From Data Chaos to AI Confidence: A Scalable Data Governance Architecture for AI-Driven Digital Platforms

preprint OA: closed
Full text JSON View at publisher
Full text 142,937 characters · extracted from preprint-html · click to expand
From Data Chaos to AI Confidence: A Scalable Data Governance Architecture for AI-Driven Digital Platforms | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article From Data Chaos to AI Confidence: A Scalable Data Governance Architecture for AI-Driven Digital Platforms Pabitra Saikia This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-9623212/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract Artificial intelligence (AI) has changed the competitive landscape of digital business. Despite heavy investment in AI, many digital enterprises fail to translate analytics into business value due to fragmented ownership, inconsistent definitions, and manual governance practices. This is because of serious problems in data governance. This paper advances a central argument: AI is only as strong as the data behind it. Modern digital enterprises generate massive volumes of data across distributed architectures, often resulting in fragmented, inconsistent, and untrusted data that undermines decision-making and AI effectiveness. Traditional centralized governance approaches do not work well in fast-paced environments. They create bottlenecks and limit business flexibility. The research in this paper draws on industry best practices and corporate governance principles to develop a federated data governance framework suitable for organizations using AI technologies. This research paper provides insights on data governance as an enabler of AI technology instead of just another form of regulatory governance. Data Governance Artificial Intelligence (AI) Data Trust Data Mesh Data Products Federated Governance Policy-as-Code Figures Figure 1 Figure 2 1. Introduction 1.1 The AI Paradox: Massive Investment, Uncertain Return AI-related investments made by firms have reached an all-time high. Firms belonging to different sectors are employing ML models, predictive analytics tools, and decision engines in a big way. Nevertheless, the problem remains that even after such substantial investments, many AI projects do not yield any tangible benefits for businesses [35], [32]. Projects often stall, models deteriorate in production, and executive confidence wanes. This paper looks at the main cause of AI underperformance: the lack of strong, scalable data governance. We argue that data governance is not an afterthought in AI strategy, it is essential . Without governed data, AI outputs are unreliable, unexplainable, and ultimately untrustworthy. Data-driven insight is positioned as the primary currency of competitive advantage in this age of digital commerce transformation. Every online interaction, clicks, page views, cart actions, purchases, product reviews, and customer support interactions, generates a valuable data point revealing patterns of consumer behavior, operational efficiency, and market dynamics. When this information is collected and analyzed, it uncovers powerful insights into customer behavior, operations, and market trends. By embracing digitalization, every click, view, addition to cart, purchase, rating, and service request becomes a critical piece of information that provides insight into consumer trends, performance metrics, and overall market forces. However, the very nature of the modern enterprise ecosystem - characterized by architectural decentralization, polyglot technology stacks, global operational scale, and rapid business evolution - makes it a particularly fertile environment for what we term "Data Chaos." This represents a systemic breakdown in data management that manifests across multiple dimensions of the organization and creates compounding negative effects on business operations, analytical capabilities, and strategic decision-making [2]. 1.2 Scope and Contribution This paper makes three main contributions to information systems literature. To begin with, it redefines data governance not as a means of ensuring compliance but as a key capability enabling the development of artificial intelligence capabilities . Secondly, it presents a management approach based on federated ownership, automation, and data products approach which is geared towards scalability in light of increasing complexity in AI capabilities. Finally, it provides actionable guidance on how to implement such an approach in information systems . The rest of the paper is organized as follows. Section 2 describes the data chaos problem and its effects on AI systems. Section 3 critiques traditional governance approaches. The proposed framework is presented in Section 4. The critical governance competencies are described in Section 5. The managerial decision-making considerations are addressed in Section 6. The implementation approach is detailed in Section 7. 2. Materials and Methods 2.1 RESEARCH APPROACH The proposed research uses a design science research (DSR) methodology, along with a structured review of existing literature, to create and describe a scalable federated data governance model for AI-enabled digital platforms. Design science research is particularly suitable for this work because the primary objective is to create and prescribe an adaptive managerial artifact, an integrated governance framework comprising principles, capabilities, and an implementation roadmap, that addresses a significant real-world problem (data chaos undermining AI initiatives) while contributing to IS management knowledge. Following the DSR guidelines proposed by Hevner et al. [1] and Peffers et al. [18], the research process consisted of the following iterative activities: 1. Problem Identification and Motivation Our study starts with clearly defining what we consider the "AI paradox", the significant financial investments organizations make into AI technology without any clear benefits largely because of the poor data governance underlying such initiatives. As a result of a thorough analysis of the industry reports, scientific publications about problems associated with data management failures (e.g., [33], [36]), and real-world issues emerging from large-scale data ecosystems (such as growing numbers of data silos, inconsistency, loss of data trust, potential violations of regulations, and lack of innovation), we have concluded that the "data chaos" issue represents the key obstacle.. 0. Objectives of the Solution The goals for the solution were to: (a) shift the focus on data governance from being seen as a burden for compliance to an enabler for successful AI initiatives; (b) develop a federated governance structure that is scalable, based on Data Mesh concepts, policy as code , and treating data as products; and (c) give practical guidance for implementation, such as a 24-month roadmap. These objectives explicitly target the research gaps in scalability, agility, and AI-readiness of existing governance approaches in dynamic modern enterprises. 0. Design and Development of the Artifact The core artifact, the managerial framework for AI-ready data governance, was developed through an iterative process of integrative literature synthesis and refinement. The research process included the review of key literature on data governance fundamentals (such as the DAMA-DMBOK approach), Data Mesh philosophy [12], practice of policy-as-code, and relevant case studies on difficulties with AI deployment. Core ideas from these papers were combined and elaborated by adding an additional layer for AI governance that involved specific considerations regarding feature semantics, explainable lineage, and alignment with new regulation guidelines like the upcoming EU AI Act. The resulting framework relied on the synergy of three underlying principles: "Federated Ownership with Centralized Standards", "Automation as a Scaling Approach", and "Data as a Product" and was operationalized by means of four core capabilities: Discoverability & Understandability, Quality & Reliability, Security/Privacy/Access Control, and Interoperability & Standardization. Service level objectives (SLOs), metadata requirements, canonical data models, and the phased implementation roadmap emerged from mapping governance requirements against the specific demands of AI systems in high-velocity operations. 0. Demonstration and Evaluation The framework is demonstrated through its application to the diagnosed manifestations of data chaos in today’s enterprises. Evaluation draws on multiple forms of evidence: ● Theoretical evaluation via alignment with established IS theories and frameworks (e.g., data product thinking, federated computational governance). ● Validation by practitioners based on the authors' analysis of industry practice, experience with implementation on digital platforms, and outcomes reported by organizations using a similar decentralized governance approach (e.g., improvement in data quality measures, savings in data preparation time, accelerated deployment of AI initiatives, and increased compliance readiness). ● The qualitative and quantitative metrics discussed in the literature and case studies include the amount of time spent by data scientists on wrangling (prior to governance) compared to increased efficiency and trust after deployment, minimized reconciliations, and minimized compliance risks. While a full-scale empirical validation across multiple organizations lies beyond the scope of this conceptual paper, the framework’s components were iteratively refined against known failure modes of traditional governance and success patterns from Data Mesh adoptions. Future empirical studies can further test the framework through longitudinal case studies or action research. 0. Communication The outcomes of the design process are conveyed via this paper in a manner that is comprehensible to both the IS researcher and practitioner communities. The theoretical underpinning, principles, capabilities, management decisions, and implementation steps are articulated in a way that makes sense, provides practical examples, and gives guidance for action. This mixed methodology approach guarantees that rigour is achieved via structured literature grounding whilst at the same time ensuring the relevance of the model to information systems management practice. Through the inclusion of the development process, we can overcome some of the shortcomings associated with pure proposition. 2.2. THE DATA CHAOS PROBLEM 2.2.1 Defining Data Chaos The term "data chaos" describes a systemic condition in which enterprise data is simultaneously abundant and unusable, voluminous yet fragmented, accessible yet unreliable, stored yet ungoverned. Data chaos is not an anomaly; it is the default state of most large organizations operating across distributed digital systems [33]. 2.2.2 Manifestations of Data Chaos Data Chaos in modern enterprises exhibits several characteristic manifestations that collectively undermine organizational data capabilities: ● Proliferating Data Silos: Data gets trapped within the functional boundaries in organizations, for example, marketing, sales, logistics operations, finance, customer service units, each maintaining independent data repositories with proprietary definitions, heterogeneous storage solutions, incompatible data formats, and restrictive access protocols. Besides, Digital systems architecture often relies on a microservices architecture that constantly generates new, siloed data sources. This architectural fragmentation prevents the holistic, cross-functional data integration necessary for comprehensive business insights and creates redundant data storage with inconsistent update patterns [3]. ● Crippling Data Inconsistency: Critical business metrics become subject to conflicting definitions and calculation methodologies across different organizational units. Without federated guardrails, domains may define data differently, impeding interoperability and leading to divergent reports, endless reconciliation meetings, executive paralysis in decision-making, and erosion of confidence in data-driven insights. This inconsistency extends beyond definitions to include temporal misalignment, where different systems update at different frequencies, creating temporal data quality issues [4]. ● Systematic Erosion of Data Trust: When business users cannot independently verify the provenance, lineage, or quality characteristics of a dataset, they rationally default to a position of distrust. This results in reversion to manual, spreadsheet-based processes despite available automated alternatives. Decision-making based primarily on intuition and experience rather than current evidence exposes IT systems to the creation of unofficial data marts and, ultimately, to the underutilization of expensive data infrastructure investments [5]. ● Escalating Compliance and Security Risks: Comprehensive data privacy regulations including the European Union's General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), Brazil's Lei Geral de Proteção de Dados (LGPD), and numerous other regional and national frameworks impose strict, legally binding requirements on the collection, processing, storage, and deletion of personal data. In a state of Data Chaos, where data flows are poorly documented, lineage is unknown, and classification is inconsistent, compliance becomes a reactive, resource-intensive, high-risk endeavor characterized by expensive manual audits, elevated breach risks, and potential regulatory penalties that can reach millions of dollars [6]. ● Systematically Impeded Innovation: Advanced analytics initiatives, sophisticated machine learning models, and real-time decisioning systems exhibit an absolute dependency on clean, reliable, well-documented, and readily accessible data. Data Chaos at the foundational data layer inevitably translates into project failure at the analytical and model-deployment layers. Data scientists report spending 70-80% of their time on "data wrangling", cleaning, standardizing, joining, and correcting data, rather than on actual model development, feature engineering, and algorithmic innovation [7]. 2.2.3. The Inadequacy of Traditional Governance Approaches The rapid rise in the use of data across enterprises has brought a paradigm shift in the way organizations handle, process, and use data. The more hierarchical structures typical of the data governance regime, which tend to use centralized structures, are impractical in dealing with the challenges posed by the enterprise data environment [8]. The traditional approaches exhibit several critical limitations, like slow operation for the velocity requirements of business cycles, bureaucratic overhead that frustrates business users, inability to scale the centralized resources to match the exponential growth in volume and variety; and conceptualization of data as a passive IT asset to be controlled and restricted, rather than as an active product to be curated, enhanced, and broadly consumed across the organization [9]. 2.2.4. Research Gap and Objectives This research aims to bridge the disconnect between theory and practice in data governance, especially when it comes to scalability and agility. According to this study, the sustainable journey from data disorder to data trust will only be possible through adopting a data governance approach that is scalable and has an agile architecture. Such a framework must enable and accelerate, rather than inhibit, data discovery, access, and utilization while simultaneously ensuring quality, security, privacy, and regulatory compliance. ● Diagnose the specific technical and organizational manifestations of data chaos in a large-scale operational context. ● Propose a comprehensive, scalable, federated governance blueprint architecturally grounded in Data Mesh paradigm principles. ● Detail the 24-month implementation journey, highlighting the critical interplay between technology enablement (particularly policy-as-code automation) and organizational change management. ● Evaluate framework effectiveness through extensive quantitative and qualitative evidence of measurable impact on real-world business operations and analytical capabilities. ● Extract and formalize generalized principles, critical success factors, and actionable lessons learned for other enterprises embarking on similar governance transformation initiatives. 2.3. LITERATURE REVIEW AND THEORETICAL FOUNDATION A. Foundational Data Governance Concepts Contemporary DG involves a set of integrated responsibilities, ranging from data quality management to models of ownership and privacy, as well as near-real-time responses to regulatory pressures, such as the GDPR and CCPA, and other business demands [6]. Data governance is described in literature as the exercise of power and collective decision-making in the planning, management, and control of data within an organizational setting. According to foundational literature, there are three basic functional components of these programs: People , that is, roles, responsibilities, decision rights, and accountability; Process , which comprises workflow, procedures, standards, and compliance; and finally, Technology , which includes the platform or environment, tools, and automation that make these processes work smoothly. As far as the strategic objectives of data governance are concerned, they are universally recognized as being the achievement of data quality, data security, privacy, and compliance and finally maximizing the value of organizational data resources. The Data Management Body of Knowledge (DMBOK) model, as proposed by DAMA International, captures the eleven breadth knowledge topics in the domain of data governance, ranging from data architecture/modeling to data quality management, master data management, reference data management, data warehousing, business intelligence, metadata management, and security. While the model has the potential to serve as a theory, there remain many uncertainties regarding best practices for its implementation [10]. B. The Scalability Crisis in Traditional Governance The architectural centralization of traditional governance models fundamentally fails in operational environments characterized by exponential growth in data volume, accelerating velocity of data generation, and expanding variety of data types and sources - all of which are defining characteristics of modern enterprise ecosystems. The resource constraints are mathematical: a central team of 10-15 governance specialists cannot possibly maintain detailed knowledge of, provide responsive service for, and ensure quality across thousands of datasets spanning dozens of distinct business domains. The result is either governance coverage that is superficial and ineffective or governance processes that become bottlenecks, causing unacceptable delays in data access and analytics project timelines [11]. C. The Emergence of Decentralized Governance Paradigms Data Mesh, a conceptual framework introduced and extensively elaborated by Zhamak Dehghani at Thoughtworks, proposes a fundamental paradigm shift in both architectural thinking and organizational structure for data platforms [12]. The Data Mesh framework rests on four foundational principles: ● Domain-Oriented Decentralized Data Ownership : Data ownership and operational responsibility are systematically shifted from a centralized data team to the distributed business domains that are organizationally closest to the data's point of origin and possess the deepest subject matter expertise [13]. ● Data as a Product : Each business domain is held accountable for treating its data outputs as formal "products" with defined consumers, quality guarantees, service-level objectives, and product-management discipline. These include ensuring data cataloging for discoverability, quality validation and management, security, and business continuity via proper access controls, and, finally, ensuring interoperability through standard interfaces and schematics [14]. ● Self-Serve Data Infrastructure as a Platform : A centralized platform engineering team provides and maintains an underlying infrastructure platform that abstracts away technical complexity and makes it feasible for domain teams - who are primarily domain experts rather than data engineering specialists to efficiently build, publish, govern, and maintain their data products without requiring deep specialized expertise in distributed systems, data storage technologies, or data pipeline orchestration [15]. ● Federated Computational Governance : Federated governance is organized by a cross-functional council and establishes global standards, policies, and interoperability rules to ensure organizational consistency. More importantly, though, is how these policies are enforced, automatically and computationally, i.e., directly within and implemented via the self-serve infrastructure platform versus manually and procedurally. This is what enables scaling while retaining ownership within a decentralized domain [5]. D. The Critical Role of Policy as Code The practical mechanism enabling federated computational governance is the concept of "policy-as-code", where governance rules, quality standards, and compliance requirements are defined not in policy documents or procedural manuals, but in machine-executable code that can be automatically enforced at scale. Data governance automation, encoding policy enforcement (including data quality validation checks, personally identifiable information (PII) masking rules, data retention policies, and access control enforcement) is not merely an efficiency optimization but rather represents the only technically feasible approach to governing data at the speed and scale characteristic of modern data platforms handling petabytes of data across thousands of data pipelines [16]. E. Analytical Competition Research by Davenport, Harris, and Morison demonstrates that companies competing on analytics, a defining competitive strategy for successful enterprises require a high degree of data democratization, where analytical capabilities and data access are distributed broadly across the organization rather than concentrated in specialized analytics teams [17]. Scalable Data Governance enables this strategic level of democratization and provides the necessary technical infrastructure to allow widespread access to and utilization of data without falling into the abyss of poor-quality data outcomes, breaches, and violations. The organizations that fail to govern their data at the speed at which business is performed are left with a choice between having governance and having agility. They often forego governance processes when time is imperative, thus generating precisely what they sought to avoid: chaos. 3. Results 3.1. A MANAGERIAL FRAMEWORK FOR AI-READY DATA GOVERNANCE Strategic Foundation: Principles Before Platforms Organizations need to decide between starting their governance framework development with strategic planning or technological implementation. The industry has experienced multiple governance program failures because organizations that buy expensive tools before defining their strategic direction will experience system failure. The recommended method reverses the standard approach. The process needs to start with strategic design sessions, which bring together cross-functional leadership teams to resolve fundamental business governance questions . The organization needs to determine what governance excellence looks like for its operations, establish ownership roles, find an equilibrium between control measures and fast decision-making, and identify which processes need automation and which require human intervention [19]. Based on these foundational discussions, we propose a governance framework organized around three mutually reinforcing principles. These principles are interdependent and amplify each other’s. 3.1.1 Principle I: Federated Ownership with Centralized Standards The foundational structural decision in AI-ready governance is the allocation of data ownership. We argue for a federated model in which business domains own their data, including its quality, documentation, and fitness for use—while a central governance function establishes and enforces cross-domain standards for interoperability, security, and compliance. This structure resolves the governance paradox by distributing accountability to the level where data is best understood, the domain, while preventing the proliferation of incompatible local conventions that make cross-domain AI impossible. Domain ownership means that the team generating the data is also responsible for its quality and documentation. Central standards mean that data produced independently across domains can be integrated without translation overhead. A federated system allows domain teams to take ownership of their data products because they possess a deep understanding of their data assets and business requirements. Lack of coordination among the federated systems causes a complete failure of the system. The main function of the governance should come up with standardized processes that have data classification, privacy process, data interoperability, and quality performance metrics. Each domain works on its own within specific boundaries; hence, it can find its data resources and be connected to the company [20]. The federated approach borrows from the data mesh framework described by Dehghani [12] but enhances it with a clear AI governance aspect whereby the domains should not only be capable of delivering high-quality data but also describing it in ways that can be understood by AI technologies. 3.1.2 Principle II: Automation as a Governance Scaling Mechanism : The current manual governance systems do not have the capacity to handle increasing workloads. The growing amount of data and different types of information create linear processing delays in human-based approval systems. A policy that requires human verification for all data access requests works properly with 50 monthly requests but fails entirely with 500 requests per month. Therefore, organizations must embed governance in code, so that quality checks, access controls, and compliance requirements are enforced automatically at the point of data creation and transformation rather than as post-hoc manual reviews. Data pipelines should perform automated execution of data quality validations, access control policies, privacy protections, retention rules, and compliance checks instead of relying on procedural documentation and human intervention [21]. There are two major benefits to adopting such a method in artificial intelligence ecosystems. One is that it avoids the time gap that exists in manual systems from the creation of the policy to enforcing it. Another is that it generates machine-readable audit trails that satisfy the explainability requirement that regulators like the EU AI Act require. 3.1.3 Principle III: Data as a Product Business operations generate data, which traditional methods treat as an unimportant database accumulation from transactions and processes. The current approach to data management results in poor-quality information with inconsistent meaning because data exists mainly to support operational systems instead of analytical users who require it. Organizations need to transform their data management operations through the adoption of the product mindset. Each domain needs to handle its output data through product management, which includes consumer identification, quality standards, documentation, and active product life cycle control. Data product owners need to understand consumer needs because they handle data products in the same way product managers handle customer requirements for their teams [22]. The data product concept [12], [34] has direct implications for AI development. When data is managed as a product, AI teams can discover, evaluate, and consume it with confidence that it has been validated for specific use cases, that its limitations are documented, and that it will be maintained over time. This contrasts sharply with the current reality in most organizations, where AI teams must independently assess the quality and appropriateness of data they discover, a process that is time-consuming, inconsistent, and frequently wrong. 3.2. CORE GOVERNANCE CAPABILITIES FOR AI SUCCESS The three principles of the framework must be operationalized through four governance capabilities. These capabilities address the specific requirements that AI systems impose on data environments. 1) Pillar 1 - Discoverability and understandability: The first pillar ensures that data assets across the organization are easy to find. The first pillar also ensures that data assets are easy to understand and easy to access for authorized users. Organizations need to build data catalog capabilities that offer AI teams semantic transparency, both about the existence of data and its meaning. For this, organizations need to have consistent business glossaries that can be mapped to data assets, data lineage that tracks how the data was generated and where it is consumed, data classification based on sensitivity and usage rights, and ownership information that facilitates consumer-producer communication. This is because semantic transparency is especially important in cases where enterprise data will be used to fine-tune or augment any large language model or other foundation models. This is mainly because there will need to be a proper documentation of the data that will be utilized for the process. a) Mandatory Metadata Requirements: Every data asset that the organization publishes must have metadata. Metadata must span both business and technical dimensions [23]: Business Metadata: ● Human-readable description explaining what the data represents ● Business glossary term mappings connecting data to standard terminology ● Identified business owner and technical owner with contact information ● Designated data domain for organizational context ● Sensitivity classification indicating protection requirements ● Define the business purpose that explains why the data exists Technical Metadata: ● Schema information (fields, data types, constraints) ● Data lineage showing source systems and transformation logic ● Refresh frequency and latency characteristics ● Data volume and growth trends ● Quality metrics and service level indicators ● Access protocols and query patterns ● Dependencies on upstream systems b) Unified Data Catalog Implementation: A central data catalog platform functions as the official repository, which provides complete data discovery capabilities. Organizations need to evaluate catalog solutions based on the following factors [24]: ● The system needs flexible operation because it requires performing metadata management functions. ● The system requires an automatic data source detection system that displays all connected data paths. ● The system needs workflow capabilities to perform metadata maintenance operations. ● The system requires complete integration with all existing data platforms through its existing integration features. ● The system requires an efficient method that enables users to perform data searches and discovery operations. ● Total cost of ownership c) Data Product Service Level Objectives: Every Domain team needs to create Service Level Objectives (SLOs), which define essential quality characteristics and establish tracking systems for their data product releases. The following SLOs must be included as minimum requirements for each data product: ● Freshness: The maximum time period between source event occurrence and data readiness must be specified through freshness SLOs (e.g., "orders become available within 15 minutes after transaction completion") [25] ● Completeness: The minimum acceptable value for required fields needs to be defined through completeness SLOs, which state that customer email information should exist in more than 99% of all records [26]. ● Accuracy: The system needs to run validation rules perpetually because accuracy SLOs demand this (e.g., "the order amount must match the total value of line items with a difference of no more than $0.01") [27]. ● Availability: The system must maintain at least 99.5% operational availability during business hours according to availability Service Level Objectives (SLOs) [28]. 2) Pillar 2 - Quality and Reliability: Organizations need to create methods that check and validate extensive data sets according to the second pillar. a) Domain Owned Quality Rules: Domain stewards who understand their subject matter best should create official quality standards that apply to their particular domain areas. A centralized team cannot establish valid product SKU formats, customer lifetime value calculation business rules, and logistics shipment date requirements, which are essential for order fulfillment. Quality rules need to exist in formats that machines can execute automatically. The following examples demonstrate quality rule definitions [26]: ● The system follows format rules that check email addresses against regex patterns and postal codes against their respective national standards. ● The system keeps product prices within defined boundaries, and dates remain within acceptable timeframes. ● Referential integrity: Foreign keys reference existing records in related tables ● Business logic: Order total equals the sum of line items plus tax minus discounts ● Statistical rule: Daily transaction volume falls within 3 standard deviations of the historical mean. b) Automatic Quality Validation: The data platform infrastructure needs to run quality rule checks automatically throughout different stages of data processing [29]: ● At ingestion: The platform requires source data quality validation before it can start processing new data entries. ● During transformation: The transformation process needs to preserve or enhance data quality standards. ● At publication: The system requires verification of Service Level Objectives fulfillment for published data products before making them available to consumers. 3) Pillar 3 - Security, Privacy, and Access Control: AI systems process data at a scale and depth that amplifies the consequences of security and privacy failures. A model trained on improperly anonymized data may memorize and expose personally identifiable information. A model with excessive data access may enable inference attacks. An AI system trained on biased historical data may perpetuate or amplify discriminatory patterns. Governance frameworks for AI-driven organizations must address these risks explicitly. Specifically, limitations on purposes have to be considered to limit the use of AI in training only to datasets where explicit consent or justifiable basis has been established, privacy through differential privacy and federated learning in sensitive fields, bias detection and reduction during the model design phase, and auditing capabilities. Responsible AI governance is increasingly a legal requirement rather than an ethical aspiration. The EU AI Act, the NIST AI Risk Management Framework, and sector-specific regulations impose specific requirements on the data practices underlying high-risk AI systems. Organizations that have invested in governance infrastructure are substantially better positioned to demonstrate compliance than those managing data reactively. The third pillar contains vital data security requirements, which consist of privacy protection and authorized access control systems. a) Comprehensive Data Classification: A standardized classification system needs to become mandatory for all data assets, while organizations must enforce it strictly. The recommended classification system consists of four distinct levels, which include [23]: ● Public Data: The organization can freely distribute this information because it contains no sensitive data (e.g., product catalogs and published marketing materials) ● Internal Data: The organization uses this data for internal operations, but it lacks specific security requirements (e.g., combined sales statistics and operational performance dashboards) ● Confidential Data: The organization needs to limit access to this business-critical information, which includes pricing strategies, supplier contracts, and financial projections. ● Restricted Data: The organization must protect all sensitive information, which includes personally identifiable information (PII), protected health information (PHI), payment card data, and all other data that requires complete security protection. b) Policy-as-code for Automated Enforcement: A standardized classification Security and privacy governance at a large scale needs complete automated policy enforcement through code-based policy definitions. The implementation process requires three essential elements to achieve its target success [16]: ● Global Policy Definition: The Governance Council develops business-friendly policies that are converted into operational code definitions. ● Policy Engine Integration: The policy engine operates as a computational system that runs automated policy evaluations during runtime operations while connected to data pipelines and access workflows. ● Automated Compliance Controls: The system runs automated compliance controls that perform essential security tasks independently through operations that include PII masking in non-production environments, policy-driven data retention with automated deletion schedules, encryption of sensitive data, restrictions on international data transfer, and time-bound access permissions that expire automatically. ● Self-Service Access Management: The data catalog requires self-service access management functionality, which connects identity and access management systems to enable users to obtain access through automated processes instead of using manual tickets or unstructured approvals. Users find their required data products through discovery before they initiate access requests for professional reasons, which get processed through automated approval pathways to their assigned Data Owners. 4) Pillar 4 - Interoperability and Standardization: Enterprise AI creates a demand for data integration at a scale that exposes the cost of definitional inconsistency. When a churn prediction model must integrate customer data from CRM, behavioral data from analytics platforms, and transaction data from financial systems, incompatible definitions and schemas impose translation costs that accumulate across every model trained and every insight produced. Organizations must invest in enterprise data models and shared semantic layers that enable cross-domain AI without bespoke integration work for every use case. This is not a new insight, canonical data model that have been advocated in the IS literature for decades, but the AI context makes the business case more urgent and the cost of neglect more visible. The fourth pillar enables data integration and cross-domain analytics through strategic standardization methods. a) Comprehensive Data Classification: The Governance Council needs to develop standardized data models that will function as unified reference points for vital shared data entities. Organizations need to implement these standard data models for their operations [16]: ● Customer: The customer data model needs to include non-changeable fields that establish customer identity, store contact information, preference data, and demographic details. ● Product: The product data model needs to include established fields that use product identifiers, categories, attributes, and price information to identify products. ● Order: The order data model requires predefined fields to store transaction details, individual order items, and their current delivery status. ● Location: The location data model needs specific fields to store facility details, address information, and geographic organizational structures. ● Organization: The organization data model needs to include predefined fields that identify business entities together with their connections to vendors and partners. b) API and Interface Standards: The development of interface standards for data products will create consistent interfaces that enable interoperability between systems [10]: ● Query Patterns: The system requires standardized data access methods, including SQL, REST APIs, and GraphQL interfaces. ● Authentication: The system needs an authentication system that serves as the access point for all users. ● Data Formats: The system requires standardized formats for batch data serialization through Parquet and Avro and for streaming data through JSON and Protocol Buffers. ● Schema Evolution: The system needs to follow versioning rules and maintain backward compatibility when modifying schema structures. ● Error Handling: The system should use standardized error codes together with uniform error messages. c) Shared Business Glossary: A business glossary located in one place defines official meanings for essential business terminology. The glossary requires inclusion of the following information [8]: ● Business Terms: The glossary should contain official definitions for Active Customer, Gross Merchandise Volume, Product Category, and other essential business terms. ● Calculation Logic: The glossary requires full mathematical formulas that demonstrate the calculation methods for Customer Lifetime Value and Inventory Turnover. ● Relationships: The glossary should show how different terms connect. ● Synonyms: The glossary should show which alternative terms refer to the established definitions. ● Data Lineage: The glossary requires demonstration of business term connections to specific data catalog assets, which store vital data information. 3.3. MANAGERIAL DECISION POINTS Implementing AI-ready governance requires a series of consequential leadership decisions. We identify four decision points that determine the effectiveness and sustainability of the governance transformation. 3.3.1 Governance Structure: Centralized vs. Federated The choice of governance structure, centralized versus federated, is not only an architectural one, but also based on organizational assumptions about who holds the necessary knowledge regarding the data and what balance needs to be struck between centralization and agility. A fully centralized approach provides consistency but cannot scale and tends to lack the necessary knowledge to make sophisticated quality assessments. A fully decentralized approach maintains autonomy but generates fragmentation that will rule out AI at the corporate level. The federated governance framework proposed in this paper is a sensible compromise, but it requires clear delineation of the line between standards that must be universally followed (for example, security classification, privacy measures, minimum quality levels for regulated data) and those that are subject to variation by domain (documentation style, internal quality measurements). 3.3.2 Automation vs. Human Judgment Policy-as-code is an effective scale-up tool for governance, but there are some types of governance decisions for which automation is not ideal. It can be a moral decision about the suitability of certain data usage; it could also be a decision on whether or not the performance of the model meets the required standards in the relevant governance scenario, or whether an exception to governance is justified in a certain situation. Leaders should have clear criteria on what decisions will be automated and what will involve human intervention and avoid any temptations to automate governance processes just because this is technically possible. 3.3.3 Investment Sequencing Organizations will not always be able to invest in all governance capabilities at once. The ordering of investment choices carries considerable ramifications in the context of AI. We would advise prioritizing investments in the following order, given their impact on AI outcomes: ● Data quality management (automatic validation, quality assurance, remediation processes): Absent high-quality data, any other investments in governance result in low-quality AI outcomes. ● Data catalog and discovery (semantic documentation, provenance tracking, ownership designation): Absent discoverable data, AI developers cannot discover relevant training datasets, thus wasting time in the discovery process and misusing data. ● Access management and security policies: Absent access controls, an organization risks legal liability that could stop AI implementation altogether. ● Interoperability and semantic standardization: Once quality, discoverability, and security are established, investment in semantic standardization unlocks cross-domain AI capabilities at scale. 3.3.4 Governance as Organizational Culture Technical governance infrastructure is necessary but insufficient. Data governance fails when it is perceived by data producers and consumers as an external imposition rather than a shared organizational value. Building governance culture requires executive sponsorship that signals governance as a strategic priority, incentive structures that reward data quality alongside productivity metrics, training programs that build governance literacy across technical and business roles, and governance communities of practice that enable peer learning and norm reinforcement. Organizations that have successfully embedded governance culture report that the marginal cost of compliance decreases over time as governance behaviors become habitual rather than effortful [31]. This cultural dimension is often underweighted in governance transformation programs that focus exclusively on technology and process. 3.4. IMPLEMENTATION ROADMAP Transitioning from data chaos to AI-ready governance is a multi-phase transformation that cannot be accomplished in a single initiative. We propose a three-phase roadmap that sequences governance investments according to their dependencies and their leverage over AI outcomes. 3.4.1 Phase 1: Stabilize (Months 1–6) The stabilization phase focuses on identifying and remediating the most critical governance failures, those that are actively undermining current AI initiatives or creating regulatory exposure. Key activities include: ● Conducting a data governance maturity assessment to identify critical gaps in quality, ownership, and compliance. ● Establishing clear ownership for high-priority data domains, with named accountable individuals rather than committees. ● Implementing minimum viable data quality controls for data assets currently feeding production AI systems. ● Creating an inventory of data assets and their known quality issues to support prioritization in subsequent phases. The stabilization phase is deliberately limited in scope. Its purpose is not to solve the governance problem comprehensively, but to stop the accumulation of governance debt and establish the organizational credibility needed to sustain a longer transformation. 3.4.2 Phase 2: Standardize (Months 6–18) The standardization stage builds out the governance framework that allows for the creation of consistent and reliable data. Activities at this stage include: ● Creation and publication of enterprise data standards covering data quality, data security, data privacy, and data interoperability. ● Development of a data catalog, including semantic tagging and lineage and ownership management for priority domains. ● Implementation of the federated governance framework, establishing the demarcation line between the center and the domains. ● Start of policy as code for critical aspects of data quality and accessibility. ● Alignment of business glossaries across different domains for cross-domain AI. 3.4.3 Phase 3: Scale (Months 18+) The Scaling stage operationalizes the governance model at the enterprise level, allowing for self-service access to data and AI development built on a trustable data infrastructure. Activities during the scaling phase include: ● Scaling policy-as-code automation to all data pipelines and domains. ● Enabling self-service access to governed data that does not become dependent on any central approval process. ● Embedding governance in AI development practices such as gated data quality and data cards for training datasets. ● Managing the full lifecycle of data products – from versioning, to deprecation, and informing data consumers about updates. ● Building continuous governance improvement processes in response to advancing AI technologies and changing regulations. 4. Discussion 4.1 Governance as the Foundation of AI Value The framework presented herein relies on an assertion that: data governance is not an expense or compliance-related activity; rather, it is the most important factor in realizing value through AI. This assertion challenges prevailing views about technology management wherein model design, computing capabilities, and algorithm development are touted as critical factors behind AI supremacy. However, research indicates otherwise. For example, Sambasivan et al. [36] discovered that data-based enhancements to AI models, improved data quality, documentation, and governance were always superior to model-based improvements during actual operations. Amazon's early investment in data quality infrastructure, Google's development of internal data management practices, and the documented failures of high-profile AI initiatives in healthcare and finance all point to the same conclusion: AI capability is constrained by data governance capability. 4.2 Organizational Implications The transition to federated, automated governance has significant organizational implications that extend beyond technology. It requires redistribution of data accountability from central IT functions to business domains—a change that challenges existing power structures and may encounter significant resistance. It requires new role types (data product owners, data quality engineers, AI governance specialists) that do not exist in most organizations. And it requires executive leadership that sustains commitment to governance investment over a multi-year transformation horizon despite pressure to prioritize visible AI deliverables over invisible governance infrastructure. These organizational challenges are not peripheral to the governance transformation; they are central to it. Technology implementations that neglect the organizational dimensions of governance routinely fail to achieve sustainable impact [30]. 4.3 Limitations and Future Research The current paper is mainly conceptual and based on practices within the industry rather than being an empirical study. Future research may include developing quantitative indicators of the level of maturity of governance and its impact on the results obtained from using artificial intelligence, understanding the organizational factors affecting the adoption of federated governance and potential barriers to change, and the governance needs of new AI applications such as generative AI, foundation models, and autonomous decision-making. 5. Conclusions The central argument of this paper can be stated simply: organizations cannot build trustworthy AI on untrustworthy data. Yet most organizations investing in AI are doing precisely that: deploying sophisticated models against ungoverned, fragmented, and inconsistently defined data environments, then attributing the resulting failures to algorithmic limitations rather than to governance failures. The model presented above, which includes federation ownership, policy automation, and data product mentality , creates architecture for making the shift from data chaos to data confidence. The model is based on the understanding that AI readiness is ultimately a data governance challenge, and that resolving such a challenge calls for constant commitment from organizations in terms of investing in their data governance capabilities. For information systems scholars, the governance-AI nexus represents a rich and consequential research domain. For practitioners, the message is both challenging and actionable: the path to AI confidence runs through data governance, and the time to begin that journey is now. Declarations Author Contributions: The author solely conceptualized the study, developed the methodology, conducted the analysis, interpreted the results, and wrote and revised the manuscript. The author has read and approved the final version of the manuscript. Funding: Not applicable. Data Availability Statement: Not applicable. Conflicts of Interest : Not applicable. References A. R. Hevner, S. T. March, J. Park, and S. Ram, Design Science in Information Systems Research, MIS Quarterly, vol. 28, no. 1, pp. 75–105, 2004. DOI: 10.2307/25148625 H. Zang, H. Kim, and J. Kim, Blockchain-Based Decentralized Storage Design for Data Confidence Over Cloud-Native Edge Infrastructure, IEEE Access, vol. 12, pp. 50083–50099, 2024, doi: 10.1109/ ACCESS.2024.3383010. P. Ataei and D. Staegemann, Application of microservices patterns to big data systems, J. Big Data, vol. 10, no. 1, p. 56, May 2023, doi: 10.1186/s40537-023-00733–4. A. AbuHalimeh, Improving Data Quality in Clinical Research Informatics Tools, Front. Big Data, vol. 5, p. 871897, Apr. 2022, doi: 10.3389/fdata.2022.871897. C. Dwork and M. Minow, Distrust of Artificial Intelligence: Sources & Responses from Computer Science & Law, Daedalus, vol. 151, no. 2, pp. 309–321, May 2022, doi: 10.1162/daed_a_01918. R. Y. Wong, A. Chong, and R. C. Aspegren, Privacy Legislation as Business Risks: How GDPR and CCPA are Represented in Technology Companies’ Investment Risk Disclosures, Proc. ACM Hum.-Comput. Interact., vol. 7, no. CSCW1, pp. 1–26, Apr. 2023, doi: 10.1145/3579515. Althinayyan, T., & Alojail, M. (2024). Enhancing User Experience and Sustainability in Open Banking Using PLS-SEM. Sustainability, 16(22), 9656. C. Arora, M. Sabetzadeh, L. Briand, and F. Zimmer, Automated Extraction and Clustering of Requirements Glossary Terms, IEEE Trans. Softw. Eng., vol. 43, no. 10, pp. 918–945, Oct. 2017, doi: 10.1109/TSE.2016.2635134. T. P. Raptis, A. Passarella, and M. Conti, Distributed Data Access in Industrial Edge Networks, IEEE J. Sel. Areas Commun., vol. 38, no. 5, pp. 915–927, May 2020, doi: 10.1109/JSAC.2020.2980917. D. Johnson et al., ISA API: An open platform for interoperable life science experimental metadata, GigaScience, vol. 10, no. 9, p. giab060, Sept. 2021, doi: 10.1093/gigascience/giab060. F. Mostajabi, A. A. Safaei, and A. Sahafi, A Systematic Review of Data Models for the Big Data Problem, IEEE Access, vol. 9, pp. 128889– 128904, 2021, doi: 10.1109/ACCESS.2021.3112880. Dehghani, Z. Data Mesh: Delivering Data-Driven Value at Scale. O’Reilly Media, 2022. T. Van Eijk, I. Kumara, D. Di Nucci, D. A. Tamburri, and W.-J. Van Den Heuvel, Architectural Design Decisions for Self-Serve Data Platforms in Data Meshes, in 2024 IEEE 21st International Conference on Software Architecture (ICSA), Hyderabad, India: IEEE, June 2024, pp. 135–145. doi: 10.1109/ICSA59870.2024.00021. S. Neumaier, J. Umbrich, and A. Polleres, Automated Quality Assessment of Metadata across Open Data Portals, J. Data Inf. Qual., vol. 8, no. 1, pp. 1–29, Nov. 2016, doi: 10.1145/2964909. R. Girau et al., Definition and implementation of the Cloud Infrastructure for the integration of the Human Digital Twin in the Social Internet of Things, Comput. Netw., vol. 251, p. 110632, Sept. 2024, doi: 10.1016/j.comnet.2024.110632. A. Mahindrakar and K. P. Joshi, Automating GDPR Compliance using Policy Integrated Blockchain, in 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), Baltimore, MD, USA: IEEE, May 2020, pp. 86–93. doi: 10.1109/BigDataSecurity HPSC-IDS49724.2020.00026. T. H. Davenport, J. G. Harris, and R. Morison, Analytics at Work: Smarter Decisions, Better Results. Boston, MA: Harvard Business Press, 2010. K. Peffers, T. Tuunanen, M. A. Rothenberger, and S. Chatterjee, A Design Science Research Methodology for Information Systems Research, Journal of Management Information Systems, vol. 24, no. 3, pp. 45–77, 2007. DOI: 10.2753/MIS0742–1222240302 Adedoyin Tolulope Oyewole, Omotayo Bukola Adeoye, Wilhelmina Afua Addy, Chinwe Chinazo Okoye, Onyeka Chrisanctus Ofodile, and Chinonye Esther Ugochukwu, Promoting sustainability in finance with AI: A review of current practices and future potential, World J. Adv. Res. Rev., vol. 21, no. 3, pp. 590–607, Mar. 2024, doi: 10.30574/ wjarr.2024.21.3.0691. H. Buldeo Rai and L. Dablanc, Hunting for treasure: a systematic literature review on urban logistics and e-commerce data, Transp. Rev., v o l. 4 3, n o. 2, p p. 2 0 4–2 3 3, M a r. 2 0 2 3, d o i : 10.1080/01441647.2022.2082580. A. S. Wagner et al., FAIRly big: A framework for computationally reproducible processing of large-scale data, Sci. Data, vol. 9, no. 1, p. 80, Mar. 2022, doi: 10.1038/s41597-022-01163–2. D. Lis and B. Otto, Towards a Taxonomy of Ecosystem Data Governance, presented at the Hawaii International Conference on System Sciences, 2021. doi: 10.24251/HICSS.2021.733. I. Gupta, N. Singh, and A. K. Singh, Layer-based Privacy and Security Architecture for Cloud Data Sharing, J. Commun. Softw. Syst., vol. 15, no. 2, Apr. 2019, doi: 10.24138/jcomss.v15i2.617. J. Nogueras-Iso, J. Lacasta, M. A. Urena-Camara, and F. J. Ariza-Lopez, Quality of Metadata in Open Data Portals, IEEE Access, vol. 9, pp. 60364–60382, 2021, doi: 10.1109/ACCESS.2021.3073455. W. Hussain and O. Sohaib, Analysing Cloud QoS Prediction Approaches and Its Control Parameters: Considering Overall Accuracy and Freshness of a Dataset, IEEE Access, vol. 7, pp. 82649–82671, 2019, doi: 10.1109/ACCESS.2019.2923706. Courage Idemudia, Adebimpe Bolatito Ige, Victor Ibukun Adebayo, and Osemeike Gloria Eyieyien, Enhancing data quality through comprehensive governance: Methodologies, tools, and continuous improvement techniques, Comput. Sci. IT Res. J., vol. 5, no. 7, pp. 1680–1694, July 2024, doi: 10.51594/csitrj.v5i7.1352. T. Pusztai et al., SLO Script: A Novel Language for Implementing Complex Cloud-Native Elasticity-Driven SLOs, in 2021 IEEE International Conference on Web Services (ICWS), Chicago, IL, USA: IEEE, Sept. 2021, pp. 21–31. doi: 10.1109/ICWS53863.2021.00017. S. Nastic et al., SLOC: Service Level Objectives for Next Generation Cloud Computing, IEEE Internet Comput., vol. 24, no. 3, pp. 39–50, May 2020, doi: 10.1109/MIC.2020.2987739. A. Ismail, H.-L. Truong, and W. Kastner, Manufacturing process data analysis pipelines: a requirements analysis and survey, J. Big Data, vol. 6, no. 1, p. 1, Dec. 2019, doi: 10.1186/s40537-018-0162–3. Abraham, R., Schneider, J., & vom Brocke, J. (2019). Data governance: A conceptual framework, structured review, and research agenda. International Journal of Information Management, 49, 424–438. DOI: 10.1016/j.ijinfomgt.2019.07.008 DAMA International. (2017). DAMA-DMBOK: Data management body of knowledge (2nd ed.). Technics Publications. Fountaine, T., McCarthy, B., & Saleh, T. (2022). Building the AI-powered organization. Harvard Business Review, 97(4), 62–73. Ladley, J. (2019). Data governance: How organizations value and manage their data (2nd ed.). Academic Press. Machado, I. A., Costa, C., & Santos, M. Y. (2022). Data mesh: Concepts and principles of a paradigm shift in data architectures. Procedia Computer Science, 196, 263–271. DOI: 10.1016/j.procs.2021.12.026 Ransbotham, S., Khodabandeh, S., Fehling, R., LaFountain, B., & Kiron, D. (2020). Expanding AI's impact with organizational learning. MIT Sloan Management Review and Boston Consulting Group. Sambasivan, N., Kapania, S., Highfill, H., Akrong, D., Paritosh, P., & Aroyo, L. M. (2021). Everyone wants to do the model work, not the data work: Data cascades in high-stakes AI. Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems, 1–15. DOI: 10.1145/3411764.3445518 Additional Declarations The authors declare no competing interests. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-9623212","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":635087167,"identity":"a202af74-1269-4775-9b6e-9dcd26cb3f39","order_by":0,"name":"Pabitra Saikia","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAAz0lEQVRIiWNgGAWjYFACHoYDIIofRCQUEKsFpEeyAaTFgEgtYGsMwHYRo8Wc/ezBwx/32Nkbn1+d+OGBAYM8v9gB/Fose/ISDhx4lpy47cbbzRJAhxnOnJ2AX4vBgRyDAwcOMCeY3Ti7AaQlweA2IS3n34C01Nsbzzi7+QdxWm6AbTnMuIG/dxtxtljOeJdw4MyB44kzbvBus0gwkCDsF3P+3MMfKg5U2/P3n91880eFjTy/NCGHwVkSYJUS+JWjauE/QFj1KBgFo2AUjEwAAIkUTT+KcMtJAAAAAElFTkSuQmCC","orcid":"https://orcid.org/0009-0008-8709-8069","institution":"Truist Bank","correspondingAuthor":true,"prefix":"","firstName":"Pabitra","middleName":"","lastName":"Saikia","suffix":""}],"badges":[],"createdAt":"2026-05-06 00:31:52","currentVersionCode":1,"declarations":{"humanSubjects":false,"vertebrateSubjects":false,"conflictsOfInterestStatement":false,"humanSubjectEthicalGuidelines":false,"humanSubjectConsent":false,"humanSubjectClinicalTrial":false,"humanSubjectCaseReport":false,"vertebrateSubjectEthicalGuidelines":false},"doi":"10.21203/rs.3.rs-9623212/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-9623212/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":108674141,"identity":"c08d1e4e-e04a-4570-963a-d7b105ec63ef","added_by":"auto","created_at":"2026-05-07 08:13:59","extension":"png","order_by":1,"title":"Figure 1","display":"","copyAsset":false,"role":"figure","size":1830423,"visible":true,"origin":"","legend":"\u003cp\u003eUnnumbered image in the Results section.\u003c/p\u003e","description":"","filename":"floatimage1.png","url":"https://assets-eu.researchsquare.com/files/rs-9623212/v1/a0b2473d2b5e6286ea97587c.png"},{"id":108806163,"identity":"de1018b4-23ff-45b7-b2db-1c2c35943017","added_by":"auto","created_at":"2026-05-08 15:27:52","extension":"png","order_by":2,"title":"Figure 2","display":"","copyAsset":false,"role":"figure","size":828850,"visible":true,"origin":"","legend":"\u003cp\u003eUnnumbered image in the Results section.\u003c/p\u003e","description":"","filename":"Screenshot20260507134012.png","url":"https://assets-eu.researchsquare.com/files/rs-9623212/v1/da6ab8846efde4aef177c344.png"},{"id":108809691,"identity":"cd81948b-2989-404e-93f1-10b8bff14f80","added_by":"auto","created_at":"2026-05-08 15:55:03","extension":"pdf","order_by":0,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":2615013,"visible":true,"origin":"","legend":"","description":"","filename":"manuscript.pdf","url":"https://assets-eu.researchsquare.com/files/rs-9623212/v1/99d499b1-dd44-4458-9ca4-6795424b1b8a.pdf"}],"financialInterests":"The authors declare no competing interests.","formattedTitle":"\u003cp\u003e\u003cstrong\u003eFrom Data Chaos to AI Confidence: A Scalable Data Governance Architecture for AI-Driven Digital Platforms\u003c/strong\u003e\u003c/p\u003e","fulltext":[{"header":"1. Introduction","content":"\u003cp\u003e\u003cstrong\u003e1.1 The AI Paradox: Massive Investment, Uncertain Return\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eAI-related investments made by firms have reached an all-time high. Firms belonging to different sectors are employing ML models, predictive analytics tools, and decision engines in a big way. Nevertheless, the problem remains that even after such substantial investments, many AI projects do not yield any tangible benefits for businesses [35], [32]. Projects often stall, models deteriorate in production, and executive confidence wanes.\u003c/p\u003e\n\u003cp\u003eThis paper looks at the main cause of AI underperformance: the lack of strong, scalable data governance. We argue that \u003cem\u003edata governance is not an afterthought in AI strategy, it is essential\u003c/em\u003e. Without governed data, AI outputs are unreliable, unexplainable, and ultimately untrustworthy.\u003c/p\u003e\n\u003cp\u003eData-driven insight is positioned as the primary currency of competitive advantage in this age of digital commerce transformation. \u0026nbsp;Every online interaction, clicks, page views, cart actions, purchases, product reviews, and customer support interactions, generates a valuable data point revealing patterns of consumer behavior, operational efficiency, and market dynamics. When this information is collected and analyzed, it uncovers powerful insights into customer behavior, operations, and market trends. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eBy embracing digitalization, every click, view, addition to cart, purchase, rating, and service request becomes a critical piece of information that provides insight into consumer trends, performance metrics, and overall market forces. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eHowever, the very nature of the modern enterprise ecosystem - characterized by architectural decentralization, polyglot technology stacks, global operational scale, and rapid business evolution - makes it a particularly fertile environment for what we term \u0026quot;Data Chaos.\u0026quot; This represents a systemic breakdown in data management that manifests across multiple dimensions of the organization and creates compounding negative effects on business operations, analytical capabilities, and strategic decision-making [2]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e1.2 Scope and Contribution\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThis paper makes three main contributions to information systems literature. To begin with, it redefines \u003cem\u003edata governance not as a means of ensuring compliance but as a key capability enabling the development of artificial intelligence capabilities\u003c/em\u003e. Secondly, it presents a management approach based on \u003cem\u003efederated ownership, automation, and data products\u0026nbsp;\u003c/em\u003eapproach which is geared towards scalability in light of increasing complexity in AI capabilities. Finally, it provides actionable guidance on how to\u003cem\u003e\u0026nbsp;implement such an approach in information systems\u003c/em\u003e.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe rest of the paper is organized as follows. Section 2 describes the data chaos problem and its effects on AI systems. Section 3 critiques traditional governance approaches. The proposed framework is presented in Section 4. The critical governance competencies are described in Section 5. The managerial decision-making considerations are addressed in Section 6. The implementation approach is detailed in Section 7.\u003c/p\u003e"},{"header":"2. Materials and Methods","content":"\u003cp\u003e\u003cstrong\u003e2.1 RESEARCH APPROACH\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe proposed research uses a design science research (DSR) methodology, along with a structured review of existing literature, to create and describe a scalable federated data governance model for AI-enabled digital platforms. Design science research is particularly suitable for this work because the primary objective is to create and prescribe an adaptive managerial artifact, an integrated governance framework comprising principles, capabilities, and an implementation roadmap, that addresses a significant real-world problem (data chaos undermining AI initiatives) while contributing to IS management knowledge.\u003c/p\u003e\n\u003cp\u003eFollowing the DSR guidelines proposed by Hevner et al. [1] and Peffers et al. [18], the research process consisted of the following iterative activities:\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e1.\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;Problem Identification and Motivation\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eOur study starts with clearly defining what we consider the \u0026quot;AI paradox\u0026quot;, the significant financial investments organizations make into AI technology without any clear benefits largely because of the poor data governance underlying such initiatives. As a result of a thorough analysis of the industry reports, scientific publications about problems associated with data management failures (e.g., [33], [36]), and real-world issues emerging from large-scale data ecosystems (such as growing numbers of data silos, inconsistency, loss of data trust, potential violations of regulations, and lack of innovation), we have concluded that the \u0026quot;data chaos\u0026quot; issue represents the key obstacle..\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e0.\u0026nbsp; \u0026nbsp; \u0026nbsp;\u0026nbsp;Objectives of the Solution\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe goals for the solution were to:\u003c/p\u003e\n\u003cp\u003e(a) shift the focus on data governance from being seen as a burden for compliance to an enabler for successful AI initiatives;\u003c/p\u003e\n\u003cp\u003e(b) develop a \u003cem\u003efederated governance\u0026nbsp;\u003c/em\u003estructure that is scalable, based on Data Mesh concepts, \u003cem\u003epolicy as code\u003c/em\u003e, and treating \u003cem\u003edata as products;\u003c/em\u003e and\u003c/p\u003e\n\u003cp\u003e(c) give practical guidance for implementation, such as a 24-month roadmap.\u003c/p\u003e\n\u003cp\u003eThese objectives explicitly target the research gaps in scalability, agility, and AI-readiness of existing governance approaches in dynamic modern enterprises.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e0.\u0026nbsp; \u0026nbsp; \u0026nbsp;\u0026nbsp;Design and Development of the Artifact\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe core artifact, the managerial framework for AI-ready data governance, was developed through an iterative process of integrative literature synthesis and refinement. The research process included the review of key literature on data governance fundamentals (such as the DAMA-DMBOK approach), Data Mesh philosophy [12], practice of policy-as-code, and relevant case studies on difficulties with AI deployment. Core ideas from these papers were combined and elaborated by adding an additional layer for AI governance that involved specific considerations regarding feature semantics, explainable lineage, and alignment with new regulation guidelines like the upcoming EU AI Act.\u003c/p\u003e\n\u003cp\u003eThe resulting framework relied on the synergy of three underlying principles: \u003cem\u003e\u0026quot;Federated Ownership with Centralized Standards\u0026quot;, \u0026quot;Automation as a Scaling Approach\u0026quot;, and \u0026quot;Data as a Product\u0026quot;\u0026nbsp;\u003c/em\u003eand was operationalized by means of four core capabilities: Discoverability \u0026amp; Understandability, Quality \u0026amp; Reliability, Security/Privacy/Access Control, and Interoperability \u0026amp; Standardization.\u003c/p\u003e\n\u003cp\u003eService level objectives (SLOs), metadata requirements, canonical data models, and the phased implementation roadmap emerged from mapping governance requirements against the specific demands of AI systems in high-velocity operations.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e0.\u0026nbsp; \u0026nbsp; \u0026nbsp;\u0026nbsp;Demonstration and Evaluation\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe framework is demonstrated through its application to the diagnosed manifestations of data chaos in today\u0026rsquo;s enterprises. Evaluation draws on multiple forms of evidence:\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eTheoretical evaluation\u003c/strong\u003e via alignment with established IS theories and frameworks (e.g., data product thinking, federated computational governance).\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eValidation by practitioners\u003c/strong\u003e based on the authors\u0026apos; analysis of industry practice, experience with implementation on digital platforms, and outcomes reported by organizations using a similar decentralized governance approach (e.g., improvement in data quality measures, savings in data preparation time, accelerated deployment of AI initiatives, and increased compliance readiness).\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eThe qualitative and quantitative metrics\u003c/strong\u003e discussed in the literature and case studies include the amount of time spent by data scientists on wrangling (prior to governance) compared to increased efficiency and trust after deployment, minimized reconciliations, and minimized compliance risks.\u003c/p\u003e\n\u003cp\u003eWhile a full-scale empirical validation across multiple organizations lies beyond the scope of this conceptual paper, the framework\u0026rsquo;s components were iteratively refined against known failure modes of traditional governance and success patterns from Data Mesh adoptions. Future empirical studies can further test the framework through longitudinal case studies or action research.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e0.\u0026nbsp; \u0026nbsp; \u0026nbsp;\u0026nbsp;Communication\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe outcomes of the design process are conveyed via this paper in a manner that is comprehensible to both the IS researcher and practitioner communities. The theoretical underpinning, principles, capabilities, management decisions, and implementation steps are articulated in a way that makes sense, provides practical examples, and gives guidance for action.\u003c/p\u003e\n\u003cp\u003eThis mixed methodology approach guarantees that rigour is achieved via structured literature grounding whilst at the same time ensuring the relevance of the model to information systems management practice. Through the inclusion of the development process, we can overcome some of the shortcomings associated with pure proposition.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.2. THE DATA CHAOS PROBLEM\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.2.1 Defining Data Chaos\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe term \u0026quot;data chaos\u0026quot; describes a systemic condition in which enterprise data is simultaneously abundant and unusable, voluminous yet fragmented, accessible yet unreliable, stored yet ungoverned. Data chaos is not an anomaly; it is the default state of most large organizations operating across distributed digital systems [33].\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.2.2 Manifestations of Data Chaos\u003c/strong\u003e\u003cem\u003e\u0026nbsp;\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eData Chaos in modern enterprises exhibits several characteristic manifestations that collectively undermine organizational data capabilities: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eProliferating Data Silos:\u003c/strong\u003e Data gets trapped within the functional boundaries in organizations, for example, marketing, sales, logistics operations, finance, customer service units, each maintaining independent data repositories with proprietary definitions, heterogeneous storage solutions, incompatible data formats, and restrictive access protocols. Besides, Digital systems architecture often relies on a microservices architecture that constantly generates new, siloed data sources. This architectural fragmentation prevents the holistic, cross-functional data integration necessary for comprehensive business insights and creates redundant data storage with inconsistent update patterns [3]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eCrippling Data Inconsistency:\u0026nbsp;\u003c/strong\u003eCritical business metrics become subject to conflicting definitions and calculation methodologies across different organizational units. Without federated guardrails, domains may define data differently, impeding interoperability and leading to divergent reports, endless reconciliation meetings, executive paralysis in decision-making, and erosion of confidence in data-driven insights. This inconsistency extends beyond definitions to include temporal misalignment, where different systems update at different frequencies, creating temporal data quality issues [4]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eSystematic Erosion of Data Trust:\u0026nbsp;\u003c/strong\u003eWhen business users cannot independently verify the provenance, lineage,\u0026nbsp;or quality characteristics of a dataset, they rationally default to a position of distrust. This results in reversion to manual, spreadsheet-based processes despite available automated alternatives. Decision-making based primarily on intuition and experience rather than current evidence exposes IT systems to the creation of unofficial data marts and, ultimately, to the underutilization of expensive data infrastructure investments [5].\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eEscalating Compliance and Security Risks:\u0026nbsp;\u003c/strong\u003e Comprehensive data privacy regulations including the \u0026nbsp;European Union\u0026apos;s General Data Protection Regulation \u0026nbsp;(GDPR), the California Consumer Privacy Act \u0026nbsp;(CCPA), Brazil\u0026apos;s Lei Geral de Prote\u0026ccedil;\u0026atilde;o de Dados \u0026nbsp;(LGPD), and numerous other regional and national frameworks impose strict, legally binding requirements on the collection, processing, storage, and deletion of personal data. In a state of Data Chaos, where data flows are poorly documented, lineage is unknown, and classification is inconsistent, compliance becomes a reactive, resource-intensive, high-risk endeavor characterized by expensive manual audits, elevated breach risks, and potential regulatory penalties that can reach millions of dollars [6].\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eSystematically Impeded Innovation:\u0026nbsp;\u003c/strong\u003eAdvanced analytics initiatives, sophisticated machine learning models, and real-time decisioning systems exhibit an absolute dependency on clean, reliable, well-documented, and readily accessible data. Data Chaos at the foundational data layer inevitably translates into project failure at the analytical and model-deployment layers. Data scientists report spending 70-80% of their time on \u0026quot;data wrangling\u0026quot;, cleaning, standardizing, joining, and correcting data, rather than on actual model development, feature engineering, and algorithmic innovation [7].\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.2.3. The Inadequacy of Traditional Governance Approaches\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe rapid rise in the use of data across enterprises has brought a paradigm shift in the way organizations handle, process, and use data. \u0026nbsp;The more hierarchical structures typical of the data governance regime, which tend to use centralized structures, are impractical in dealing with the challenges posed by the enterprise data environment [8]. \u0026nbsp;The traditional approaches exhibit several critical limitations, \u0026nbsp;like slow operation for the velocity requirements of business cycles, bureaucratic overhead that frustrates business users, inability to scale the centralized resources to match the exponential growth in volume and variety; and conceptualization of data as a passive IT asset to be controlled and restricted, rather than as an active product to be curated, enhanced, and broadly consumed across the organization [9]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.2.4. Research Gap and Objectives\u0026nbsp;\u003c/strong\u003e\u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThis research aims to bridge the disconnect between theory and practice in data governance, especially when it comes to scalability and agility. According to this study, the sustainable journey from data disorder to data trust will only be possible through adopting a data governance approach that is scalable and has an agile architecture. Such a framework must enable and accelerate, rather than inhibit, data discovery, access, and utilization while simultaneously ensuring quality, security, privacy, and regulatory compliance. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Diagnose the specific technical and organizational manifestations of data chaos in a large-scale operational context. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Propose a comprehensive, scalable, federated governance blueprint architecturally grounded in Data Mesh paradigm principles. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Detail the 24-month implementation journey, highlighting the critical interplay between technology enablement (particularly policy-as-code automation) \u0026nbsp;and organizational change management. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Evaluate framework effectiveness through extensive quantitative and qualitative evidence of measurable impact on real-world business operations and analytical capabilities. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Extract and formalize generalized principles, critical success factors, and actionable lessons learned for other enterprises embarking on similar governance transformation initiatives. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.3. LITERATURE REVIEW AND THEORETICAL FOUNDATION \u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eA. Foundational Data Governance Concepts \u0026nbsp;\u0026nbsp;\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eContemporary DG involves a set of integrated responsibilities, ranging from data quality management to models of ownership and privacy, as well as near-real-time responses to regulatory pressures, such as the GDPR and CCPA, and other business demands [6]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eData governance is described in literature as the exercise of power and collective decision-making in the planning, management, and control of data within an organizational setting. According to foundational literature, there are three basic functional components of these programs: \u003cstrong\u003ePeople\u003c/strong\u003e, that is, roles, responsibilities, decision rights, and accountability; \u003cstrong\u003eProcess\u003c/strong\u003e, which comprises workflow, procedures, standards, and compliance; and finally, \u003cstrong\u003eTechnology\u003c/strong\u003e, which includes the platform or environment, tools, and automation that make these processes work smoothly. As far as the strategic objectives of data governance are concerned, they are universally recognized as being the achievement of data quality, data security, privacy, and compliance and finally maximizing the value of organizational data resources.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe Data Management Body of Knowledge (DMBOK) model, as proposed by DAMA International, captures the eleven breadth knowledge topics in the domain of data governance, ranging from data architecture/modeling to data quality management, master data management, reference data management, data warehousing, business intelligence, metadata management, and security. While the model has the potential to serve as a theory, there remain many uncertainties regarding best practices for its implementation [10]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eB. The Scalability Crisis in Traditional Governance \u0026nbsp;\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe architectural centralization of traditional governance models fundamentally fails in operational environments characterized by exponential growth in data volume, accelerating velocity of data generation, and expanding variety of data types and sources - all of which are defining characteristics of modern enterprise ecosystems. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe resource constraints are mathematical: a central team of 10-15 governance specialists cannot possibly maintain detailed knowledge of, provide responsive service for, and ensure quality across thousands of datasets spanning dozens of distinct business domains. The result is either governance coverage that is superficial and ineffective or governance processes that become bottlenecks, causing unacceptable delays in data access and analytics project timelines [11]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eC. The Emergence of Decentralized Governance Paradigms \u0026nbsp;\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eData Mesh, a conceptual framework introduced and extensively elaborated by Zhamak Dehghani at Thoughtworks, proposes a fundamental paradigm shift in both architectural thinking and organizational structure for data platforms [12]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe Data Mesh framework rests on four foundational principles: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eDomain-Oriented Decentralized Data Ownership\u003c/strong\u003e: Data ownership and operational responsibility are systematically shifted from a centralized data team to the distributed business domains that are organizationally closest to the data\u0026apos;s point of origin and possess the deepest subject matter expertise [13]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eData as a Product\u003c/strong\u003e: Each business domain is held accountable for treating its data outputs as formal \u0026quot;products\u0026quot; with defined consumers, quality guarantees, service-level objectives, and product-management discipline. These include ensuring data cataloging for discoverability, quality validation and management, security, and business continuity via proper access controls, and, finally, ensuring interoperability through standard interfaces and schematics [14]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eSelf-Serve Data Infrastructure as a Platform\u003c/strong\u003e: A \u0026nbsp;centralized platform engineering team provides and maintains an underlying infrastructure platform that abstracts away technical complexity and makes it feasible for domain teams - who are primarily domain experts rather than data engineering specialists to efficiently build, publish, govern, and maintain their data products without requiring deep specialized expertise in distributed systems, data storage technologies, or data pipeline orchestration [15]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eFederated Computational Governance\u003c/strong\u003e: Federated governance is organized by a cross-functional council and establishes global standards, policies, and interoperability rules to ensure organizational consistency. More importantly, though, is how these policies are enforced, automatically and computationally, i.e., directly within and implemented via the self-serve infrastructure platform versus manually and procedurally. This is what enables scaling while retaining ownership within a decentralized domain [5]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eD. The Critical Role of Policy as Code \u0026nbsp;\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe practical mechanism enabling federated computational governance is the concept of \u0026quot;policy-as-code\u0026quot;, where governance rules, quality standards, and compliance requirements are defined not in policy documents or procedural manuals, but in machine-executable code that can be automatically enforced at scale. Data governance automation, \u0026nbsp;encoding policy enforcement (including data quality validation checks, personally identifiable information (PII) masking rules, \u0026nbsp;data retention policies, and access control enforcement) is not merely an efficiency optimization but rather represents the only technically feasible approach to governing data at the speed and scale characteristic of modern data platforms handling petabytes of data across thousands of data pipelines [16]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u003cem\u003eE. Analytical Competition \u0026nbsp;\u003c/em\u003e\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eResearch by Davenport, Harris, and Morison demonstrates that companies competing on analytics, a defining competitive strategy for successful enterprises require a high degree of data democratization, where analytical capabilities and data access are distributed broadly across the organization rather than concentrated in specialized analytics teams [17]. Scalable Data Governance enables this strategic level of democratization and provides the necessary technical infrastructure to allow widespread access to and utilization of data without falling into the abyss of poor-quality data outcomes, breaches, and violations. \u0026nbsp;The organizations that fail to govern their data at the speed at which business is performed are left with a choice between having governance and having agility. They often forego governance processes when time is imperative, thus generating precisely what they sought to avoid: chaos. \u0026nbsp;\u003c/p\u003e"},{"header":"3. Results","content":"\u003cp\u003e\u003cstrong\u003e3.1. A MANAGERIAL FRAMEWORK FOR AI-READY DATA GOVERNANCE\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eStrategic Foundation: Principles Before Platforms\u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eOrganizations need to decide between starting their governance framework development with strategic planning or technological implementation. The industry has experienced multiple governance program failures because \u003cem\u003eorganizations that buy expensive tools before defining their strategic direction\u0026nbsp;\u003c/em\u003ewill experience system failure. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe recommended method reverses the standard approach. \u0026nbsp;The process needs to \u003cem\u003estart with strategic design sessions, which bring together cross-functional leadership teams to resolve fundamental business governance questions\u003c/em\u003e. The organization needs to determine what governance excellence looks like for its operations, establish ownership roles, find an equilibrium between control measures and fast decision-making, and identify which processes need automation and which require human intervention [19].\u0026nbsp;\u003c/p\u003e\n\u003cp\u003eBased on these foundational discussions, we propose a governance framework organized around three mutually reinforcing principles. These principles are interdependent and amplify each other\u0026rsquo;s.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.1.1 Principle I: Federated Ownership with Centralized Standards\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe foundational structural decision in AI-ready governance is the allocation of data ownership. We argue for a federated model in which business domains own their data, including its quality, documentation, and fitness for use\u0026mdash;while a central governance function establishes and enforces cross-domain standards for interoperability, security, and compliance.\u003c/p\u003e\n\u003cp\u003eThis structure resolves the governance paradox by distributing accountability to the level where data is best understood, the domain, while preventing the proliferation of incompatible local conventions that make cross-domain AI impossible. Domain ownership means that the team generating the data is also responsible for its quality and documentation. Central standards mean that data produced independently across domains can be integrated without translation overhead.\u003c/p\u003e\n\u003cp\u003eA federated system allows domain teams to take ownership of their data products because they possess a deep understanding of their data assets and business requirements. Lack of coordination among the federated systems causes a complete failure of the system. The main function of the governance should come up with standardized processes that have data classification, privacy process, data interoperability, and quality performance metrics. Each domain works on its own within specific boundaries; hence, it can find its data resources and be connected to the company [20]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe federated approach borrows from the data mesh framework described by Dehghani [12] but enhances it with a clear AI governance aspect whereby the domains should not only be capable of delivering high-quality data but also describing it in ways that can be understood by AI technologies.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.1.2 Principle II: Automation as a Governance Scaling Mechanism\u003c/strong\u003e:\u003c/p\u003e\n\u003cp\u003eThe current manual governance systems do not have the capacity to handle increasing workloads. \u0026nbsp;The growing amount of data and different types of information create linear processing delays in human-based approval systems. A policy that requires human verification for all data access requests works properly with 50 monthly requests but fails entirely with 500 requests per month. Therefore, organizations must embed governance in code, so that quality checks, access controls, and compliance requirements are enforced automatically at the point of data creation and transformation rather than as post-hoc manual reviews. Data pipelines should perform automated execution of data quality validations, access control policies, privacy protections, retention rules, and compliance checks instead of relying on procedural documentation and human intervention [21]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThere are two major benefits to adopting such a method in artificial intelligence ecosystems. One is that it avoids the time gap that exists in manual systems from the creation of the policy to enforcing it. Another is that it generates machine-readable audit trails that satisfy the explainability requirement that regulators like the EU AI Act require.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.1.3 Principle III: Data as a Product\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eBusiness operations generate data, which traditional methods treat as an unimportant database accumulation from transactions and processes. The current approach to data management results in poor-quality information with inconsistent meaning because data exists mainly to support operational systems instead of analytical users who require it. Organizations need to transform their data management operations through the adoption of the product mindset. Each domain needs to handle its output data through product management, which includes consumer identification, quality standards, documentation, and active product life cycle control. \u0026nbsp;Data product owners need to understand consumer needs because they handle data products in the same way product managers handle customer requirements for their teams [22]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe data product concept [12], [34] has direct implications for AI development. When data is managed as a product, AI teams can discover, evaluate, and consume it with confidence that it has been validated for specific use cases, that its limitations are documented, and that it will be maintained over time. This contrasts sharply with the current reality in most organizations, where AI teams must independently assess the quality and appropriateness of data they discover, a process that is time-consuming, inconsistent, and frequently wrong.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.2. CORE GOVERNANCE CAPABILITIES FOR AI SUCCESS\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe three principles of the framework must be operationalized through four governance capabilities. These capabilities address the specific requirements that AI systems impose on data environments.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e1) Pillar 1 - Discoverability and understandability:\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe first pillar ensures that data assets across the organization are easy to find. The first pillar also ensures that data assets are easy to understand and easy to access for authorized users. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eOrganizations need to build data catalog capabilities that offer AI teams semantic transparency, both about the existence of data and its meaning. For this, organizations need to have consistent business glossaries that can be mapped to data assets, data lineage that tracks how the data was generated and where it is consumed, data classification based on sensitivity and usage rights, and ownership information that facilitates consumer-producer communication.\u003c/p\u003e\n\u003cp\u003eThis is because semantic transparency is especially important in cases where enterprise data will be used to fine-tune or augment any large language model or other foundation models. This is mainly because there will need to be a proper documentation of the data that will be utilized for the process.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ea) \u003cstrong\u003eMandatory Metadata Requirements:\u003c/strong\u003e\u0026nbsp;\u003c/em\u003eEvery data asset that the organization publishes must have metadata. \u0026nbsp;Metadata must span both business and technical dimensions [23]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBusiness Metadata: \u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e● Human-readable description explaining what the data represents \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Business glossary term mappings connecting data to standard terminology \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Identified business owner and technical owner with contact information \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Designated data domain for organizational context \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Sensitivity classification indicating protection requirements \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Define the business purpose that explains why the data exists\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eTechnical Metadata:\u0026nbsp;\u003c/strong\u003e\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Schema information (fields, data types, constraints) \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Data lineage showing source systems and transformation logic \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Refresh frequency and latency characteristics \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Data volume and growth trends \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Quality metrics and service level indicators \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Access protocols and query patterns \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Dependencies on upstream systems \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eb) \u003cstrong\u003eUnified Data Catalog Implementation:\u003c/strong\u003e\u0026nbsp;\u003c/em\u003eA central data catalog platform functions as the official repository, which provides complete data discovery capabilities. Organizations need to evaluate catalog solutions based on \u0026nbsp;the following factors [24]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● The system needs flexible operation because it requires performing metadata management functions. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● The system requires an automatic data source detection system that displays all connected data paths. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● The system needs workflow capabilities to perform metadata maintenance operations. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● The system requires complete integration with all existing data platforms through its existing integration features. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● The system requires an efficient method that enables users to perform data searches and discovery operations. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Total cost of ownership \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ec) \u003cstrong\u003eData Product Service Level Objectives:\u003c/strong\u003e\u0026nbsp;\u003c/em\u003eEvery Domain team needs to create Service Level Objectives (SLOs), which define essential quality characteristics and establish tracking systems for their data product releases. \u0026nbsp;The following SLOs must be included as minimum requirements for each data product: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Freshness: The maximum time period\u0026nbsp;between source event occurrence and data\u0026nbsp;readiness must be specified through\u0026nbsp;freshness SLOs (e.g., \u0026quot;orders become available within 15 minutes after transaction completion\u0026quot;) [25]\u003c/p\u003e\n\u003cp\u003e● Completeness: The minimum acceptable value for required fields needs to be defined through completeness SLOs, which state that customer email information should exist in more than 99% of all records [26]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Accuracy: The system needs to run validation rules perpetually because accuracy SLOs demand this (e.g., \u0026quot;the order amount must match the total value of line items with a difference of no more than $0.01\u0026quot;) [27]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Availability: The system must maintain at least 99.5% operational availability during business hours according to availability Service Level Objectives (SLOs) [28]. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e2) Pillar 2 - Quality and Reliability:\u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eOrganizations need to create methods that check and validate extensive data sets according to the second pillar. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ea) Domain Owned Quality Rules:\u0026nbsp;\u003c/em\u003eDomain stewards who understand their subject matter best should create official quality standards that apply to their particular domain areas. \u0026nbsp;A centralized team cannot establish valid product SKU formats, customer lifetime value calculation business rules, and logistics shipment date requirements, which are essential for order fulfillment. Quality rules need to exist in formats that machines can execute automatically. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003eThe following examples demonstrate quality rule definitions [26]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● The system follows format rules that check email addresses against regex patterns and postal codes against their respective national standards. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● The system keeps product prices within defined boundaries, and dates remain within acceptable timeframes. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Referential integrity: Foreign keys reference existing records in related tables \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Business logic: Order total equals the sum of line items plus tax minus discounts \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Statistical rule: Daily transaction volume falls within 3 standard deviations of the historical mean. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eb) Automatic Quality Validation:\u0026nbsp;\u003c/em\u003eThe data platform infrastructure needs to run quality rule checks automatically throughout different stages of data processing [29]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● At ingestion: The platform requires source data quality validation before it can start processing new data entries. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● During transformation: The transformation process needs to preserve or enhance data quality standards. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● At publication: The system requires verification of Service Level Objectives fulfillment for published data products before making them available to consumers.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3) Pillar 3 - Security, Privacy, and Access Control:\u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eAI systems process data at a scale and depth that amplifies the consequences of security and privacy failures. A model trained on improperly anonymized data may memorize and expose personally identifiable information. A model with excessive data access may enable inference attacks. An AI system trained on biased historical data may perpetuate or amplify discriminatory patterns.\u003c/p\u003e\n\u003cp\u003eGovernance frameworks for AI-driven organizations must address these risks explicitly. Specifically, limitations on purposes have to be considered to limit the use of AI in training only to datasets where explicit consent or justifiable basis has been established, privacy through differential privacy and federated learning in sensitive fields, bias detection and reduction during the model design phase, and auditing capabilities.\u003c/p\u003e\n\u003cp\u003eResponsible AI governance is increasingly a legal requirement rather than an ethical aspiration. The EU AI Act, the NIST AI Risk Management Framework, and sector-specific regulations impose specific requirements on the data practices underlying high-risk AI systems. Organizations that have invested in governance infrastructure are substantially better positioned to demonstrate compliance than those managing data reactively.\u003c/p\u003e\n\u003cp\u003eThe third pillar contains vital data security requirements, which consist of privacy protection and authorized access control systems.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ea) \u003cstrong\u003eComprehensive Data Classification:\u003c/strong\u003e\u0026nbsp;\u003c/em\u003eA standardized classification system needs to become mandatory for all data assets, while organizations must enforce it strictly. The recommended classification system consists of four distinct levels, which include [23]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003ePublic Data:\u003c/strong\u003e The organization can freely distribute this information because it contains no sensitive data (e.g., product catalogs and published marketing materials) \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eInternal Data:\u0026nbsp;\u003c/strong\u003eThe organization uses this data for internal operations, but it lacks specific security requirements (e.g., combined sales statistics and operational performance dashboards)\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eConfidential Data:\u0026nbsp;\u003c/strong\u003eThe organization needs to limit access to this business-critical information, which includes pricing strategies, supplier contracts, and financial projections. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eRestricted Data:\u0026nbsp;\u003c/strong\u003eThe organization must protect all sensitive information, which includes personally identifiable information (PII), protected health information (PHI), payment card data, and all other data that requires complete security protection. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eb) Policy-as-code for Automated Enforcement:\u0026nbsp;\u003c/em\u003eA standardized classification Security and privacy governance at a large scale needs complete automated policy enforcement through code-based policy definitions. The implementation process requires three essential elements to achieve its target success [16]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eGlobal Policy Definition:\u003c/strong\u003e The Governance Council develops business-friendly policies that are converted into operational code definitions. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003ePolicy Engine Integration:\u003c/strong\u003e The policy engine operates as a computational system that runs automated policy evaluations during runtime operations while connected to data pipelines and access workflows. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eAutomated Compliance Controls:\u003c/strong\u003e The system runs automated compliance controls that perform essential security tasks independently through operations that include PII masking in non-production environments, policy-driven data retention with automated deletion schedules, encryption of sensitive data, restrictions on international data transfer, and time-bound access permissions that expire automatically. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● \u003cstrong\u003eSelf-Service Access Management:\u003c/strong\u003e The data catalog requires self-service access management functionality, which connects identity and access management systems to enable users to obtain access through automated processes instead of using manual tickets or unstructured approvals. Users find their required data products through discovery before they initiate access requests for professional reasons, which get processed through automated approval pathways to their assigned Data Owners. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e4) Pillar 4 - Interoperability and Standardization:\u0026nbsp;\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eEnterprise AI creates a demand for data integration at a scale that exposes the cost of definitional inconsistency. When a churn prediction model must integrate customer data from CRM, behavioral data from analytics platforms, and transaction data from financial systems, incompatible definitions and schemas impose translation costs that accumulate across every model trained and every insight produced.\u003c/p\u003e\n\u003cp\u003eOrganizations must invest in enterprise data models and shared semantic layers that enable cross-domain AI without bespoke integration work for every use case. This is not a new insight, canonical data model that have been advocated in the IS literature for decades, but the AI context makes the business case more urgent and the cost of neglect more visible.\u003c/p\u003e\n\u003cp\u003eThe fourth pillar enables data integration and cross-domain analytics through strategic standardization methods.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ea) Comprehensive Data Classification:\u0026nbsp;\u003c/em\u003eThe Governance Council needs to develop standardized data models that will function as unified reference points for vital shared data entities. Organizations need to implement these standard data models for their operations [16]:\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Customer: The customer data model needs to include non-changeable fields that establish customer identity, store contact information, preference data, and demographic details. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Product: The product data model needs to include established fields that use product identifiers, categories, attributes, and price information to identify products. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Order: The order data model requires predefined fields to store transaction details, individual order items, and their current delivery status. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Location: The location data model needs specific fields to store facility details, address information, and geographic organizational structures. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Organization: The organization data model needs to include predefined fields that identify business entities together with their connections to vendors and partners.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eb) API and Interface Standards:\u0026nbsp;\u003c/em\u003eThe development of interface standards for data products will create consistent interfaces that enable interoperability between systems [10]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Query Patterns: The system requires standardized data access methods, including SQL, REST APIs, and GraphQL interfaces. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Authentication: The system needs an authentication system that serves as the access point for all users. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Data Formats: The system requires standardized formats for batch data serialization through Parquet and Avro and for streaming data through JSON and Protocol Buffers. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Schema Evolution: The system needs to follow versioning rules and maintain backward compatibility when modifying schema structures. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Error Handling: The system should use standardized error codes together with uniform error messages. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cem\u003ec) Shared Business Glossary:\u0026nbsp;\u003c/em\u003eA business glossary located in one place defines official meanings for essential business terminology. The glossary requires inclusion of the following information [8]: \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Business Terms: The glossary should contain official definitions for Active Customer, Gross Merchandise Volume, Product Category, and other essential business terms. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Calculation Logic: The glossary requires full mathematical formulas that demonstrate the calculation methods for Customer Lifetime Value and Inventory Turnover. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Relationships: The glossary should show how different terms connect. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Synonyms: The glossary should show which alternative terms refer to the established definitions. \u0026nbsp;\u003c/p\u003e\n\u003cp\u003e● Data Lineage: The glossary requires demonstration of business term connections to specific data catalog assets, which store vital data information.\u0026nbsp;\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.3. MANAGERIAL DECISION POINTS\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eImplementing AI-ready governance requires a series of consequential leadership decisions. We identify four decision points that determine the effectiveness and sustainability of the governance transformation.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.3.1 Governance Structure: Centralized vs. Federated\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe choice of governance structure, centralized versus federated, is not only an architectural one, but also based on organizational assumptions about who holds the necessary knowledge regarding the data and what balance needs to be struck between centralization and agility.\u003c/p\u003e\n\u003cp\u003eA fully centralized approach provides consistency but cannot scale and tends to lack the necessary knowledge to make sophisticated quality assessments. A fully decentralized approach maintains autonomy but generates fragmentation that will rule out AI at the corporate level. The federated governance framework proposed in this paper is a sensible compromise, but it requires clear delineation of the line between standards that must be universally followed (for example, security classification, privacy measures, minimum quality levels for regulated data) and those that are subject to variation by domain (documentation style, internal quality measurements).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.3.2 Automation vs. Human Judgment\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003ePolicy-as-code is an effective scale-up tool for governance, but there are some types of governance decisions for which automation is not ideal. It can be a moral decision about the suitability of certain data usage; it could also be a decision on whether or not the performance of the model meets the required standards in the relevant governance scenario, or whether an exception to governance is justified in a certain situation.\u003c/p\u003e\n\u003cp\u003eLeaders should have clear criteria on what decisions will be automated and what will involve human intervention and avoid any temptations to automate governance processes just because this is technically possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.3.3 Investment Sequencing\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eOrganizations will not always be able to invest in all governance capabilities at once. The ordering of investment choices carries considerable ramifications in the context of AI. We would advise prioritizing investments in the following order, given their impact on AI outcomes:\u003c/p\u003e\n\u003cp\u003e● Data quality management (automatic validation, quality assurance, remediation processes): Absent high-quality data, any other investments in governance result in low-quality AI outcomes.\u003c/p\u003e\n\u003cp\u003e● Data catalog and discovery (semantic documentation, provenance tracking, ownership designation): Absent discoverable data, AI developers cannot discover relevant training datasets, thus wasting time in the discovery process and misusing data.\u003c/p\u003e\n\u003cp\u003e● Access management and security policies: Absent access controls, an organization risks legal liability that could stop AI implementation altogether.\u003c/p\u003e\n\u003cp\u003e● Interoperability and semantic standardization: Once quality, discoverability, and security are established, investment in semantic standardization unlocks cross-domain AI capabilities at scale.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e\u0026nbsp;3.3.4 Governance as Organizational Culture\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eTechnical governance infrastructure is necessary but insufficient. Data governance fails when it is perceived by data producers and consumers as an external imposition rather than a shared organizational value. Building governance culture requires executive sponsorship that signals governance as a strategic priority, incentive structures that reward data quality alongside productivity metrics, training programs that build governance literacy across technical and business roles, and governance communities of practice that enable peer learning and norm reinforcement.\u003c/p\u003e\n\u003cp\u003eOrganizations that have successfully embedded governance culture report that the marginal cost of compliance decreases over time as governance behaviors become habitual rather than effortful [31]. This cultural dimension is often underweighted in governance transformation programs that focus exclusively on technology and process.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.4. IMPLEMENTATION ROADMAP\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eTransitioning from data chaos to AI-ready governance is a multi-phase transformation that cannot be accomplished in a single initiative. We propose a three-phase roadmap that sequences governance investments according to their dependencies and their leverage over AI outcomes.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.4.1 Phase 1: Stabilize (Months 1\u0026ndash;6)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe stabilization phase focuses on identifying and remediating the most critical governance failures, those that are actively undermining current AI initiatives or creating regulatory exposure. Key activities include:\u003c/p\u003e\n\u003cp\u003e● Conducting a data governance maturity assessment to identify critical gaps in quality, ownership, and compliance.\u003c/p\u003e\n\u003cp\u003e● Establishing clear ownership for high-priority data domains, with named accountable individuals rather than committees.\u003c/p\u003e\n\u003cp\u003e● Implementing minimum viable data quality controls for data assets currently feeding production AI systems.\u003c/p\u003e\n\u003cp\u003e● Creating an inventory of data assets and their known quality issues to support prioritization in subsequent phases.\u003c/p\u003e\n\u003cp\u003eThe stabilization phase is deliberately limited in scope. Its purpose is not to solve the governance problem comprehensively, but to stop the accumulation of governance debt and establish the organizational credibility needed to sustain a longer transformation.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.4.2 Phase 2: Standardize (Months 6\u0026ndash;18)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe standardization stage builds out the governance framework that allows for the creation of consistent and reliable data. Activities at this stage include:\u003c/p\u003e\n\u003cp\u003e● Creation and publication of enterprise data standards covering data quality, data security, data privacy, and data interoperability.\u003c/p\u003e\n\u003cp\u003e● Development of a data catalog, including semantic tagging and lineage and ownership management for priority domains.\u003c/p\u003e\n\u003cp\u003e● Implementation of the federated governance framework, establishing the demarcation line between the center and the domains.\u003c/p\u003e\n\u003cp\u003e● Start of policy as code for critical aspects of data quality and accessibility.\u003c/p\u003e\n\u003cp\u003e● Alignment of business glossaries across different domains for cross-domain AI.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.4.3 Phase 3: Scale (Months 18+)\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe Scaling stage operationalizes the governance model at the enterprise level, allowing for self-service access to data and AI development built on a trustable data infrastructure. Activities during the scaling phase include:\u003c/p\u003e\n\u003cp\u003e● Scaling policy-as-code automation to all data pipelines and domains.\u003c/p\u003e\n\u003cp\u003e● Enabling self-service access to governed data that does not become dependent on any central approval process.\u003c/p\u003e\n\u003cp\u003e● Embedding governance in AI development practices such as gated data quality and data cards for training datasets.\u003c/p\u003e\n\u003cp\u003e● Managing the full lifecycle of data products \u0026ndash; from versioning, to deprecation, and informing data consumers about updates.\u003c/p\u003e\n\u003cp\u003e● Building continuous governance improvement processes in response to advancing AI technologies and changing regulations.\u003c/p\u003e"},{"header":"4. Discussion","content":"\u003cp\u003e\u003cstrong\u003e4.1 Governance as the Foundation of AI Value\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe framework presented herein relies on an assertion that: data governance is not an expense or compliance-related activity; rather, it is the most important factor in realizing value through AI. This assertion challenges prevailing views about technology management wherein model design, computing capabilities, and algorithm development are touted as critical factors behind AI supremacy.\u003c/p\u003e\n\u003cp\u003eHowever, research indicates otherwise. For example, Sambasivan et al. [36] discovered that data-based enhancements to AI models, improved data quality, documentation, and governance were always superior to model-based improvements during actual operations. Amazon\u0026apos;s early investment in data quality infrastructure, Google\u0026apos;s development of internal data management practices, and the documented failures of high-profile AI initiatives in healthcare and finance all point to the same conclusion: AI capability is constrained by data governance capability.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e4.2 Organizational Implications\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe transition to federated, automated governance has significant organizational implications that extend beyond technology. It requires redistribution of data accountability from central IT functions to business domains\u0026mdash;a change that challenges existing power structures and may encounter significant resistance. It requires new role types (data product owners, data quality engineers, AI governance specialists) that do not exist in most organizations. And it requires executive leadership that sustains commitment to governance investment over a multi-year transformation horizon despite pressure to prioritize visible AI deliverables over invisible governance infrastructure.\u003c/p\u003e\n\u003cp\u003eThese organizational challenges are not peripheral to the governance transformation; they are central to it. Technology implementations that neglect the organizational dimensions of governance routinely fail to achieve sustainable impact [30].\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003e4.3 Limitations and Future Research\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eThe current paper is mainly conceptual and based on practices within the industry rather than being an empirical study. Future research may include developing quantitative indicators of the level of maturity of governance and its impact on the results obtained from using artificial intelligence, understanding the organizational factors affecting the adoption of federated governance and potential barriers to change, and the governance needs of new AI applications such as generative AI, foundation models, and autonomous decision-making.\u003c/p\u003e"},{"header":"5. Conclusions","content":"\u003cp\u003eThe central argument of this paper can be stated simply: organizations cannot build trustworthy AI on untrustworthy data. Yet most organizations investing in AI are doing precisely that: deploying sophisticated models against ungoverned, fragmented, and inconsistently defined data environments, then attributing the resulting failures to algorithmic limitations rather than to governance failures.\u003c/p\u003e\n\u003cp\u003eThe model presented above, which includes \u003cem\u003efederation ownership, policy automation, and data product mentality\u003c/em\u003e, creates architecture for making the shift from data chaos to data confidence. The model is based on the understanding that AI readiness is ultimately a data governance challenge, and that resolving such a challenge calls for constant commitment from organizations in terms of investing in their data governance capabilities.\u003c/p\u003e\n\u003cp\u003eFor information systems scholars, the governance-AI nexus represents a rich and consequential research domain. For practitioners, the message is both challenging and actionable: the path to AI confidence runs through data governance, and the time to begin that journey is now.\u003c/p\u003e"},{"header":"Declarations","content":"\u003cp\u003e\u003cstrong\u003eAuthor Contributions:\u003c/strong\u003e The author solely conceptualized the study, developed the methodology, conducted the analysis, interpreted the results, and wrote and revised the manuscript. The author has read and approved the final version of the manuscript.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFunding:\u003c/strong\u003e Not applicable.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eData Availability Statement:\u003c/strong\u003e Not applicable.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eConflicts of Interest\u003c/strong\u003e: Not applicable.\u003c/p\u003e"},{"header":"References","content":"\u003col\u003e\u003cli\u003e\u003cspan\u003eA. R. Hevner, S. T. March, J. Park, and S. Ram, Design Science in Information Systems Research, MIS Quarterly, vol. 28, no. 1, pp. 75\u0026ndash;105, 2004. DOI: 10.2307/25148625\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eH. Zang, H. Kim, and J. Kim, Blockchain-Based Decentralized Storage Design for Data Confidence Over Cloud-Native Edge Infrastructure, IEEE Access, vol. 12, pp. 50083\u0026ndash;50099, 2024, doi: 10.1109/ ACCESS.2024.3383010.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eP. Ataei and D. Staegemann, Application of microservices patterns to big data systems, J. Big Data, vol. 10, no. 1, p. 56, May 2023, doi: 10.1186/s40537-023-00733\u0026ndash;4.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eA. AbuHalimeh, Improving Data Quality in Clinical Research Informatics Tools, Front. Big Data, vol. 5, p. 871897, Apr. 2022, doi: 10.3389/fdata.2022.871897.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eC. Dwork and M. Minow, Distrust of Artificial Intelligence: Sources \u0026amp; Responses from Computer Science \u0026amp; Law, Daedalus, vol. 151, no. 2, pp. 309\u0026ndash;321, May 2022, doi: 10.1162/daed_a_01918.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eR. Y. Wong, A. Chong, and R. C. Aspegren, Privacy Legislation as Business Risks: How GDPR and CCPA are Represented in Technology Companies\u0026rsquo; Investment Risk Disclosures, Proc. ACM Hum.-Comput. Interact., vol. 7, no. CSCW1, pp. 1\u0026ndash;26, Apr. 2023, doi: 10.1145/3579515.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eAlthinayyan, T., \u0026amp; Alojail, M. (2024). Enhancing User Experience and Sustainability in Open Banking Using PLS-SEM. Sustainability, 16(22), 9656.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eC. Arora, M. Sabetzadeh, L. Briand, and F. Zimmer, Automated Extraction and Clustering of Requirements Glossary Terms, IEEE Trans. Softw. Eng., vol. 43, no. 10, pp. 918\u0026ndash;945, Oct. 2017, doi: 10.1109/TSE.2016.2635134.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eT. P. Raptis, A. Passarella, and M. Conti, Distributed Data Access in Industrial Edge Networks, IEEE J. Sel. Areas Commun., vol. 38, no. 5, pp. 915\u0026ndash;927, May 2020, doi: 10.1109/JSAC.2020.2980917.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eD. Johnson et al., ISA API: An open platform for interoperable life science experimental metadata, GigaScience, vol. 10, no. 9, p. giab060, Sept. 2021, doi: 10.1093/gigascience/giab060.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eF. Mostajabi, A. A. Safaei, and A. Sahafi, A Systematic Review of Data Models for the Big Data Problem, IEEE Access, vol. 9, pp. 128889\u0026ndash; 128904, 2021, doi: 10.1109/ACCESS.2021.3112880.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eDehghani, Z. Data Mesh: Delivering Data-Driven Value at Scale. O\u0026rsquo;Reilly Media, 2022.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eT. Van Eijk, I. Kumara, D. Di Nucci, D. A. Tamburri, and W.-J. Van Den Heuvel, Architectural Design Decisions for Self-Serve Data Platforms in Data Meshes, in 2024 IEEE 21st International Conference on Software Architecture (ICSA), Hyderabad, India: IEEE, June 2024, pp. 135\u0026ndash;145. doi: 10.1109/ICSA59870.2024.00021.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eS. Neumaier, J. Umbrich, and A. Polleres, Automated Quality Assessment of Metadata across Open Data Portals, J. Data Inf. Qual., vol. 8, no. 1, pp. 1\u0026ndash;29, Nov. 2016, doi: 10.1145/2964909.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eR. Girau et al., Definition and implementation of the Cloud Infrastructure for the integration of the Human Digital Twin in the Social Internet of Things, Comput. Netw., vol. 251, p. 110632, Sept. 2024, doi: 10.1016/j.comnet.2024.110632.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eA. Mahindrakar and K. P. Joshi, Automating GDPR Compliance using Policy Integrated Blockchain, in 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), Baltimore, MD, USA: IEEE, May 2020, pp. 86\u0026ndash;93. doi: 10.1109/BigDataSecurity HPSC-IDS49724.2020.00026.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eT. H. Davenport, J. G. Harris, and R. Morison, Analytics at Work: Smarter Decisions, Better Results. Boston, MA: Harvard Business Press, 2010.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eK. Peffers, T. Tuunanen, M. A. Rothenberger, and S. Chatterjee, A Design Science Research Methodology for Information Systems Research, Journal of Management Information Systems, vol. 24, no. 3, pp. 45\u0026ndash;77, 2007. DOI: 10.2753/MIS0742\u0026ndash;1222240302\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eAdedoyin Tolulope Oyewole, Omotayo Bukola Adeoye, Wilhelmina Afua Addy, Chinwe Chinazo Okoye, Onyeka Chrisanctus Ofodile, and Chinonye Esther Ugochukwu, Promoting sustainability in finance with AI: A review of current practices and future potential, World J. Adv. Res. Rev., vol. 21, no. 3, pp. 590\u0026ndash;607, Mar. 2024, doi: 10.30574/ wjarr.2024.21.3.0691.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eH. Buldeo Rai and L. Dablanc, Hunting for treasure: a systematic literature review on urban logistics and e-commerce data, Transp. Rev., v o l. 4 3, n o. 2, p p. 2 0 4\u0026ndash;2 3 3, M a r. 2 0 2 3, d o i : 10.1080/01441647.2022.2082580.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eA. S. Wagner et al., FAIRly big: A framework for computationally reproducible processing of large-scale data, Sci. Data, vol. 9, no. 1, p. 80, Mar. 2022, doi: 10.1038/s41597-022-01163\u0026ndash;2.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eD. Lis and B. Otto, Towards a Taxonomy of Ecosystem Data Governance, presented at the Hawaii International Conference on System Sciences, 2021. doi: 10.24251/HICSS.2021.733.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eI. Gupta, N. Singh, and A. K. Singh, Layer-based Privacy and Security Architecture for Cloud Data Sharing, J. Commun. Softw. Syst., vol. 15, no. 2, Apr. 2019, doi: 10.24138/jcomss.v15i2.617.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eJ. Nogueras-Iso, J. Lacasta, M. A. Urena-Camara, and F. J. Ariza-Lopez, Quality of Metadata in Open Data Portals, IEEE Access, vol. 9, pp. 60364\u0026ndash;60382, 2021, doi: 10.1109/ACCESS.2021.3073455.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eW. Hussain and O. Sohaib, Analysing Cloud QoS Prediction Approaches and Its Control Parameters: Considering Overall Accuracy and Freshness of a Dataset, IEEE Access, vol. 7, pp. 82649\u0026ndash;82671, 2019, doi: 10.1109/ACCESS.2019.2923706.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eCourage Idemudia, Adebimpe Bolatito Ige, Victor Ibukun Adebayo, and Osemeike Gloria Eyieyien, Enhancing data quality through comprehensive governance: Methodologies, tools, and continuous improvement techniques, Comput. Sci. IT Res. J., vol. 5, no. 7, pp. 1680\u0026ndash;1694, July 2024, doi: 10.51594/csitrj.v5i7.1352.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eT. Pusztai et al., SLO Script: A Novel Language for Implementing Complex Cloud-Native Elasticity-Driven SLOs, in 2021 IEEE International Conference on Web Services (ICWS), Chicago, IL, USA: IEEE, Sept. 2021, pp. 21\u0026ndash;31. doi: 10.1109/ICWS53863.2021.00017.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eS. Nastic et al., SLOC: Service Level Objectives for Next Generation Cloud Computing, IEEE Internet Comput., vol. 24, no. 3, pp. 39\u0026ndash;50, May 2020, doi: 10.1109/MIC.2020.2987739.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eA. Ismail, H.-L. Truong, and W. Kastner, Manufacturing process data analysis pipelines: a requirements analysis and survey, J. Big Data, vol. 6, no. 1, p. 1, Dec. 2019, doi: 10.1186/s40537-018-0162\u0026ndash;3.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eAbraham, R., Schneider, J., \u0026amp; vom Brocke, J. (2019). Data governance: A conceptual framework, structured review, and research agenda. International Journal of Information Management, 49, 424\u0026ndash;438. DOI: 10.1016/j.ijinfomgt.2019.07.008\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eDAMA International. (2017). DAMA-DMBOK: Data management body of knowledge (2nd ed.). Technics Publications.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eFountaine, T., McCarthy, B., \u0026amp; Saleh, T. (2022). Building the AI-powered organization. Harvard Business Review, 97(4), 62\u0026ndash;73.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eLadley, J. (2019). Data governance: How organizations value and manage their data (2nd ed.). Academic Press.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eMachado, I. A., Costa, C., \u0026amp; Santos, M. Y. (2022). Data mesh: Concepts and principles of a paradigm shift in data architectures. Procedia Computer Science, 196, 263\u0026ndash;271. DOI: 10.1016/j.procs.2021.12.026\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eRansbotham, S., Khodabandeh, S., Fehling, R., LaFountain, B., \u0026amp; Kiron, D. (2020). Expanding AI's impact with organizational learning. MIT Sloan Management Review and Boston Consulting Group.\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eSambasivan, N., Kapania, S., Highfill, H., Akrong, D., Paritosh, P., \u0026amp; Aroyo, L. M. (2021). Everyone wants to do the model work, not the data work: Data cascades in high-stakes AI. Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems, 1\u0026ndash;15. DOI: 10.1145/3411764.3445518\u003c/span\u003e\u003c/li\u003e\u003c/ol\u003e"}],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":true,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":true,"hideJournal":true,"highlight":"","institution":"N/A","isAcceptedByJournal":false,"isAuthorSuppliedPdf":false,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":false,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"Data Governance, Artificial Intelligence (AI), Data Trust, Data Mesh, Data Products, Federated Governance, Policy-as-Code","lastPublishedDoi":"10.21203/rs.3.rs-9623212/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-9623212/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"\u003cp\u003eArtificial intelligence (AI) has changed the competitive landscape of digital business. Despite heavy investment in AI, many digital enterprises fail to translate analytics into business value due to fragmented ownership, inconsistent definitions, and manual governance practices. This is because of serious problems in data governance. This paper advances a central argument: AI is only as strong as the data behind it.\u003c/p\u003e \u003cp\u003eModern digital enterprises generate massive volumes of data across distributed architectures, often resulting in fragmented, inconsistent, and untrusted data that undermines decision-making and AI effectiveness.\u003c/p\u003e \u003cp\u003eTraditional centralized governance approaches do not work well in fast-paced environments. They create bottlenecks and limit business flexibility.\u003c/p\u003e \u003cp\u003eThe research in this paper draws on industry best practices and corporate governance principles to develop a federated data governance framework suitable for organizations using AI technologies. This research paper provides insights on data governance as an enabler of AI technology instead of just another form of regulatory governance.\u003c/p\u003e","manuscriptTitle":"From Data Chaos to AI Confidence: A Scalable Data Governance Architecture for AI-Driven Digital Platforms","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2026-05-07 08:13:55","doi":"10.21203/rs.3.rs-9623212/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"115fdef4-971f-4356-ba56-43329e516a3e","owner":[],"postedDate":"May 7th, 2026","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[],"tags":[],"updatedAt":"2026-05-07T08:13:55+00:00","versionOfRecord":[],"versionCreatedAt":"2026-05-07 08:13:55","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-9623212","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-9623212","identity":"rs-9623212","version":["v1"]},"buildId":"XKTyCvWXoU3ODBz1xrDgd","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}

Text is read by the "Ask this paper" AI Q&A widget below. Extraction quality varies by source — PMC NXML preserves structure cleanly, OA-HTML may include some navigation residue, and OA-PDF can have broken hyphenation. The publisher copy (via DOI) is the canonical version.

My notes (saved in your browser only)

Ask this paper AI returns verbatim quotes from the full text · source: preprint-html

Answers must be backed by verbatim quotes from this paper's full text. Hallucinated quotes are dropped automatically; if no verbatim passage answers the question, we say so. How this works

Citation neighborhood (no data yet)

We don't have any in-corpus citations linked to this paper yet. This is a recent paper (2026) — citers typically take a year or two to land, and the OpenAlex reference graph may still be filling in.

Source provenance

europepmc
last seen: 2026-05-20T01:45:00.602351+00:00