Governance is a set of internal rules and policies that insures the organization remains focused on the achievement of a goal or objective. In Privacy matters within the context of Bill 64, these policies and practices must be aimed at ensuring the protection of PII. They must therefore provide rules and processes for the conservation and destruction of PII, determine the duties and responsibilities of staff members throughout their life cycle, and establish a process for handling complaints. This includes the elaboration of compatible policies pertaining, among others, to third-party suppliers, security and cybersecurity, remote work, the roles and responsibilities of the data protection officer (DPO), the training of personnel, data breaches or cyber-incidents, etc. As such, it constitutes an important management tool to coordinate all the parts of an organization towards the protection of PII.