Governance assessment

UTM governance assessment: score your control layers

Score the five controls that keep governed tracking stable, then fix the weakest layer first.

Start the assessment Open the starter kit
Assessment

Score the five control layers

Use 0 for missing, 1 for partial, and 2 for stable. The lowest layer is where the rebuild should start.

Overall maturity

0/30

Band:

Live result
Layer 1 — Naming contract
0/6
Layer 2 — Controlled vocabulary
0/6
Layer 3 — QA enforcement
0/6
Layer 4 — Governance ownership
0/6
Layer 5 — Reporting validation
0/6

Fastest next step

Answer the questions to see your weakest layer.

Open the starter kit

Layer 1 — Naming contract

Low scores here usually create duplicate campaigns, unreadable reports, and ad hoc naming that spreads fast.

Q1. Do you have a documented naming standard that everyone can access?

0 = missing · 1 = partial · 2 = stable

Q2. Is there a single campaign naming formula people follow?

Q3. Do requesters, approvers, and publishers use the same approved naming contract?

Layer 2 — Controlled vocabulary

Low scores here create aliases, synonyms, and rollups that stop reports from grouping cleanly.

Q1. Are approved sources, mediums, and campaign labels documented?

Q2. Do teams avoid inventing near-duplicate labels for the same meaning?

Q3. Is there a clear place to approve or reject new values before they are used?

Layer 3 — QA enforcement

Low scores here usually mean links launch without proof that they build, resolve, and preserve the data you expect.

Q1. Does every tracked link pass a consistent QA gate before launch?

Q2. Do approvers check redirect behavior, destination truth, and evidence before publish?

Q3. Are failed checks visible enough that links cannot slip through anyway?

Layer 4 — Governance ownership

Low scores here mean rules exist but nobody owns them long enough to keep the system stable.

Q1. Is there a named owner for governance decisions and exceptions?

Q2. Are changes, exceptions, and approvals recorded in one place?

Q3. Does the team review the system on a real cadence instead of only after breakage?

Layer 5 — Reporting validation

Low scores here mean launches happen, but nobody proves the tagged traffic lands in reporting the way the team expects.

Q1. Does someone verify source, medium, and campaign values after launch?

Q2. Do teams know which GA4 view and field should confirm the launch?

Q3. Are reporting mismatches investigated with a defined owner and proof trail?

Remediation

Fix the weakest layer first

Naming contract weak

Lock the naming standard before you try to clean reports downstream.

See the naming fix

Controlled vocabulary weak

Fix the approved values before you scale more campaigns or channels.

See the taxonomy fix

QA enforcement weak

Tighten the release gate so broken links stop slipping into live campaigns.

See the QA fix

Governance ownership weak

Make the deployment pack and rule layer usable before you add more process.

See the governance fix

Reporting validation weak

Confirm where values land in GA4 before you blame the build or naming layer.

See the validation fix
Next pages

Go deeper in governance assessment

UTM Governance Starter Kit

Deploy the minimum safe pack when governance is too weak to support clean launches.

Open the starter kit

UTM Governance Policy

Set the formal written rules when ownership, exceptions, and change control are unstable.

Open the policy

UTM Naming Conventions

Fix the naming contract when campaign labels drift or become unreadable.

Open naming conventions

UTM Taxonomy Design

Fix approved values and alias control when teams keep inventing new labels.

Open taxonomy design

UTM QA Checklist

Rebuild release discipline when links are launching without reliable human signoff.

Open the QA checklist

Where UTMs Show in GA4

Rebuild validation when the team cannot prove source, medium, and campaign values after launch.

Open the GA4 validation page