ANSI Standard 859 has three levels of control of data, based on the criticality of the data and the perceived harm that would occur if data were corrupted or otherwise unavailable: formal, revision, and custody:
- Formal Control requires formal change initiation, thorough evaluation for impact, decision by a change authority, and full status accounting of implementation and validation to stakeholders
- Revision Control is less formal, notifying stakeholders and incrementing versions when a change is required
- Custody Control is the least formal, merely requiring safe storage and a means of retrieval
ANSI 859 recommends taking into account the following criteria when determining which control level applies to a Data Asset:
- Cost of providing and updating the asset
- Project impact, if changes will have significant cost or schedule consequences
- Other consequences of change to the enterprise or project
- Need to reuse the asset or earlier versions of the asset
- Maintenance of a history of change (when required by the enterprise or the project)