_id
tests:
- not_null
- name: order_total
tests:
- not_null
exposures:
- name: revenue_dashboard
type: dashboard
owner:
name: "Growth Analytics"
email: "analytics@example.com"
depends_on:
- ref('fct_orders')
- ref('dim_customers')
description: "Executive revenue dashboard. Tier-0 consumer of fct_orders."The contract prevents accidental breakage. You still need a simple rule for breaking changes: version the dataset or give consumers a migration window.
Step 4 — Turn SLAs into checks (freshness + completeness)
An SLA without a check is a wish. Start with the two most actionable signals: freshness (is it updated?) and completeness (are expected partitions/rows present?). The checks below are intentionally simple—you can run them in a scheduler, CI, or a monitoring job.
Example: SLA check query (freshness + row-count sanity)
This SQL pattern flags “stale” tables and suspicious row-count drops. Customize the thresholds per Tier. (Shown in a Postgres-friendly style; adapt functions for your warehouse.)
-- SLA check: freshness + row-count sanity for a daily-loaded fact table
-- Assumptions:
-- - fct_orders has a column loaded_at (timestamp) set at ingestion time
-- - data should be updated within the last 180 minutes (Tier-0 example)
with stats as (
select
max(loaded_at) as last_loaded_at,
count(*) filter (where order_date = current_date) as rows_today,
count(*) filter (where order_date = current_date - interval '1 day') as rows_yesterday
from analytics.fct_orders
),
checks as (
select
last_loaded_at,
extract(epoch from (now() - last_loaded_at)) / 60.0 as minutes_since_load,
rows_today,
rows_yesterday,
case
when last_loaded_at is null then 'FAIL: never loaded'
when (extract(epoch from (now() - last_loaded_at)) / 60.0) > 180 then 'FAIL: stale'
else 'OK'
end as freshness_status,
case
when rows_yesterday = 0 then 'WARN: no baseline'
when rows_today < rows_yesterday * 0.6 then 'WARN: large drop'
else 'OK'
end as volume_status
from stats
)
select *
from checks;Step 5 — Use lineage for impact analysis (the “blast radius” move)
Once you have even partial lineage, you can answer the question every builder needs before merging a change: “What will this affect?” Start with Tier-0 assets and link them to:
- Upstream sources: APIs, OLTP tables, external vendors
- Transforms: models/jobs that produce the asset
- Downstream consumers: dashboards, reverse ETL, ML features, APIs
A practical lineage habit
- Before changing a Tier-0 model, check downstream consumers (dashboards/exposures)
- For breaking changes, do one of: version the model, add a new column, or add a deprecation window
- After incidents, update lineage notes (“this upstream source is flaky”) so future you wins
Step 6 — Automate the boring parts (and keep humans for decisions)
Automation should do the repetitive checks and routing; humans should decide definitions and trade-offs. A minimal automation set for Tier-0 looks like:
Automate
- Freshness checks (scheduled)
- Basic quality tests (keys, nulls, referential integrity)
- Schema change detection (warn on breaking changes)
- Alerts routed to the owner/contact
Keep human
- Definitions of metrics and business logic
- Deciding acceptable error budgets
- Consumer migration plans
- When to promote an asset to Tier-0
Example: validate contracts in CI (lightweight Python)
This script shows the pattern: read contract metadata, check that required fields exist, and optionally compare to live stats. Even if you don’t run live queries in CI, enforcing “owner + SLA + tier” prevents metadata rot.
import sys
import yaml
REQUIRED_META = ["tier", "owner", "sla"]
def fail(msg: str) -> None:
print(f"[governance] {msg}", file=sys.stderr)
sys.exit(1)
def main(path: str) -> None:
with open(path, "r", encoding="utf-8") as f:
doc = yaml.safe_load(f) or {}
models = (doc.get("models") or [])
if not models:
fail("No models found in contract file.")
errors = []
for m in models:
name = m.get("name", "<unknown>")
meta = m.get("meta") or {}
missing = [k for k in REQUIRED_META if k not in meta]
if missing:
errors.append(f"{name}: missing meta fields {missing}")
owner = meta.get("owner") or {}
if meta.get("tier") == "tier0":
# Tier-0 should have a contact for routing
if not owner.get("contact"):
errors.append(f"{name}: tier0 requires meta.owner.contact")
sla = meta.get("sla") or {}
if not (sla.get("freshness_minutes") or sla.get("due_by_utc")):
errors.append(f"{name}: tier0 requires an SLA freshness target")
if errors:
for e in errors:
print(f"[governance] {e}", file=sys.stderr)
sys.exit(1)
print("[governance] OK: contracts contain required metadata.")
if __name__ == "__main__":
if len(sys.argv) != 2:
fail("Usage: python validate_contracts.py path/to/schema.yml")
main(sys.argv[1])For Tier-0 assets: you can answer lineage, ownership, and SLA questions in under 60 seconds. If you can’t, add the missing metadata where the asset is defined.
Common mistakes
Lightweight governance fails in predictable ways. The fixes below are practical and usually cheaper than “rebuilding the pipeline” after trust has already collapsed.
Mistake 1 — Governing everything on day one
When everything is “critical,” nothing is. Teams stop updating metadata and governance becomes theater.
- Fix: tier assets; start with Tier-0 only.
- Fix: add rigor only when an asset becomes a dependency.
Mistake 2 — Ownership without routing
A team name in a doc doesn’t help at 02:00 if nobody knows how to reach them.
- Fix: require contact (Slack channel/email) and a backup for Tier-0.
- Fix: make owners part of alert routing (not a wiki entry).
Mistake 3 — SLAs defined, but never measured
Unmeasured SLAs become expectations that nobody can verify, which creates constant “is it ready?” noise.
- Fix: start with one measurable SLA (freshness) and a simple check.
- Fix: decide consequences per tier (page vs ticket vs log).
Mistake 4 — Lineage done by hand
Manual lineage diagrams drift immediately and give a false sense of certainty.
- Fix: generate lineage from pipeline definitions; accept “good enough” first.
- Fix: add business context only for Tier-0 consumers.
Mistake 5 — Breaking changes without a migration path
Renaming columns or changing definitions silently breaks dashboards and erodes trust fast.
- Fix: version datasets or provide a deprecation window.
- Fix: use lineage to identify consumers before merging.
Mistake 6 — Mixing access control with quality governance
Security and data quality are related, but they solve different problems and need different signals.
- Fix: document sensitivity separately (PII/PCI) from SLAs and tests.
- Fix: keep the “quality loop” simple so it gets maintained.
Incident response gets faster because people can answer: “What upstream changed?”, “Who owns it?”, and “What’s the expected delivery time?” without hunting.
FAQ
Do I need a data catalog tool to do governance?
No. A catalog tool can help later, but “data governance for builders” works fine with metadata-as-code in your repo plus a small inventory for Tier-0 assets. Start by making ownership, SLAs, and lineage links available where engineers work (PRs, docs, pipeline definitions).
What is the difference between lineage and documentation?
Lineage is about dependencies; documentation is about meaning. Lineage answers “what feeds this and what breaks if it changes.” Documentation answers “what does this represent and how should it be used.” For Tier-0 assets, you want both: dependency graphs and a clear definition.
What’s a good first SLA for analytics tables?
Freshness. Pick a target that matches business use (e.g., “updated by 09:00 UTC daily”) and measure it with a simple “max loaded_at” check. Once freshness is stable, add completeness (partitions exist) and a couple of high-signal quality tests (keys, nulls, referential integrity).
How do we choose the “owner” when multiple teams use the data?
Owner should be the team that can fix it and approve changes. Consumers can be many; ownership should be one. If definitions are contested, separate responsibilities: one team owns the pipeline health; a steward group agrees on definitions and metric semantics.
How much lineage is “enough”?
Enough lineage is whatever lets you do impact analysis for Tier-0 changes. If you can answer “what dashboards and jobs depend on this model?” you’re already ahead of most teams. Perfect lineage is not required; it’s more valuable to keep it current than to make it exhaustive.
What should happen when a Tier-0 SLA is missed?
Routing + communication. Route the alert to the owner/contact (page if needed), post a status update to impacted consumers, and use lineage to identify downstream assets that might show incorrect data. Then close the loop: add a guardrail or test that would catch it earlier next time.
Cheatsheet
A scan-fast checklist for implementing data governance for builders without turning it into a bureaucracy. Use it as a PR review checklist or a “done” definition for Tier-0 assets.
Tier-0 minimum checklist
- Owner: team + contact + backup
- Purpose: what decision it supports (one sentence)
- Lineage: upstream sources + downstream consumers linked
- SLA: freshness target + measured check
- Tests: keys, nulls, and 1–2 domain sanity checks
- Change policy: versioning or deprecation window
- Incident playbook: where to look first
SLA quick templates
| Signal | Template | Best for |
|---|---|---|
| Freshness | “Updated within X minutes / by HH:MM UTC.” | Most marts and dashboards |
| Completeness | “All partitions for last N days exist.” | Daily/weekly facts |
| Volume sanity | “Row count not < 60% of yesterday.” | Detecting broken ingests |
| Key integrity | “Primary keys unique; no nulls in identifiers.” | Preventing duplicates and joins from exploding |
PR review micro-checklist (30 seconds)
- Will this change break consumers? (Check lineage/exposures)
- Did the contract/metadata change? (Owner/SLA/description up to date)
- Do tests cover the new assumptions? (Keys, nulls, sanity)
- If it fails tomorrow, who gets paged? (Routing correct)
Wrap-up
Data governance doesn’t have to be heavy to be effective. If you implement just three things—ownership, measurable SLAs, and usable lineage—you’ll reduce incidents, speed up changes, and make data more trustworthy. The trick is to treat governance metadata as part of building: versioned, reviewable, and checked.
What to do next (pick one)
- Today: Tier your assets and assign owners to Tier-0.
- This week: Add a freshness SLA + alert for Tier-0 tables.
- This month: Link dashboards/exposures to their upstream models and formalize a breaking-change policy.
When someone asks “Is the revenue dashboard updated?” you can answer in one place, with one check, and the right owner is already notified if it’s not.
If you want to go deeper on building reliable analytics and performance, the related posts below are good next steps.
Quiz
Quick self-check (demo). This quiz is auto-generated for data / engineering / databases.