Back to Workflow Masterclass
SA
Sumit Arora

Full-Stack Architect

Brisbane, Australia
January 2026
15 min readBanking Workflow
Banking / Data

Data Product Governance

Bank-grade data product management. An internal marketplace with governance workflow that treats data as a product—clear ownership, consumers, SLAs, and federated governance.

The Challenge

In large banks, data is everywhere but usable data is nowhere. Teams create tables, APIs, and extracts without documentation. Consumers can't find what exists, can't trust what they find, and can't get access to what they need.

A Data Product Management system treats data like a product: registered, documented, certified, and governed. It's the difference between "random tables" and "trusted data assets."

7 Core Modules

A bank-grade DPM system has these modules. Each serves a distinct function in the data product lifecycle.

Module 1

Data Product Catalog

Registration + search marketplace

Module 2

Data Contracts

Schema + semantics + SLA + quality rules

Module 3

Lifecycle + Certification

Approval gates and state transitions

Module 4

Access + Entitlements

Request → approve → provision flow

Module 5

Governance + Compliance

Classification, policies, audit

Module 6

Quality + Observability

Scorecards, incidents, SLO breaches

Module 7

Usage + Cost

Chargeback/showback, adoption metrics

Lifecycle States

Every data product moves through these states. No shortcuts.

Draft
Proposed
In Review
Certified
Published
Deprecated
Retired
Draft

Author creates product shell

Proposed

Must have owners + classification + interface

In Review

Governance + platform checks

Certified

Passed all certification gates

Published

Visible in marketplace

Deprecated

Time-bound deprecation

Retired

No longer available

3 Certification Gates

Before a product can be published, it must pass these gates. This prevents "random tables becoming products."

Gate A: Governance

Classification present + validated
Retention + residency tags set
Privacy controls defined (masking/tokenization)

Data Contracts

The contract is the formal agreement between producer and consumers. It's the heart of the system.

Fundamentals

NameVersionOwnerStatus

Schema

FieldsTypesConstraintsKeys

Semantics

Glossary mappingField meaningUnits

Quality Rules

Null %DuplicatesValid valuesThresholds

SLA/SLO

Update frequencyFreshness windowsAvailability

Security

ClassificationAllowed useMasking rules

Access Request Flow

Consumers don't "get database access"—they request access to a product interface under policy.

1

Request Access

Consumer specifies purpose, duration, environment, scope

2

Policy Routing

Same domain + low sensitivity → auto-approve. PII/cross-domain → multi-party approval

3

Approval

Steward + privacy + risk teams review as needed

4

Provisioning

Create IAM role, register subscription, grant access

5

Audit + Review

Log everything. Periodic re-certification (access review every N months)

Building a Data Platform?

Whether it's data product governance, catalog management, or access control—we build systems that bring order to data chaos.

Let's Talk See Other Workflows