Data Governance Policy¶
| Code | DT-004 |
| Domain | Data & Technology |
| Owner | Chief Technology Officer |
| Status | Draft |
| Applicability | Platform |
| Jurisdiction | NZ + AU |
| Business domain | BD09 |
| Review date | 2027-03-25 |
Regulations: Privacy Act 2020 · Privacy Act 1988¶
Purpose¶
Govern data ownership, lineage documentation, quality standards, and the governance of the Snowflake analytical data layer. Ensures that all data flows within the platform are traceable to authoritative sources, that schema contracts are maintained, and that the analytical data layer accurately reflects operational state.
Scope¶
All data produced, consumed, or transformed within the platform, including operational data in Neon, analytical data in Snowflake, event data on EventBridge, and any data exported to external regulatory or reporting consumers.
Policy statements¶
Every data entity within the platform SHALL have a documented owner, a defined canonical schema, and a recorded lineage path from its source system to any downstream consumer.
Data SHALL flow from operational systems to analytical systems through the governed CDC pipeline only. Direct reads from operational databases by analytical consumers, and shadow copies created outside the governed pipeline, are prohibited.
The Snowflake analytical layer SHALL be treated as a derived representation of operational state, not as an independent source of truth. Any divergence between operational state and analytical state SHALL be detectable and SHALL trigger a reconciliation alert.
Schema changes to any governed data entity SHALL follow a documented change process including: version increment, consumer impact assessment, migration period, and confirmation of consumer readiness before the change is deployed.
Data quality rules SHALL be defined for each governed dataset. Rule violations SHALL be logged, alerted, and resolved within defined SLAs. Data that fails quality checks SHALL NOT be presented to downstream consumers as validated data.
Personal and sensitive data SHALL be classified, and classification SHALL drive access control, retention schedules, and anonymisation requirements. Unclassified sensitive data SHALL be treated as maximally restricted until classified.
All data lineage, quality rule outcomes, schema versions, and ownership records SHALL be maintained in the data governance catalogue and SHALL be available for regulatory and audit inspection.
Satisfying modules¶
| Module | Name | Mode | Description |
|---|---|---|---|
| MOD-038 | Data quality & reconciliation monitor | AUTO |
Data quality rules enforced at pipeline level — not a manual check |
| MOD-042 | CDC pipeline — Neon logical replication to S3 Iceberg | AUTO |
All operational data changes flow through a single governed CDC pipeline — no shadow extracts or parallel data taps permitted |
| MOD-043 | EventBridge domain event governance | AUTO |
Domain event buses enforce ownership boundaries — cross-domain subscriptions require an explicit published contract |
| MOD-076 | Observability platform | ALERT |
Data quality anomalies detected by pipeline monitors are surfaced as observability alerts — the DT-004 obligation to detect and respond is operationalised here. |
| MOD-102 | Snowflake account configuration & governance | AUTO |
The single governed CDC pipeline (MOD-042) is the only path for operational data to enter Snowflake — enforced by storage integration policy and warehouse grants. |
Part of Data & Technology · Governance overview
Compiled 2026-05-22 from source/entities/policies/DT-004.yaml