Tip: Not every CDO needs every attribute — focus on what’s essential for business clarity, governance, and compliance. Keep definitions short, practical, and easy to update.
Each attribute below carries a second purpose: it shapes how AI agents, MCP servers, and retrieval pipelines can use the CDO directly. Read the italic commentary alongside each row.
Core (Functional)
| Attribute | Guideline | Example |
|---|---|---|
| Name | Short, business-friendly label for the CDO. Used as the canonical token in MCP tool names, RAG indexes, and agent prompts — eliminates synonym drift ("Client" vs "Customer" vs "Account") that derails AI retrieval. | Customer |
| Business Meaning & Definition | One-sentence summary in plain English. Becomes the description field exposed to LLMs via MCP servers and tool schemas — models match user intent to the right concept by meaning, not by guessing from column names. | "A person or organisation that has an active relationship with the enterprise and may transact with it." |
| Type | Category (External Standard, Canonical, Bespoke). Signals to AI agents how much trust to place in the concept — autonomous actions can be permitted on External/Canonical CDOs and gated for human review on Bespoke ones. | Canonical |
| Relationships | List inbound and outbound links to other CDOs. Lets AI agents traverse the enterprise data graph deterministically (Customer → Order → Invoice) instead of hallucinating joins or inventing foreign keys. | Customer → places → Order; Customer → owns → Account |
| Mandatory Attributes | Key business fields that must be present. Defines the required argument shape for MCP tool calls — the LLM knows what it must collect from the user before invoking an action. | CustomerID, LegalName, ContactEmail, Country |
| Validation Rules | Constraints (uniqueness, mandatory fields, valid ranges). Machine-readable guardrails that automatically reject malformed AI-generated payloads before they hit downstream systems — turns "hope" into enforcement. | CustomerID unique; ContactEmail per RFC 5322; Country in ISO 3166-1 |
| Interoperability | Ability to map to external standards or internal canonical models. Enables AI agents to translate between vendor schemas and the enterprise concept on the fly, so the same prompt works whether the data lives in Workday, SAP, or a CSV. | Maps to ISO 20022 "Party"; SAP Business Partner; Salesforce Account |
| Usage Scenarios | Where and how the CDO is used (reporting, analytics, integration, compliance). Used by AI tool-routers to decide which agent or skill should handle a given query — improves tool selection accuracy in multi-agent workflows. | CRM segmentation, billing, KYC reporting, churn analytics |
| Effective Date & Version | When the current definition applies; track changes. AI agents and embeddings must pin to a version — without this, a model can quote a definition that was retired last quarter and confidently mislead the user. | v2.3, effective 2025-07-01 |
| Authoritative source | Who owns or governs the CDO (internal or external). Gives AI agents a citation target and a human escalation path — every AI-generated answer about this concept can attribute back to a known steward. | Customer Data Office — Steward: J. Doe |
| Usage Notes | Consuming domains, reports, APIs, integrations. Tells AI orchestrators which downstream systems will be touched by a tool call — essential for impact assessment, blast-radius control, and "are you sure?" confirmations. | Consumed by Billing, Analytics Warehouse, Marketing Automation |
Supporting (Non-Functional)
| Attribute | Guideline | Example |
|---|---|---|
| Performance | Response time targets for queries and API calls. Determines whether the CDO can be called inline during a chat turn or must be cached/pre-fetched — directly shapes AI agent latency budgets. | Lookup ≤ 200 ms p95; search ≤ 500 ms p95 |
| Scalability | Ability to handle growth in data volume. AI workloads are bursty (one prompt fans out into many tool calls) — capacity must flex without throttling agents mid-task. | 10M records today; 30% YoY growth; burst 500 req/s |
| Availability | Uptime targets (e.g., 99.9% for critical CDOs). When AI sits in the critical path, a CDO outage cascades into a visible AI failure — availability is now a user-experience metric, not just an infrastructure one. | 99.95% uptime, 24×7 |
| Resiliency | Disaster recovery and failover capabilities (RPO/RTO). AI agents that fail silently are dangerous; failover behaviour must be explicit so the agent either retries cleanly or refuses, never fabricates. | RPO 15 min; RTO 1 hour; multi-region active-passive |
| Quality rules | Checks for accuracy, completeness, uniqueness, and reference integrity. Poor data quality is amplified by AI — bad inputs become confident wrong outputs at scale. Quality rules are the upstream defence against hallucination. | <0.1% duplicate rate; 100% mandatory fields populated; FK integrity to Country |
| Lifecycle | Creation, update, archival, and review cadence. RAG corpora and fine-tuning datasets must respect the CDO lifecycle — otherwise AI keeps surfacing deprecated definitions long after the business has moved on. | Created on first transaction; reviewed annually; archived 7 years after last activity |
| Security | Encryption, access controls (RBAC, MFA) for sensitive data. AI agents inherit the caller's identity; RBAC enforced at the CDO prevents oversharing through prompt injection, summarisation, or careless context-window leakage. | RBAC; PII fields AES-256 at rest; TLS 1.3 in transit; MFA for write |
| Compliance | Privacy, retention, and regulatory constraints. AI inference can re-expose redacted data through paraphrase — compliance must be enforced at the CDO so sensitive content never enters the model's context window in the first place. | GDPR Art. 17 (right to erasure); 7-year tax retention; APP (Australia) |
| Auditability | Full change history and version control. Every AI-driven decision needs a reproducible trail: which definition, which version, which rules were in force at the moment of inference. | Every field change logged with user, timestamp, before/after; immutable audit store |
| Maintainability | Ease of updating definitions and propagating changes. AI tooling subscribed to the CDO (vector stores, MCP schemas, prompt templates) needs predictable change events to refresh embeddings and tool definitions automatically. | Schema changes published via change-event topic; semver versioning |
| Portability | Technology-independent representation (e.g., JSON, XML, UML). Directly consumable by MCP servers, OpenAPI tool schemas, and vector embeddings — a portable CDO is an AI-ready CDO with no glue code. | JSON Schema + OpenAPI 3.1 definition; UML class diagram |
AI-Native Attributes
Recommended additions for AI / agentic deployments. Treating CDOs as first-class AI resources requires a small set of additional attributes. These make a CDO directly usable by MCP servers, agent frameworks, and retrieval pipelines — without bolt-on glue code or one-off integration projects.
| AI Attribute | Guideline | Example |
|---|---|---|
| MCP / Tool Exposure | Whether and how the CDO is exposed through MCP servers, tool schemas, or agent APIs. Defines the AI-callable contract: read, write, search, subscribe — and the auth model that applies. | mcp://crm/customer — read, search; write gated by OAuth scope customer.write |
| Semantic Representation | Recommended embedding model, chunking strategy, and synonyms/aliases for retrieval. Ensures consistent semantic search behaviour across every AI application referencing the same concept. | text-embedding-3-large; 512-token chunks; aliases: "Client", "Account", "Party" |
| AI Usage Policy | Permitted AI uses: retrieval, summarisation, inference, training, fine-tuning, third-party LLM exposure. Prevents sensitive or contractually-restricted CDOs from leaking into model training or external services. | Retrieval & summarisation: allowed; training & 3rd-party LLM: disallowed |
| Grounding Status | Whether this CDO is approved as a source-of-truth anchor for RAG and agentic workflows. Distinguishes ground-truth concepts from informational ones — a critical control on hallucination. | Approved RAG anchor for sales-assist and support agents |
| Confidence & Provenance Signals | Required signals returned with the data (source system, freshness, confidence score, last-validated timestamp). Lets AI agents weight evidence and tell the user when an answer is provisional. | source=CRM; freshness ≤ 5 min; confidence 0.95; validated 2025-08-15T10:00Z |
| Human-in-the-Loop Triggers | Conditions under which AI actions on this CDO require human approval (e.g., create, delete, value above threshold). Defines blast-radius limits for autonomous agents. | Approval required for create, delete, merge, or any change to LegalName / Country |