Forrester Wave data governance results: what IAM teams should notice

TL;DR: Data governance is becoming a control plane for AI readiness, not just a reporting function, according to Forrester, which named Collibra a Leader in its Data Governance Solutions Wave after assessing 13 vendors across 28 criteria, with the report highlighting AI governance, lineage analysis, observability, and policy modelling as key differentiators. The result matters because data governance is becoming a control plane for AI readiness, not just a reporting function.

NHIMG editorial — based on content published by Collibra: Collibra named a Leader in The Forrester Wave™: Data Governance Solutions, Q3 2025

Questions worth separating out

Q: How should security teams connect data governance with IAM controls?

A: Security teams should connect data governance with IAM by tying asset classification, policy decisions, and lineage evidence back to named owners and entitlement records.

Q: Why does lineage matter for identity and access governance?

A: Lineage matters because it shows how data moved, who touched it, and which rules applied along the way.

Q: When should organisations treat a data governance platform as part of security architecture?

A: Organisations should treat a data governance platform as part of security architecture when it affects access approval, sensitive-data sharing, auditability, or AI consumption paths.

Practitioner guidance

• Map data governance outputs to access decisions Require the governance platform to show who approved access, which policy applied, and what downstream datasets or models inherited that access.
• Test lineage for AI and audit use cases together Validate whether lineage survives data movement across warehouses, BI tools, and AI pipelines.
• Align workflow ownership with sensitive-data classes Assign explicit approvers for high-risk data classes and ensure the workflow engine records ownership, escalation, and retention.

What's in the full article

Collibra's full blog post covers the operational detail this post intentionally leaves for the source:

• How the platform maps data classification, lineage, and policy modelling into a single operating model
• Which governance criteria Forrester says distinguish mature platforms, including workflow and observability
• The full set of product positioning around AI governance, data sharing, and compliance support
• The vendor's own explanation of why configurability matters for complex enterprise governance needs

👉 Read Collibra’s post on the Forrester Wave for data governance solutions →

Forrester Wave data governance results: what IAM teams should notice?

Explore further

View Full Forum →  |  NHI Foundation Course →