Introducing Data Governance Skills for Cortex Code

How to go from assessment to a well-governed account in a single Cortex Code session

Step 1: Get your score. Cortex Code assesses your account across three pillars — data classification, data protection and access monitoring — and returns a maturity score from 0 (ungoverned) to 5 (fully mature). Ask:
"What is my governance maturity score?"

You'll see your current score (0-5), per-database status and specific gaps holding you back.

Step 2: Close the "Know" gap. If your score reveals unclassified databases, fix it immediately:
"Scan my ANALYTICS database for PII"
"Create a classification profile for PROD_DB with auto-tagging enabled"

Step 3: Close the "Protect" gap. Classification without protection is visibility without action. Mask what you found:
"Create masking policies for all PII columns found in ANALYTICS"
"Are there any antipatterns in my existing policies?"

Step 4: Close the "Monitor" gap. Governance isn't a one time event. Set up ongoing auditing:
"Who has accessed sensitive data in the last 30 days?"
"Set up an alert if data quality in ANALYTICS.CORE drops below 90%"

Step 5: Measure your progress. After remediation, rerun the assessment to see your improvement:
"What is my governance maturity score now?"

Compare before and after. Track your score over time. Report it to leadership as a quantified measure of governance maturity.

The entire workflow — from first assessment and remediated gaps to rescored account — can happen in a single Cortex Code session. No Jira tickets. No hand-offs. No waiting.

Get started in minutes

Data Governance Skills are available today in Cortex Code CLI. Install and connect:

Then run your first governance command:
"What is my governance maturity score?"

Access requirements: You need access to ACCOUNT_USAGE views (roles: OBJECT_VIEWER, USAGE_VIEWER, GOVERNANCE_VIEWER, SECURITY_VIEWER) and appropriate privileges on the objects you want to govern.

Governance must be native, intelligent and conversational.

One platform, one source of truth

In Snowflake, governance capabilities aren't a separate product — they’re built into the same platform where your data lives. Classification, masking policies, row access policies, lineage and data quality monitoring are all part of Horizon Catalog. That means everything is connected: Classify a column, and that classification is immediately visible in lineage. Trace lineage, and you see which columns have policies and which don't. When a quality metric fails, you can trace it upstream through the same lineage graph to find the root cause. There's no sync job, no metadata export, no "the catalog is six hours behind." Governance metadata stays current because it's derived from the same system that processes your queries.

Cortex Code makes this governance conversational. The Data Governance Skills aren't generic AI prompts — they're built on more than 100 verified query patterns purpose built for Snowflake's governance views. When you ask "Who accessed sensitive data last week?" Cortex Code selects from battle-tested patterns that handle the complexity of governance queries so you don't have to. The result: a governance framework that's native to your platform, powered by AI that understands your metadata and accessible to everyone in their native language — not just the engineers who know SQL.

A full suite of Data Governance Skills in a single conversational interface

Cortex Code automatically selects the right governance Skill based on your question — no special commands needed. Here's what each Skill does and how you can start using it immediately.

General data governance: Audit who accessed what data, analyze permissions and role hierarchies, monitor compliance posture, investigate object dependencies, and track DDL changes — all by asking in natural language. Behind the scenes, Cortex Code generates the complex queries against ACCESS_HISTORY that typically take senior engineers significant time to write and debug manually.

• "Who has accessed the SALES.NA.CUSTOMERS table in the last 30 days?"
• "What masking policies are applied across my account?"
• "What tables were accessed outside of business hours last week?"
• "Show me the role hierarchy for my account"
• "Which users have run DDL operations on the FINANCE database in the last seven days?"

Sensitive data classification: Discover PII across tables or entire schemas using Snowflake's native SYSTEM$CLASSIFY function, which detects more than 150 sensitive data categories including emails, phone numbers, SSNs and addresses. Set up automated classification profiles for continuous monitoring, and create custom regex-based classifiers for domain-specific patterns your industry requires.

• "Scan SALES.NA.ORDERS for PII"
• "What PII exists across my ANALYTICS database?"
• "Create a classification profile for the PROD_DB database"
• "Create a custom classifier for employee IDs that match the pattern EMP-XXXXX"
• "Which tables need reclassification (older than 90 days)?"

Data protection policies: Create masking, row access and projection policies using best practices. Cortex Code generates policies with proven patterns — IS_ROLE_IN_SESSION() instead of the commonly misused CURRENT_ROLE(), memoizable functions for performance and attribute-based access control (ABAC) for flexibility. Audit existing policies against a security checklist, and get compliance-specific templates for HIPAA, PCI-DSS, GDPR, CCPA, SOX and FERPA.

• "Create a HIPAA-compliant masking policy for PHI columns"
• "Audit all masking policies in my account"
• "Are there any antipatterns in my existing data policies?"
• "Help me consolidate my scattered masking policies into reusable ones"
• "I need a projection policy to prevent the SSN column from appearing in query results"

Data quality: Get health scores for entire schemas, investigate failing metrics with root cause analysis, detect quality regressions, track trends over time, and set up automated SLA alerts — all powered by Snowflake's Data Metric Functions (DMFs). Teams shift from discovering quality issues after stakeholders complain to preventing issues before they propagate.

• "What is the data quality score for ANALYTICS.REPORTING?"
• "Why is the SALES.CUSTOMERS.ORDERS table failing quality checks?"
• "Has data quality improved or gotten worse in the FINANCE schema this month?"
• "Set up an alert if data quality in ANALYTICS.CORE drops below 90%"
• "Compare STAGING.ORDERS_V1 with STAGING.ORDERS_V2"

Lineage: Assess the impact of changes before making them, debug data issues by tracing upstream through transformation layers, discover trusted data sets with trust scoring based on schema tier and usage patterns, and trace column-level dependencies across your entire data estate. Impact analysis returns risk-scored results (CRITICAL, MODERATE, LOW) with usage frequency and affected user counts.

• "What will break if I change RAW_DB.SALES.ORDERS?"
• "Where does ANALYTICS_DB.REPORTING.REVENUE come from?"
• "Which table should I use for customer revenue analysis?"
• "What uses the AMOUNT column in SALES.ORDERS?"
• "Has the DISCOUNT_PCT column in ORDERS changed recently?"