Data Governance Program & Charter (PM-23)

Have Questions?
Talk to an ASP Expert at 703-254-3202

Description:  In-depth, comprehensive, professionally developed Data Governance Program & Charter from Arlington that includes measures relating to the full life cycle of data, from acquisition to use to disposal as required by PM-23 of NIST SP 800-53, Revision 5. 

Additionally, the Data Governance Program & Charter includes measures relating to establishing decision-making authority, policies, procedures, and standards regarding data security and privacy protection, data inventories, content and records management, data quality control, data access, data security and risk management, data sharing and dissemination, as well as ongoing compliance monitoring of all the above-mentioned activities.

Note: It is highly recommended to purchase the additional supporting documents within the Program Management (PM) family to allow for complete coverage of all controls within PM-1 to PM-32.

The Data Governance Program & Charter includes the following sections:

  • Goals and Objectives
  • People
  • Processes
  • Technology
  • Guiding Principles
  • Application of Metrics
  • Privacy by Design
  • Data Lifecycle Management (collection, use, sharing/disclosing, storage, protection, retention, disposal)
  • Framework and Organizational Structure (Data Administrators, Chief Data Officer, Data Protection Officer (DPO), Data Engineers & Developers, Data Scientists, Data Owners, Data Stewards, Data Custodians, Data Consumers)
  • Data Classification 
  • Public Data
  • Laws & Regulations
  • Data Literacy & Training

Specifications: Developed in accordance with NIST SP 800-53, Revision 5 (12-10-2020), and other related security control frameworks, where applicable.

Control Family: Program Management (PM).

Control Mapping: PM-23.

Security Control Baseline Coverage: Includes coverage for all LOW, MOD, and HIGH Baselines, per NIST SP 800-53B (12-10-2020).

Direct Compliance Use: FISMA, FedRAMPNISP eMASS RMF, and other related NIST RMF reporting requirements for security and privacy. Can be used for mapping to DFARS NIST 800-171 and CMMC controls, where applicable. Choose from over 100 + security templates from Arlington.

Format: MS Word document (.docx).

Length: 14 pages.

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.


What Our Customers Are Saying


Companies Who Trust Us