Understanding Tags
Learn how governance tags organize content, enable automation, and provide accountability across your governance program.
What Are Tags?
Tags are controlled vocabulary terms that categorize and connect governance content within each domain. When you select a domain like Data Management during onboarding, you inherit its full tag family — curated terms like data-quality, metadata, data-lineage, and backup-recovery.
Unlike free-form labels, governance tags are managed vocabulary: each tag is scoped to a domain, has a lifecycle state, and can have an owner responsible for the content it covers.
Why Tags Matter
Tags serve three purposes in your governance program:
1. Organization and Discovery
Every statement, glossary term, and regulation can be tagged. Tags are the primary way to slice through your governance content:
- Filter the Library by tag to find all statements related to
encryptionorconsent - See which statements span multiple concerns (a statement tagged both
data-qualityandcompliance-monitoring) - Navigate from a tag to everything it touches — statements, glossary terms, frameworks, and regulations
2. Automation
Tags aren't passive labels. Each tag can carry automation rules that trigger actions:
- Create an action item when a statement with a specific tag enters review
- Notify the tag owner when new content is tagged in their area
- Flag lifecycle changes when a tag moves from active to deprecated
This turns tagging into an active governance workflow — not just filing, but orchestration.
3. Accountability
Each tag can have a designated owner — the person responsible for that area of governance. If your organization has a data quality lead, they own the data-quality tag and can see everything tagged under it across domains. This creates clear lines of responsibility without adding organizational hierarchy.
Tag Lifecycle
Tags move through three lifecycle states:
| State | Meaning |
|---|---|
| Active | In use — content can be tagged with this term |
| Deprecated | Being phased out — existing tagged content remains, but new tagging is discouraged |
| Retired | No longer in use — hidden from tag selectors |
This lifecycle ensures your governance vocabulary evolves cleanly as your program matures, without breaking existing references.
How Tags Are Provisioned
During onboarding, each domain you select comes with a pre-built tag family. These are curated by governance domain experts to cover the standard vocabulary for that area:
| Domain | Example Tags | Count |
|---|---|---|
| Data Management | data-architecture, data-quality, metadata, data-lifecycle | 12 |
| Privacy & Data Protection | GDPR, consent, data-subject-rights, breach-notification | 14 |
| AI Governance | model-risk, bias-fairness, explainability, EU-AI-Act | 14 |
| Information Security | access-control, encryption, incident-response, zero-trust | 12 |
You can add custom tags at any time — the seeded vocabulary is a starting point, not a constraint.
Tags vs. Domains
Domains are broad governance categories (Data Management, Privacy, Risk Management). Tags are the fine-grained vocabulary within each domain. Think of domains as chapters and tags as the index terms within each chapter.
A single statement typically belongs to one domain but can carry multiple tags. For example, a data retention statement in the Privacy domain might carry tags retention, GDPR, and data-lifecycle.
Managing Tags
Navigate to Settings > Domains to view and manage your tag vocabulary. From there you can:
- Browse all tags within each domain
- Add custom tags for organization-specific concepts
- Assign tag owners
- Deprecate tags that are no longer relevant
- Configure automation rules per tag