Catalogue
We inventory assets: what data exists, where it is, who handles it.
Once GDPR compliance matures, governance follows: a data owner per asset, measured data quality, a retention policy and a single catalogue.
GDPR requires you to know what data you process and why. Data governance goes a step further: who is responsible for each dataset, what minimum quality it must meet, how that quality is measured, how long it is retained, where it resides and to whom it can be disclosed.
Without governance there is no reliable ESG reporting, no auditable AI model, no consistent dashboard. It is the layer on which all others depend.
We build the framework — asset catalogue, data owner assignment, quality indicators — and leave the team equipped to maintain it. This is a practice that already begins with CSRD and will accelerate with ENS-AI and the AI Act.
Data asset catalogue
Centralised inventory. Who owns it, where it is, what quality it has.
Data owner assignment
A nominated owner per asset, with authority over access and quality.
Data quality KPIs
Completeness, accuracy, consistency. Measurable with a review frequency.
Retention and archiving policy
Compliant with GDPR, CSRD and sector-specific regulation.
Operational governance framework
Committee, procedures, tools. It does not stay on paper.
We inventory assets: what data exists, where it is, who handles it.
We assign responsibility per asset. Authority over its governance.
Indicators: completeness, accuracy, consistency. Measurable.
Retention and archiving policy. What is deleted, when and how.
The operational detail: what we deliver as part of the engagement and what we keep active afterwards.
Data asset catalogue
Centralised inventory of relevant datasets.
Data owner assignment
Nominated owners per asset. Decision authority over access and quality.
Data quality indicators
Measurable KPIs with frequency and alert thresholds.
Retention and archiving policy
Compliant with GDPR, CSRD and sector-specific regulation.
Operational governance framework
Committee, roles, procedures and tools. It does not stay on paper.
Data owner training
The asset owner understands the standard and the tools.
The layer on which GDPR, CSRD, the AI Act and financial reporting are built.
Without governance there is no reliable reporting, no auditable AI, no consistent BI.
No. GDPR covers personal data; governance covers all data relevant to the business.
Mid-market and above. For small SMEs it is usually premature.
Advisable, not essential. We can start with documentation and build in parallel with Sistemas.