Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
ISO/IEC TR 26905:2022 — Information Technology — Data Management — Data Quality Management Maturity Model
A Structured Framework for Assessing and Improving Organizational Data Quality Capabilities
Introduction to ISO/IEC TR 26905:2022
ISO/IEC TR 26905:2022 presents a comprehensive Data Quality Management Maturity Model (DQMM) that enables organizations to assess and systematically improve their data quality management capabilities. In the era of big data, AI, and regulatory compliance (GDPR, CCPA, etc.), the ability to manage data quality as an organizational capability — rather than a project-by-project afterthought — has become a strategic imperative.
The DQMM draws inspiration from established maturity frameworks like CMMI and ISO 33004 but is specifically tailored for data quality management processes. It recognizes that data quality is not merely a technical problem but an organizational discipline involving people, processes, and technology.
The model defines six maturity levels, each building upon the previous, providing a clear roadmap for organizational evolution from ad-hoc data quality practices to optimized, continuously improving data quality management. The framework covers six process areas that collectively address the full spectrum of data quality management.
Maturity Levels and Process Areas
The DQMM defines six maturity levels and six process areas. The table below maps the process areas across maturity levels, showing the expected capability at each stage:
| Maturity Level | Description | Key Characteristics |
|---|---|---|
| Level 0 — Incomplete | No data quality processes exist | Data issues handled reactively; no awareness of data quality as a discipline |
| Level 1 — Performed | Data quality activities performed on ad-hoc basis | Individual projects may have data validation; no organizational standards; hero-driven quality |
| Level 2 — Managed | Data quality processes planned and monitored | Basic data quality roles assigned; metrics tracked; issue escalation process exists |
| Level 3 — Established | Standard organizational data quality processes | Organization-wide data quality policy; standard measurement definitions; training programs |
| Level 4 — Predictable | Quantitatively managed data quality | Statistical process control for data quality; predictive analytics for quality degradation |
| Level 5 — Optimizing | Continuous improvement through quantitative feedback | Automated data quality remediation; AI-driven quality optimization; self-healing data pipelines |
The six process areas evaluated are: Data Quality Governance, Data Quality Measurement, Data Quality Improvement, Data Quality Assurance, Data Quality Culture, and Data Quality Technology Infrastructure. Each process area has specific goals and practices defined for each maturity level.
A distinguishing feature of TR 26905 is the inclusion of “Data Quality Culture” as a distinct process area — acknowledging that technical solutions alone cannot achieve sustainable data quality without organizational cultural change.
Engineering Insights and Implementation Guidance
Data Quality Measurement Framework
The report defines six dimensions of data quality measurement: completeness, uniqueness, timeliness, validity, accuracy, and consistency. For each dimension, TR 26905 provides standardized measurement definitions, computation formulas, and acceptable threshold ranges. For example, completeness is measured as the ratio of non-null values to expected total values, with acceptable thresholds varying by data criticality — critical data elements (e.g., patient identifiers in healthcare) require 99.9%+ completeness, while informational fields may tolerate 95%.
One of the most frequently overlooked aspects in practice is the interdependency between quality dimensions. For instance, improving timeliness (fresher data) often degrades completeness (more missing values due to incomplete ingestion). TR 26905’s maturity model helps organizations recognize and manage such trade-offs systematically.
Assessment Methodology
The DQMM assessment follows a structured process: scoping (identifying organizational units and data domains under assessment), evidence collection (interviews, process documentation review, data quality metric analysis), scoring (per process area per maturity level), and reporting. The report includes detailed assessment instruments — maturity questionnaires, evidence checklists, and scoring rubrics — enabling consistent evaluations across different organizational contexts.
Practical Roadmap for Maturity Advancement
Based on extensive industry experience documented in the report, organizations typically require 12-18 months to advance one maturity level. The report provides specific action plans for each transition:
- Level 0 to 1: Identify data quality champions, establish basic data profiling, document critical data elements
- Level 1 to 2: Assign data quality roles, define SLA targets, implement issue tracking
- Level 2 to 3: Adopt organization-wide data quality policy, standardize measurement, establish training
- Level 3 to 4: Implement statistical process control, deploy automated monitoring, develop prediction models
- Level 4 to 5: Automate remediation workflows, implement self-healing capabilities, optimize using ML
TR 26905 warns against the “big bang” approach — attempting to jump from Level 1 to Level 4 in a single program. Each level requires foundational capabilities that must be built sequentially. Organizations that skip levels typically see their data quality initiatives stall within 6-12 months.
Frequently Asked Questions
Q1: How does TR 26905 relate to ISO 8000 (Data Quality)?
A: ISO 8000 provides the fundamental data quality characteristics and exchange requirements, while TR 26905 focuses on the organizational capability maturity for managing data quality. They are complementary — ISO 8000 defines “what good data looks like,” while TR 26905 defines “how to build an organization that consistently produces good data.”
A: ISO 8000 provides the fundamental data quality characteristics and exchange requirements, while TR 26905 focuses on the organizational capability maturity for managing data quality. They are complementary — ISO 8000 defines “what good data looks like,” while TR 26905 defines “how to build an organization that consistently produces good data.”
Q2: Can TR 26905 be applied to small organizations?
A: Yes, the model is scalable. Small organizations can implement a simplified version focusing on the most critical process areas and data domains. The report provides guidance on tailoring the assessment scope for organizations with fewer than 50 employees, suggesting a focus on Data Quality Measurement and Data Quality Governance as starting points.
A: Yes, the model is scalable. Small organizations can implement a simplified version focusing on the most critical process areas and data domains. The report provides guidance on tailoring the assessment scope for organizations with fewer than 50 employees, suggesting a focus on Data Quality Measurement and Data Quality Governance as starting points.
Q3: How long does a DQMM assessment take?
A: A full organizational assessment typically takes 4-8 weeks depending on scope. The report provides accelerated assessment variants: a rapid assessment (1-2 weeks, focusing on gap analysis) and a comprehensive assessment (6-8 weeks, including detailed evidence collection and scoring).
A: A full organizational assessment typically takes 4-8 weeks depending on scope. The report provides accelerated assessment variants: a rapid assessment (1-2 weeks, focusing on gap analysis) and a comprehensive assessment (6-8 weeks, including detailed evidence collection and scoring).
Q4: What tools support DQMM implementation?
A: The report does not mandate specific tools but categorizes supporting technology into: data profiling tools (e.g., Talend, Informatica), data quality monitoring platforms (e.g., Great Expectations, Ataccama), data governance platforms (e.g., Collibra, Alation), and data catalogs (e.g., Apache Atlas, AWS Glue). The maturity level determines which tool categories are most relevant.
A: The report does not mandate specific tools but categorizes supporting technology into: data profiling tools (e.g., Talend, Informatica), data quality monitoring platforms (e.g., Great Expectations, Ataccama), data governance platforms (e.g., Collibra, Alation), and data catalogs (e.g., Apache Atlas, AWS Glue). The maturity level determines which tool categories are most relevant.
