I was recently asked what impact AI will have on data governance and it got me thinking. Most teams I see still run governance the old way: central policy group, registers, manual checks. That worked when data moved slower. But the pace of delivery and the rise of AI has changed everything.

For decades, data governance meant a central team setting policy, running councils, approving access, and manually keeping registers of sensitive data. That approach matched the technology and risk profile of the time: slower release cycles, fewer systems, and compliance paperwork.

Now everything about how we build and use data is changing.

• Data is infrastructure and code.
• AI is everywhere.
• Delivery is rapid.

Manual, centralised governance can’t keep up. It must become engineered and embedded, the same shift security made with DevSecOps.

When I last wrote about the changing role of the Data Governance Manager, the question wasn’t whether data governance still matters. It was clear it does. The question was how it should work in a world defined by fast delivery and AI.

For decades, data governance meant a central team setting policy, running councils, approving access, and manually keeping registers of sensitive data. That approach matched the technology and risk profile of the time: slower release cycles, fewer systems, and compliance paperwork.

AI Is Changing Both Sides of the Equation

AI isn’t just something we have to govern. It’s also transforming how data governance gets done.

• Automating the heavy lifting — AI scans for personal or sensitive data, tags and classifies, maps lineage, and flags quality issues.
• Guiding and assisting — Large language models help developers and analysts understand compliance rules and suggest fixes.
• Guardian agents — AI enforces policies in real time: trigger deletion, revoke unsafe access, block risky models, validate controls, and improve data quality.

This is what finally makes “governance as code” practical.

From Policy to Engineered Governance

We’ve reached a point where the old ways can’t keep up. AI changes the risk surface and gives us new tools. The next step isn’t to abandon data governance, it’s to rebuild it around how modern products and AI are actually delivered.

That means moving from a central team writing and checking policy after the fact to an operating model where controls are engineered into the flow of work, assisted by AI, and owned by the people closest to the data and models.’

The New Operating Model

Today, most data governance teams look roughly the same: a manager or lead who sets policy, a data quality analyst or two, someone keeping the catalog alive, and some privacy support. It’s centralised, manual, and slow — and it breaks once you have dozens of data products and AI models shipping every week.

What’s emerging instead is an operating model built for speed and automation:

• Executive Accountability stays — the Chief Data & AI Officer still owns data and AI risk appetite and reports to the board.
• Delivery moves closer to the work — product owners own specific governance capabilities (quality, protection, discovery) and work directly with squads building data and AI products.
• AI does the grunt work — scanning, tagging, risk detection, and enforcing basic rules.
• Enablement gets serious — literacy and adoption aren’t side projects; they’re run as a product with a lead and clear outcomes.

Here’s how the team and capability shift looks when you compare today with the future:

Created by Chad Barendse

The Takeaway

Data governance isn’t dying - it’s evolving. The days of manual registers and council approvals are done. Governance now needs to be engineered and automated.

That means fewer policy writers and more product owners and engineers, building controls and automation into the delivery flow. AI isn’t replacing governance - it’s forcing it to become faster, smarter, and closer to the work.

How is your team adapting? Are you still centralised or starting to push controls closer to the work?

At DGX, we help organisations modernise governance through engineered frameworks, automation, and enablement — so data is trusted, protected, and ready for AI.

Learn more at dgx.group or follow on LinkedIn for practical insights on modern data and AI governance.

Chad Barendse is Co-founder of DGX Group, a consultancy dedicated solely to Data and AI Governance.