Personal and Ubiquitous Computing

, Volume 23, Issue 5–6, pp 839–859 | Cite as

A systematic literature review of data governance and cloud data governance

  • Majid Al-RuitheEmail author
  • Elhadj Benkhelifa
  • Khawar Hameed
Original Article


Data management solutions on their own are becoming very expensive and not able to cope with the reality of everlasting data complexity. Businesses have grown more sophisticated in their use of data, which drives new demands that require different ways to handle this data. Forward-thinking organizations believe that the only way to solve the data problem will be the implementation of an effective data governance. Attempts in governing data failed before, as they were driven by IT, and affected by rigid processes and fragmented activities carried out on system by system basis. Up to very recently governance is mostly informal with very ambiguous and generic regulations, in siloes around specific enterprise repositories, lacking structure and the wider support of the organization. Despite its highly recognized importance, the area of data governance is still under developed and under researched. Since data governance is still under researched, there is need to advance research in data governance in order to deepen practice. Currently, what exist are mostly descriptive literature reviews in the area of data governance. In this paper, a systematic literature review (SLR), which offers a structured, methodical, and rigorous approach to the understanding of the state-of-the-art of research in data governance. The objective of the study is to provide a credible intellectual guide for upcoming researchers in data governance to help them identify areas in data governance research where they can make the most impact. The systematic literature review covered published contributions from both academia and industry. The presented SLR searches and examines most relevant published work since year 2000 to-date for data governance for non-cloud, and for cloud computing since 2007. Only 52 studies met the inclusion criteria, which are critically reviewed.


Systematic review Data governance Cloud computing Cloud data governance 


  1. 1.
    Nfuka E, Rusu L (2010) Critical Success Factors for Effective IT Governance in the Public Sector Organizations in a Developing Country: The case of Tanzania, in Proceedings of the European Conference on Information Systems; Pretoria, South AfricaGoogle Scholar
  2. 2.
    Salami OL, Johl SK, Ibrahim MY (2014) Holistic approach to corporate governance: A conceptual frame- work. Glob Bus Manag Res 6(3):2002–2006Google Scholar
  3. 3.
    Weber K, Otto B, Osterle H (2009) One size does not fit all — a contingency approach to data governance. ACM J Data Inf Qual 1(1):4:1–4:27Google Scholar
  4. 4.
    Begg C, Caira T (2012) Exploring the SME quandary: data governance in practise in the small to medium-sized enterprise sector. Electron J Inf Syst Eval 15(1):3–13Google Scholar
  5. 5.
    Buffenoir E, Bourdon I (2013) Managing extended organizations and data governance. In Digital Enterprise Design and Management 2013. Springer, Berlin, Heidelberg, pp. 135–145Google Scholar
  6. 6.
    Niemi E (2011) Designing a Data Governance Framework. [online] Aalto University School of Economics, p.14. Available at: [Accessed 10 Aug. 2016]
  7. 7.
    Wende K (2007) A Model for Data Governance – Organising Accountabilities for Data Quality Management. In Proceedings of the 18th Australasian Conference on Information Systems, Toowoomba (Australia), 2007–12-06, pp. 417–425Google Scholar
  8. 8.
    The Data Governance Institute (2015) Definitions of Data Governance. [Online]. Available: [Accessed: 16-Feb-2015]
  9. 9.
    Mell P, Grance T (2011) The NIST definition of cloud computing recommendations of the National Institute of Standards and Technology. Nist Spec Publ 145:7Google Scholar
  10. 10.
    Almarabeh T, Majdalawi YK, Mohammad H (2016) Cloud computing of E-government. Commun Netw 8(01):1Google Scholar
  11. 11.
    Kshetri N (2010) Cloud computing in developing economies. Computer 43(10):47–55Google Scholar
  12. 12.
    Grance T, Patt-Corner R, Voas JB, Badger J (2012) Cloud Computing Synopsis and Recommendations. NIST Special Publication, 800–146Google Scholar
  13. 13.
    Gorelik E (2013) Cloud Computing Models. Composite Information Systems Laboratory (CISL)Google Scholar
  14. 14.
    Bojanova I, Samba A (2011) Analysis of cloud computing delivery architecture models. In: IEEE Workshops of International Conference on Advanced Information Networking and Applications (WAINA), Biopolis, pp. 453–458Google Scholar
  15. 15.
    Forell T, Milojicic D, Talwar V (2011) Cloud management: challenges and opportunities. In: IEEE International Parallel and Distributed Processing, Symposium, Shanghai, China, pp. 881–889Google Scholar
  16. 16.
    Al-Ruithe M, Benkhelifa E, Hameed K (2016) A conceptual framework for designing data governance for cloud computing. Procedia Compu Sci 94:160–167Google Scholar
  17. 17.
    Ko RKL, Jagadpramana P, Mowbray M, Pearson S, Kirchberg M, Liang Q, Lee BS (2011) TrustCloud: a framework for accountability and trust in cloud computing, in: IEEE Services, Washington, DC, USA, pp. 584–588Google Scholar
  18. 18.
    Hogan M, Liu F, Sokol A, Tong J (2011) Nist cloud computing standards roadmap. NIST Special Publication, 35Google Scholar
  19. 19.
    Li Y, Guo L, Guo Y (2012) CACSS: Towards a Generic Cloud Storage Service. In: CLOSER 2012. SciTePress, pp. 27–36.
  20. 20.
    Rifaie M, Alhajj R, Ridley M (2009) Data Governance Strategy: A Key Issue in Building Enterprise Data Warehouse. In Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services, Kuala Lumpur (Malaysia), 2009–12-14, pp. 587–591Google Scholar
  21. 21.
    Neela KL, Kavitha V (2013) A survey on security issues and vulnerabilities on cloud computing. Int J Comput Sci Eng Technol 4(2):855–860Google Scholar
  22. 22.
    Hummel M (2014) State-of-the-art: A systematic literature review on agile information systems development. In Hawaii International Conference on System SciencesGoogle Scholar
  23. 23.
    Torkar R et al (2012) Requirements traceability: a systematic literature review and industry case study. IJSEKE 22(3):1–49Google Scholar
  24. 24.
    de O. Luna AJH, Kruchten P, do E. Pedrosa MLG, d. Almeida Neto HR, d. Moura HP (2014) State of the art of agile governance: a systematic review. Int J Comput Sci Inf Technol 6(5):121–141Google Scholar
  25. 25.
    Kitchenham B, Charters S (2007) Guidelines for performing systematic literature reviews in software engineering. Engineering 2:1051Google Scholar
  26. 26., “ISACA,” (2016) [Online]. Available: [Accessed: 23-Mar-2016]
  27. 27.
    Master IBM, Management D (2007) Data governance for master data management. Data Manag:67–86Google Scholar
  28. 28.
    Panian Z (2010) Some practical experiences in data governance. World Acad Sci Eng Technol Manag (62):939–946Google Scholar
  29. 29.
    De Haes WVGS (2008) Practiices in IT governance and business/IT alignment. Inf Syst Control 2:1–6Google Scholar
  30. 30.
    Neff A, Schosser M, Zelt S, Uebernickel F, Brenner W (2013) Explicating performance impacts of it governance and data governance in multi-business organisations. In 24th Australasian Conference on Information Systems (ACIS) (pp. 1–11). RMIT UniversityGoogle Scholar
  31. 31.
    De Hert P, Papakonstantinou V (2013) Three scenarios for international governance of data privacy: towards an international data privacy organization, preferably a UN Agency? I/S A J Law Policy Inf Soc 9:272–324Google Scholar
  32. 32.
    Weber, K.; Cheong, L.; Otto, B.; Chang, V.: Organising Accountabilities for Data Quality Management – A Data Governance Case Study. In: Dinter, B.; Winter, R.; Chamoni, P.; Gronau, N.; Turowski, K. (Hrsg.): Proceedings DW2008: Synergien durch Integration und Informationslogistik, St. Gallen, Köllen Druck+Verlag, Bonn, 2008, S. 347–359Google Scholar
  33. 33.
    Rajendran S (2013) Organizational challenges in cloud adoption and enablers of cloud transition program. Massachusetts Institute of Technology, MassachusettsGoogle Scholar
  34. 34.
    Prinzo BR, Group TP (2012) Developing a Strategy for your Data Governance Initiative, pp. 15–17Google Scholar
  35. 35.
    Catteddu D, D. and Hogben, G. (2009) The European Network and Information Security Agency ( ENISA ) is an EU agency created to advance this work takes place in the context of ENISA ’ s emerging and future risk programme. C ONTACT DETAILS : this report has been edited by. Computing 72:2009–2013Google Scholar
  36. 36.
    Fleissner BB, Jasti K, Ales J, Thomas R(2014) The Importance of Data Governance in Healthcare, pp. 1–11Google Scholar
  37. 37.
    Thomas G (2009) How to use the DGI data governance framework to configure your program. Retrieved from Accesssed 22 Sep. 2017
  38. 38.
    Hunter L (2015) Tools for Cloud Accountability: A4Cloud Tutorial, Retrieved from
  39. 39.
    Groß S, Schill A (2012) Towards user centric data governance and control in the cloud. In Open Problems in Network Security. Springer, Berlin, Heidelberg, pp. 132–144Google Scholar
  40. 40.
    Statement P, Public T, Officer R (2009) Institutional Data Governance Policy, pp. 1–12Google Scholar
  41. 41.
    Fu X, Wojak A, Neagu D, Ridley M, Travis K (2011) Data governance in predictive toxicology: a review. J Cheminf 3:24Google Scholar
  42. 42.
    Prasetyo HN, Surendro K (2015) Designing a data governance model based on soft system methodology (SSM) in organization. J Theor Appl Inf Technol 78(1):46Google Scholar
  43. 43.
    Buffenoir E, Bourdon I (2012) Reconciling complex organizations and data management: the Panopticon paradigm. arXiv preprint arXiv:1210.6800Google Scholar
  44. 44.
    Otto B (2011) A morphology of the organisation of data governance. In: 19th European Conference on Information Systems, Helsinki, FinlandGoogle Scholar
  45. 45.
    Badrakhan BB (2010) Drive toward data governance. Ewweb 13:35–38Google Scholar
  46. 46.
    Felici M, Koulouris T, Pearson S (2013) Accountability for data governance in cloud ecosystems. In Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on (Vol. 2, pp. 327–332). IEEEGoogle Scholar
  47. 47.
    Yale, Wendy (2011) Is data governance in cloud computing still a mirage or do we have a vision we can trust, vol. 42.1Google Scholar
  48. 48.
    Guillory K (2008) The 4 Reasons Data Governance Fails, Retrieved from https:// Accesssed 22 Sep. 2017
  49. 49.
    the H. I. and M. S. S. (HIMSS) (2015) A ROADMAP TO EFFECTIVE DATA GOVERNANCE : How to Navigate Five Common Obstacles, HIMSS Clinical & Business Intelligence CommitteeGoogle Scholar
  50. 50.
    Mustimuhw Information Solutions Inc. (2015) Data Governance Framework: Framework and Associated Tools, Retrieved from Accesssed 22 Sep. 2017
  51. 51.
    Rausch N, Corporation SSS, Alexander M (2013) SAS Global Forum 2013 Data Management Best Practices in SAS ® Data Management for Big Data SAS Global Forum 2013 Data ManagementGoogle Scholar
  52. 52.
    Russom P (2008) Data Governance strateGies. Bus Intell J 13(2):13–15Google Scholar
  53. 53.
    Gow B (2006) CASE STUDY : Data Governance & Compliance for Financial ServicesGoogle Scholar
  54. 54.
    Australian Institute of Health and Welfare (2014) AIHW data governance framework 2014 (AIHW)Google Scholar
  55. 55.
    Loshin D (2010) Operationalizing Data Governance through Data Policy Management, Retrieved from Accesssed 22 Sep. 2017
  56. 56.
    Adler S (2007) The IBM data governance council maturity model: building a roadmap for effective data governance. IBM Corporation, SomersGoogle Scholar
  57. 57.
    D. G. Office (2013) The State of New Jersey Data Governance Framework Strategic PlanGoogle Scholar
  58. 58.
    Kunzinger F, Corporation H, Haines P, Consulting N, Schneider S, Solutions V, (2010) Delivering a Data Governance Strategy that Meets Business ObjectivesGoogle Scholar
  59. 59.
    Mary B, Mccarthy P, Hill S (2011) Cloud adoption points to IT risk and data governance challenges. Directorship 7:209–211Google Scholar
  60. 60.
    Cloud Security Alliance (2012) Cloud Data Governance Research SponsorshipGoogle Scholar
  61. 61.
    Salido Javier (2010) Data Governance for Privacy, Confidentiality and Compliance: A Holistic Approach, ISACA J 6Google Scholar
  62. 62.
    Salido J (2010) A Guide to Data Governance for Privacy, Confidentiality, and Compliance. Microsoft Trust Comput 35Google Scholar
  63. 63.
    Solutions C (2013) Data governance in the cloud,” Retrieved from Accesssed 22 Sep. 2017
  64. 64.
    Allen CHeider ALyman KA et al (2014) Data governance and data sharing agreements for community-wide health information exchange: lessons from the beacon communities. EGEMS (Washington, DC) 2(1):1057Google Scholar
  65. 65.
    Nunn SL (2009) Driving compliance through data governance. J AHIMA 80(3):50–51Google Scholar
  66. 66.
    Korhonen JJ, Melleri I, Hiekkanen K, Helenius M (2013) Designing data governance structure: an organizational perspective. GSTF J Comput 2(4):11Google Scholar
  67. 67.
    Ladley J (2012) Data governance: how to Design, deploy, and sustain an effective program. Newnes, BostonGoogle Scholar
  68. 68.
    Seiner RS (2014) Non-invasive data governance: the path of least resistance and greatest success. Technics Publications, Basking RidgeGoogle Scholar
  69. 69.
    Bhansali N (Ed.) (2013) Data Governance: Creating Value from Information Assets. CRC PressGoogle Scholar
  70. 70.
    Sarsfield S (2009) Data governance imperative. cambridgeshaire: IT Governance PublishingGoogle Scholar
  71. 71.
    BR, Reeves MG (2013) Developing a data governance model in health careGoogle Scholar
  72. 72.
    Pennanen I (2014) Data governance: intelligent way of managing dataGoogle Scholar
  73. 73.
    Ndamase Z (2014) The impact of data governance on corporate performance: the case of a petroleum company (Doctoral dissertation, University of Cape Town)Google Scholar
  74. 74.
    Poor M (2011) Applying aspects of data governance from the private sector to public higher education. Mount Wachusett Community CollegeGoogle Scholar
  75. 75.
    Nwabude C, Begg C, McRobbie G (2014) Data governance in small businesses-why small business framework should be different. Int Proc Econ Dev Res 82:101Google Scholar
  76. 76.
    Fruehauf J, Al-Khalifa F, Coniker J (2015) Using the Bolman and deals four frames in developing data governance strategy. Issues Inf Syst 16(2):161–167Google Scholar
  77. 77.
    Hallikas J (2015) Data Governance and Automated Marketing–A Case Study of Expected Benefits of Organizing Data Governance in an ICT CompanyGoogle Scholar
  78. 78.
    Alhassan I, Sammon D, Daly M (2016) Data governance activities: an analysis of the literature. J Decis Syst 25(S1):64–75Google Scholar
  79. 79.
    Koltay T (2016) Data governance, data literacy and the management of data quality. IFLA J 42(4):303–312Google Scholar
  80. 80.
    Olaitan O, Herselman M, Wayi N (2016) Taxonomy of literature to justify data governance as a pre-requisite for information governance. Proc. 28th Annu. Conf. South. African Inst. Manag. Sci., pp. 586–605Google Scholar
  81. 81.
    Nielsen OB (2017) A Comprehensive Review of Data Governance Literature. In IRISGoogle Scholar
  82. 82.
    Lee SU, Zhu L, Jeffery R (2017) Data Governance for Platform Ecosystems: Critical Factors and the State of Practice. arXiv preprint arXiv:1705.03509Google Scholar
  83. 83.
    Kamioka T, Luo X, Tapanainen T (2016) An Empirical Investigation of Data Governance: the Role of Accountabilities. In PACIS, p. 29Google Scholar
  84. 84.
    Wende K (2007) Data Governance-Defining Accountabilities for Data Quality ManagementGoogle Scholar
  85. 85.
    Weber K, Otto B, Österle H (2009) One size does not fit all---a contingency approach to data governance. J Data Inf Qual 1(1):4Google Scholar
  86. 86.
    Adelman S (2008) Without a data governance strategy. DM Rev 18:32Google Scholar
  87. 87.
    Enterprise Data Management Data Governance Plan, (2007)Google Scholar
  88. 88.
    Moseley B (2008) Keeys to data governance success. inf Syst Control J 3(2):2–4Google Scholar
  89. 89.
    Thomas G (2006) The DGI data governance framework. Data Gov. Institute, Orlando, p 20Google Scholar
  90. 90.
    Ibm (2007) The IBM data governance blueprint : Leveraging best practices and proven technologiesGoogle Scholar
  91. 91.
    Soares S, S (2010) The IBM data governance unified process: driving business value with IBM software and best practices, p. 153Google Scholar
  92. 92.
    Cheong LK, Chang V (2007) The need for data governance: a case study. ACIS 2007 Proceedings, 100Google Scholar
  93. 93.
    Power D, Street W (2013) Sponsored by all the ingredients for success : data governance, data quality and master data management. Hub Solut Des 2043(781):1–20Google Scholar
  94. 94.
    Traulsen S, Tröbs M, AG, UB, Tucherpark A, Ganghoferstrasse, C. (2011) Implementing Data Governance within a Financial Institution. Jahrestagung der Gesellschaft für InformatikGoogle Scholar
  95. 95.
    Cheong L, Chang V (2007) The Need for Data Governance: A Case Study, ACIS 2007 Proc., noGoogle Scholar
  96. 96.
    Kim SH, Lee IY (2015) Study on user authority management for safe data protection in cloud computing environments. Symmetry 7(1):269–283Google Scholar
  97. 97.
    Woldu L (2013) Cloud Governance Model and Security for Cloud Service ProvidersGoogle Scholar
  98. 98.
    Saidah AS, Abdelbaki N (2014) A New Cloud Computing Governance Framework. In CLOSER, pp. 671–678Google Scholar
  99. 99.
    Eckerson W (2011) Creating an Enterprise Data, Tech Target, no. June, pp. 1–39Google Scholar
  100. 100.
    Alkhater N, Wills G, Walters R (2014) Factors influencing an organisation's intention to adopt cloud computing in Saudi Arabia. In Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on. IEEE, pp. 1040–1044Google Scholar
  101. 101.
    Gorelik E (2013) Cloud computing models (Doctoral dissertation, Massachusetts Institute of Technology)Google Scholar
  102. 102.
    Tountopoulos V, Felici M, Pannetrat A, Catteddu D, Pearson S (2014) Interoperability Analysis of Accountable Data Governance in the Cloud. In Cyber Security and Privacy Forum. Springer, Cham, pp. 77–88Google Scholar
  103. 103.
    Rimal BP, Jukan A, Katsaros D, Goeleven Y (2011) Architectural requirements for cloud computing systems: an enterprise cloud approach. J Grid Comput 9(1):3–26Google Scholar
  104. 104.
    Madhuri C (2013) Cloud information accountability frameworks for data sharing \nin cloud. IOSR J Comput Eng 13:93–96Google Scholar
  105. 105.
    Pearson S, Tountopoulos V, Catteddu D, Südholt M, Molva R, Reich C, …, Leenes R (2012). Accountability for cloud and other future internet services. In Cloud Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on. IEEE, pp. 629–632Google Scholar
  106. 106.
    Cloud Security Alliance (2015) Cloud Data Governance Working Group, [Online]. Available: [Accessed: 12-Jun-2015]
  107. 107.
    Alexandria V (2014) Despite Data Governance Efforts, Eighty-Nine Percent of Federal IT Professionals Are Apprehensive About Migrating IT Services to the Cloud, [Online]. Available: [Accessed: 12-Jul-2015]
  108. 108.
    Boniface M, Nasser B, Papay J, Phillips S, Servin A, Zlatev Z, Yang KX, Katsaros G, Konstanteli K, Kousiouris G, Menychtas A, Kyriazis D, Gogouvitis S (2010) Platform-as-a-Service Architecture for Real-time\ nQuality of Service Management in CloudsGoogle Scholar
  109. 109.
    Fernandes DA, Soares LF, Gomes JV, Freire MM, Inácio PR (2014) Security issues in cloud environments: a survey. Int J Inf Secur 13(2):113–170Google Scholar
  110. 110.
    Khajeh-Hosseini A, Sommerville I, Sriram I (2010) Research challenges for enterprise cloud computing. arXiv preprint arXiv:1001.3257Google Scholar
  111. 111.
    Yeboah-Boateng EO, Essandoh KA (2014) Factors influencing the adoption of cloud computing by small and medium enterprises in developing economies. Int J Emerg Sci Eng 2(4):13–20Google Scholar
  112. 112.
    Tebaa M, Hajji SE (2014) Secure cloud computing through homomorphic encryption. arXiv preprint arXiv:1409.0829Google Scholar
  113. 113.
    Ahuja SP, Mani S (2012) Availability of services in the era of cloud computing. Netw Commun Technol 1(1):2Google Scholar
  114. 114.
    Wang W, Li Z, Owens R, Bhargava B (2009). Secure and efficient access to outsourced data. In Proceedings of the 2009 ACM workshop on Cloud computing security. Acm, pp. 55–66Google Scholar
  115. 115.
    Khanghahi N, Ravanmehr R (2013) Cloud computing performance evaluation: issues and challenges. Computer 5(1):29–41Google Scholar
  116. 116.
    Bjarnason S (2011) Demystifying cloud security. Def Softw Eng 4(2):16–21Google Scholar
  117. 117.
    M. Vael (2010) CC - Cloud Computing Cloud Computing • Introduction • Security • Governance • Risks • Compliance • Recommendations • References Cloud Computing, pp. 1–20Google Scholar
  118. 118.
    Shah N, Chauhan S (2014) Survey Paper on Security Issues While Data Migration in Cloud Computing. 1(7):134–136Google Scholar
  119. 119.
    Alam M, Shakil KA (2015) Recent developments in cloud based systems: state of art. arXiv preprint arXiv:1501.01323Google Scholar
  120. 120.
    Dogo EM, Salami A, Salman S (2013) Feasibility analysis of critical factors affecting cloud computing in Nigeria. Int J Cloud Comput Serv Sci 2(4):276Google Scholar
  121. 121.
    Maaref S (2012) Cloud computing in Africa-Situation and perspectives. Telecommun. Dev. Sect.-ITU, 70Google Scholar
  122. 122.
    MCIT, (2014) Report: Saudi Arabia studies arrangements and controls required for provision of cloud computing services. [Online]. Available: [Accessed: 05-Aug-2015]
  123. 123.
    N. Networks and Computing, N. (2014) ITU-TGoogle Scholar
  124. 124.
    Low C, Chen Y, Wu M (2011) Understanding the determinants of cloud computing adoption. Ind Manag Data Syst 111(7):1006–1023Google Scholar
  125. 125.
    Sein MK, Henfridsson O, Rossi M, (2011) REsearch ESsay a Ction DEsign REsearch 1 35(1):37–56Google Scholar
  126. 126.
    Bulla CM, Bhojannavar SS, Danawade VM (2013) Cloud computing: Research activities and challenges. Int J Emerg Trends Technol Comput Sci 2(5):206–214Google Scholar
  127. 127.
    Cochran M, Witman PD (2011) Governance and service level agreement issues in a cloud computing environment. J Inf Technol Manag 22(2):41–55Google Scholar

Copyright information

© Springer-Verlag London Ltd., part of Springer Nature 2018

Authors and Affiliations

  1. 1.Staffordshire UniversityStoke-on-TrentUK
  2. 2.Cloud Computing and Applications Research LabStoke-on-TrentUK

Personalised recommendations