How can you begin to work with information governance in your organization without make it an administrative nightmare?

My recommendation is that you start with a basic business glossary of business terms.

The example shows the glossary for Artmann Studio & Artmann Media, that I put up on our intranet last week. The list was created with help of AI, and the effort was limited.

Each term is associated with a business capability, and each of them should have a business owner and a data steward.

Next, when implementing governance, you also need to describe the processes used for governance.

To make it simple, I suggest three very basic process flows. 1. Add a new tem, 2. Change an existing term. 3. Revoke a term, make it depreciated.

Being lazy, I asked copilot to create an initial first process that let's everyone suggest a new term. See below.

The Principle: Anyone Can Suggest, Few Can Approve

A scalable glossary process must balance openness and control:

• Anyone (employee, contractor, stakeholder) can propose a new term

• Data Stewards ensure quality, structure, and consistency

• Business Owners validate meaning and approve usage

This separation is critical:

• Without openness → innovation stops

• Without governance → chaos emerges

---

The Add Term Process (Operational Design)

Below is a structured, production-ready process that can be implemented directly in SharePoint with workflow support.

---

Step 1 — Submit Term Request

Actor: Requestor (employee, contractor, data steward, business owner)

The process begins when someone identifies a missing concept.

Required input:

• Term name

• Proposed definition

• Business capability (context)

• Requestor

The term is stored as a new item in the glossary list.

Status: Draft

👉 Design principle: Lower the barrier to entry. If capturing a term is difficult, it will not be done.

---

Step 2 — Triage and Deduplication

Actor: Data Steward

The first responsibility of governance is not enrichment—it is control.

The Data Steward:

• Checks for existing terms or duplicates

• Validates relevance within the business capability

• Assigns ownership

Status: Under Review

👉 Design principle: A glossary without deduplication quickly becomes unusable.

---

Step 3 — Enrich and Structure the Term

Actor: Data Steward

At this stage, the term evolves from a suggestion into a managed information asset.

The Data Steward SHALL:

• Refine the definition (clear, unambiguous, testable)

• Add synonyms and related terms

• Classify the term within a taxonomy

• Map the term to information objects (e.g., SID entities, logical data objects)

This is where the glossary connects to your information architecture.

👉 Design principle: A term without structure is just text. A structured term becomes reusable knowledge.

---

Step 4 — Business Validation

Actor: Business Owner

The Business Owner validates that the term reflects real business meaning.

They SHALL:

• Confirm the definition is correct and usable

• Ensure alignment with business language and practice

• Approve or reject the term

Status:

• Approved

• or Rejected

👉 Design principle: Only the business can define meaning. Architecture ensures structure—not semantics.

---

Step 5 — Publish the Term

Actor: System / Data Steward

Once approved, the term becomes an official part of the enterprise vocabulary.

The system SHALL:

• Publish the term for all users (internal and external where relevant)

• Assign version = 1.0

• Set an effective date

Status: Published

👉 Design principle: If a term is not published and discoverable, it does not exist.

I was running a consulting company in my garage in the early 90's. A few years later I was hosting public web-servers from the same site.

You needed a public IP-address to run a public server, and I had aquired a C-network from the Swedish domain registry at that time, KTH.

As I was running both public and non-public servers, I divided the network in subnets according to the RFC. I.e. a network with netmask 255.255.255.192.

Fast foward to last week. Modern times but still running IPv4 with same network setup, with subnet masks. Now film production instead of consulting.

Why you may wonder? It works is the simple answer. If it ain't broken, don't fix it.

However, I got new equipment that couldn't connect to a wi-fi network with non-default mask.

Long overdue, I decided to change the logical network topology to several non-public C-networks, including all static adresses for servers.

The router was bought in Stockholm 15 years ago. A professional device, rackmount, with two wan ports, four LAN ports including DMZ. I haven't touched more than once, and then when we moved to Skåne. With a +30 year old network topology.

Do you know all passwords to all network devices? I found out that I didn't.

Hardware reset made a miracle, but the admin webserver didn't work with modern browsers due to certificates. Found a retitered MacBook and could log in.

After a quick basic setup, I could reconnect my mesh wi-fi and the new piece of equipment worked. Horray.

Then I continued to set up the router properly and installed the latest parches, from 2013. Reboot, and the router was bricked. I've passed the point of no return. End-of-life since long ago.

Bought a new router and installed it properly, one class C-network, mesh wi-fi for normal operation, guest network and IoT network. Everything critical up same day, non-critical next day.

When restarting the serves, one raid disk stopped working. The disks have been running for ten years, 24h and 365 days per year. Both hardware and RAID software was end-of-life and no support avaliable.

Positive with this new setup is a backup wan-link with a 5G router and an extra switch to separe different types traffic.

I also created an asset inventory with equipment and adressing as a shared list in Sharepoint. Included lifecycle management  and financial assessment management.

Password for router included in normal routines.

Backup routines worked as the should, so no data lost.

Why did this happen? The simple answer that IT, especially infrastructure is not treated as core business, and as long it works nobody notices.

IT in film production equipment and core applications for film production is another story with regular updates and planned changes.

The worst part? The situation for many larger organizations are not better.

IT doesn't matter, until it does.

If you do show jumping, you need to be both in the actual moment but also look up to steer where you going next. Otherwise, you fail and it hurts.

As an enterprise architect, you also need to look at now, new and next simultaneously.

To be a top rider, you need to master the fundamentals, regardless of the challenges you meet in the arena. Not being an expert on one type of fence.

To master Enterprise Architecture, you need to be really good at the fundamentals, not expert on a certain type of software or AI platform.

The new is using AI as an architect to improve productivity. For this you need experience to be able to guide AI to a suitable solution, based on the complex problem you face. Holistic view, experience from many areas and knowledge of best practices are key traits.

My qualified guess on what comes next is the demise of Enterprise IT architecture roles, e.g. Ivory tower architects. The effort to manage IT architecture on enterprise level will be much lower due to use pf AI-tools. Remaining part will be stakeholder management, both business and IT.

The role in the future will probably be more of support to assure seed to bread, from initial business idea, to major change to business and IT in operation. E.g. program architect or senior delivery architect.

The skills you need then is both business and information architecture, as well as traditional application and infrastructure.

Think renaissance person. Think of being able to step into a business role as well as developing code.

Finally, you are accountable, not AI.

Don't give advice to software developers if they don't ask for help. You will get an answer like  “I can handle it myself."

The crux is often that they don't see the full picture and underestimate the complexity & effort to solve the problem.

If you are a seasoned enterprise architect or program manager, you seen it before.

I'm humble when it cames to solve complex problem. If I try to do it all by myself, I know that I will miss something.

I'm also lazy. If I can reuse something that is applicable in the same context, then I try to do it. Not inventing the wheel again, and again.

When doing enterprise architecture, I'm always starting with IAF, as it covers business, information, application and infrastructure, plus security and governance. You allways need some parts.

For information architecture, basic IAF as structure. Alternatively "Verksamhetsarkitektur på IRMs sätt". More or less the same.

“I can handle it myself." don't work when it comes to architecture frameworks.

Another timesaver is to use process and information frameworks for the industry you are in.

If you say that your information model will better and done faster, I would be very doubtful. I was part of a team that begun this work in 2001, before modern TMF frameworks where in place. It took a long time.

Then we have those who refuse to use AI. I still remember some colleagues that said computers with mice where toys when I bought an SE/30 to the marketing department.

Without a carrot or stick, you can just wait until they fail, and then try to help.

The new thing is, with generative AI, you can develop code from from scratch. However, both software developers and AI need guidance to write maintainable code and avoid technical debt.

What I'm doing right now privately, not with our clients, is to use generative AI (Copilot) to develop a domain architecture in EA style, a solution architecture aligned with the domain and a software development playbook. All of this will be input to Claude and the development of iPhone front-end and Azure backend.

This is now for me and new for many of our clients. What about next and beyond?

In the old days, you wrote code from scratch to support your core business. Then COTS solutions for common things like finance, supply-chain etc. The trend continued with SaaS in the cloud.

What if development cost becomes low, not free, in the future. What are the implications?

Today, we have the 80/20 rule. 80% of the IT budget goes to maintenance of everything that is in production, e.g. legacy. So if you want to lower your TCO, you need to address the question how to use AI to manage your existing applications cheaper.

Eventually, the possibility to write and maintain your own code, will put a price pressure on large COTS and SaaS vendors. I'm looking at you SAP, Oracle, Microsoft, Salesforce and others.

The other prediction is that if your business heavily relies on IT, then it will be much cheaper for competitors to challenge our market dominance. Finance and insurance is a typical sector that may be impacted. Same goes for typical on-line business selling services and social media platforms. The brand, and trust in you, is fare more important than your IT in the future.

If your in physical world, less of a challenge, at least for next.

Beyond next? I would take inspiration from sience fiction and continue to polish the crystal ball.

For film production, focus should be on creativity and storytelling, and try to do lean productions to lower the costs