What is a core element of data governance policies?

Data governance policies define who can access data and how data is managed. This matters because governance is about ensuring data is used responsibly, securely, and consistently across the organization, which means setting clear access rights, roles, and procedures for handling data—from storage and retention to privacy and quality. That combination is what makes this option the best fit: it directly reflects both who may use data and how it should be managed. The other statements run counter to typical governance practices: data shouldn’t be publicly accessible without restrictions due to privacy and security; governance is not optional in most organizations; access should be guided by roles and business needs, not limited to IT staff alone.