Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
ISO/IEC 25389:2021 — Data Quality Management Framework
Building a systematic approach to data quality in modern data ecosystems
ISO/IEC 25389:2021 provides a comprehensive framework for data quality management within the broader context of information technology and data management. Published as part of the ISO/IEC data management standards family (alongside 25422 on provenance, 25434 on reference data, and 25642 on master data), this standard defines a structured approach to defining, measuring, and improving data quality across the data lifecycle. For data architects and governance professionals, 25389 fills the gap between abstract quality principles (ISO 8000) and implementation-specific quality plans.
ISO/IEC 25389 is methodology-agnostic and designed to complement existing frameworks such as DAMA-DMBOK, TOGAF, and ISO 8000-8. It does not replace these frameworks but provides a structured overlay for data quality management specifically.
1. Core Data Quality Dimensions
The standard identifies 15 data quality dimensions organized into four categories. Intrinsic dimensions (accuracy, consistency, objectivity, believability) address the data’s inherent quality independent of context. Contextual dimensions (relevance, timeliness, completeness, appropriate amount) assess fitness for purpose. Representational dimensions (interpretability, ease of understanding, concise representation, consistent representation) focus on format and clarity. Accessibility dimensions (accessibility, access security, availability) address the ability to retrieve and use data.
An important engineering insight from this standard is that not all dimensions are equally important for all use cases. The standard explicitly recommends a prioritization exercise at the start of any data quality program. For example, in a real-time fraud detection system, timeliness and accuracy rank highest; in a regulatory reporting context, completeness and consistency are paramount. This contextual weighting prevents wasted effort on measuring dimensions that have no material impact on the business outcome.
| Category | Dimension | Measurement Approach | Typical Threshold |
|---|---|---|---|
| Intrinsic | Accuracy | Record-level comparison to authoritative source | ≥ 99.5% for critical fields |
| Intrinsic | Consistency | Cross-record constraint validation | ≥ 99.0% |
| Contextual | Timeliness | Data age vs. service-level agreement (SLA) | ≤ 24 h for operational systems |
| Contextual | Completeness | Non-null ratio for mandatory fields | ≥ 99.9% for key identifiers |
| Representational | Interpretability | Metadata coverage and data dictionary adherence | 100% for published datasets |
| Accessibility | Availability | Uptime percentage of data access endpoints | ≥ 99.9% (three nines) |
A common mistake in data quality programs: measuring all dimensions at the same frequency. The standard recommends different measurement cadences — intrinsic dimensions may be checked at ingestion time, contextual dimensions at query time, and representational dimensions only when the data schema or format changes.
2. The Data Quality Management Process
The standard defines a seven-step continuous improvement cycle: (1) define quality requirements based on stakeholder needs, (2) establish measurement criteria and thresholds, (3) assess current quality levels through profiling and auditing, (4) analyze root causes of quality issues, (5) plan and implement improvement actions, (6) monitor quality levels over time, and (7) communicate results and adjust requirements. This cycle aligns with the Plan-Do-Check-Act (PDCA) model familiar to quality management professionals.
From an implementation perspective, Step 3 (assessment) is where most data quality programs either succeed or stall. The standard recommends automated data profiling tools as the primary assessment mechanism, supplemented by manual sampling for dimensions that cannot be algorithmically verified (e.g., believability, which requires domain expert judgment). Integration with data catalog tools is critical — the standard explicitly links quality metrics to metadata management.
Organizations implementing the full seven-step cycle report a 3–5× return on investment in data quality programs within 18 months, according to industry surveys by Gartner and TDWI. The key success factor is not the sophistication of measurement tools but the closure of the feedback loop — Step 7 (communication) ensures that improvements are sustained.
3. Engineering Design Insights and Governance Integration
The standard positions data quality management as a core function of enterprise data governance rather than an isolated technical activity. It recommends establishing a Data Quality Steering Committee with representation from business, IT, and data stewardship functions. Quality rules should be defined in a business glossary and enforced at the point of data ingestion through automated validation workflows deployed in the data pipeline (e.g., Apache Kafka schema registry validation, Great Expectations test suites in data warehouses).
A key architectural recommendation from the standard is the concept of a “quality ledger” — an immutable log of quality measurements, improvement actions, and residual quality issues. This ledger serves as the authoritative record for audit and compliance purposes. In practice, this can be implemented using a blockchain-adjacent architecture (append-only log with cryptographic verification) or simpler approaches such as a dedicated quality event store in the data lake.
The standard explicitly warns against ‘quality theater’ — performing extensive measurements without closing the improvement loop. If Step 5 (improvement actions) is skipped, the measurement exercise becomes a net drain on resources. Every metric collected must trace to a specific improvement action or retirement decision.
Frequently Asked Questions
Q: How does ISO/IEC 25389 differ from ISO 8000?
ISO 8000 is the foundational data quality standard that defines general principles, terminology, and requirements. ISO/IEC 25389 builds on those principles to provide a management framework — including process definitions, role assignments, and governance structures — that organizations can implement directly. Think of ISO 8000 as the ‘what’ and ISO/IEC 25389 as the ‘how’.
ISO 8000 is the foundational data quality standard that defines general principles, terminology, and requirements. ISO/IEC 25389 builds on those principles to provide a management framework — including process definitions, role assignments, and governance structures — that organizations can implement directly. Think of ISO 8000 as the ‘what’ and ISO/IEC 25389 as the ‘how’.
Q: Can 25389 be applied to unstructured data?
The standard is primarily designed for structured and semi-structured data. For unstructured data (text, images, video), the standard recommends focusing on metadata quality and accessibility dimensions. Intrinsic quality assessment of unstructured content typically requires domain-specific methods not covered by the standard.
The standard is primarily designed for structured and semi-structured data. For unstructured data (text, images, video), the standard recommends focusing on metadata quality and accessibility dimensions. Intrinsic quality assessment of unstructured content typically requires domain-specific methods not covered by the standard.
Q: What is the recommended frequency of data quality assessments?
It depends on the dimension and the criticality of the data. Operational data quality checks (accuracy, completeness, timeliness) should be performed at every data ingestion event. Strategic assessments involving multiple dimensions should be conducted quarterly or whenever the data source schema changes significantly.
It depends on the dimension and the criticality of the data. Operational data quality checks (accuracy, completeness, timeliness) should be performed at every data ingestion event. Strategic assessments involving multiple dimensions should be conducted quarterly or whenever the data source schema changes significantly.
Q: How does 25389 relate to data catalog tools like Collibra or Alation?
The standard provides the process and governance structure; data catalog tools are implementation vehicles. A compliant implementation would configure the data catalog to store quality dimension definitions, measurement results, and improvement action tracking — essentially using the catalog as the quality ledger described in the standard.
The standard provides the process and governance structure; data catalog tools are implementation vehicles. A compliant implementation would configure the data catalog to store quality dimension definitions, measurement results, and improvement action tracking — essentially using the catalog as the quality ledger described in the standard.
