Artificial intelligence
AI has revolutionized the way organizations harness and govern data. Previously focused on compliance and documentation, governance must now become agile, dynamic and integrated with model lifecycles. A KPMG report highlights that 62% of organizations consider the absence of data governance to be the main obstacle to the success of AI projects. This article explores the challenges and best practices of data governance in the AI era.
Traditional governance systems were primarily designed to meet legal obligations and manage structured data (databases, records). Today, companies handle massive and diverse data streams (text, images, video), used to drive models that must evolve in real time. KPMG stresses that governance must incorporate transparency, auditability and explicability to support AI models throughout their lifecycle.
AI processes require continuous, automated pipelines; teams need to quickly detect and correct data drift or bias. Acceldata reminds us that legacy platforms were designed for static documentation, whereas AI models require active, telemetric governance. According to their surveys, 68% of professionals have already experienced model failures linked to data problems, and Gartner predicts that 60% of models will have to be re-trained or abandoned by 2026 due to poor data quality.
Regulations are multiplying: European AI Act, BCBS 239 and DORA directives for the financial sector, medical device regulations, etc. Collibra reminds us that companies must comply with requirements for traceability, explicability, accountability and transparency. Data governance must therefore provide audit evidence and quality controls to withstand inspections.
AI amplifies the risks of bias, hallucinations and unfair decisions. Poorly governed data leads to unpredictable patterns, erodes trust and generates litigation. Companies must therefore establish a culture of data quality and involve stakeholders (users, regulators, civil society).
Collibra proposes four pillars for making data “AI-ready”:
Visibility: having a unified catalog that lists datasets, their owners, classification and metadata. This makes it possible to understand which data feeds which models, and to identify risks.
Context: build a semantic graph linking data to business processes, models and people. This context facilitates the traceability and explicability of results.
Control: apply consistent, automated policies for data storage, access, retention and destruction. Controls must be tested regularly and integrated into data pipelines.
Traceability: maintain a complete data and model lifeline. This includes provenance, transformations, accesses and model results.
The SDG Group article points out that generative AI projects pose additional challenges:
Control and usage: organizations need to control the requests made to the model (prompts) and the uses made of responses, to avoid leaks of sensitive information or the generation of illicit content.
Agile experimentation environments: teams need to be able to test models rapidly, while respecting governance procedures. This requires sandbox environments and built-in controls.
Business dictionaries and data lineage: common semantics and detailed traceability are essential to verify the origin and transformation of data.
Data quality: generative AI amplifies the errors present in datasets; anomaly detection and data purification become priorities.
Regulatory compliance: the AI Act, DORA and industry directives require model documentation, risk assessment and human control.
| Aspect | Traditional governance | Governance in the AI era |
|---|---|---|
| Objective | Compliance and risk management (RGPD, sector-specific laws) | Value creation, bias reduction, adaptability and compliance |
| Data type | Mostly structured (relational databases) | Structured and unstructured (text, images, audio, video) |
| Process | Manual documentation, periodic updates | Automated pipelines, real-time monitoring (data observability) |
| Team roles | Separate legal and IT teams | Multi-disciplinary collaboration (data scientists, DPO, business, security) |
| Tools | Data catalogs and processing registers | Data catalogs, observability platforms, knowledge graphs |
| Dominant regulations | RGPD, national laws | RGPD, AI Act, BCBS 239, DORA, sectoral directives |
| Traceability | Based on schematics and procedures | Fine-grained model traceability (inputs, hyperparameters, outputs) |
| Bias management | Rarely addressed | Integrated via ethical audits and responsible committees |
Adopt data and model observability solutions: continuously monitor data quality, detect drifts and generate alerts when distributions change or biases appear.
Define clear roles: a chief data officer or head of governance must drive policy, while data stewards ensure quality and models. Collaboration with the CAIO (if present) is essential.
Set up a Data Governance Council: bring together all stakeholders (IT, legal, business, security) to validate policies, priorities and trade-offs. This helps to break down silos and integrate the ethical dimension.
Document the entire lifecycle: the data catalog must be connected to models, tests and performance. The history of versions and hyperparameters must be kept to facilitate audits.
Train teams and instill a data culture: make employees aware of the challenges of quality, confidentiality and ethics. Encourage responsible use of data and reporting of incidents.
Driving compliance: carrying out impact assessments (DPIAs) when processing is likely to present high risks, and integrating compliance right from the design stage (“privacy by design”). According to the 2026 barometer, only 32% of organizations with AI projects have carried out DPIAs, showing that there is still room for improvement.
Frequently asked questions :
What is data governance in the age of AI? This is the set of policies, processes and tools for managing massive and diverse data to feed AI models reliably, transparently and ethically. It encompasses data visibility, context, control and traceability.
Why are traditional systems no longer sufficient? Legacy platforms are documentation-driven and do not meet real-time monitoring needs. What’s more, 68% of professionals have already experienced model failures related to data quality; Gartner predicts that 60% of models will need to be replaced by 2026, requiring observability and dynamic governance tools.
What are the pillars for making data “AI-ready”? Collibra identifies four pillars: visibility (unified catalog), context (semantic graph), control (consistent policies) and traceability (data lineage).
How to integrate regulations? Governance must incorporate the requirements of the RGPD, the AI Act, industry directives and national laws. It must document models and implement human controls to respond to audits and risk assessments.
Data governance is an indispensable foundation for successful AI. In an era of generative models and tightened regulations, it must evolve into a proactive, integrated system. By adopting observability tools, clarifying roles and involving all stakeholders, organizations can transform governance into a lever for innovation and compliance.