I've always thought that effective versioning was one of the pillars of good technology governance, but often more in theory than in practice. There's a lot one can do to spoil a good idea in the implementation.
Take Git, every programmer's favourite versioning tool, for instance. Great, productive tool which doesn't "get in the way", but a basic Git installation certainly brings potential governance issues - do you want everybody to have a copy of your repository, holding all of your IP on their own laptop for example? I know people who have implemented Git and then found themselves implementing lots more, unanticipated, software just to bring it all under control.
It can be done, of course, but best to plan for it in advance. One tool that claims to help an organisation to manage its Git repositories at scale is Perforce. There are others, and perhaps Perforce has had a bit of an old-fashioned reputation, at least with people who didn't need ultimate scalability.
Now, however, there's a "sexy" new version of Perforce, called Helix - and there's an educational webinar you can use to find out about it on the Perforce site. This offers new DVCS (Distributed Version Control) capabilities, Git management features, a SaaS option - and (something I find particularly interesting) advanced threat detection capabilities. What this last feature is based on is analytics applied to the repository, so that potential or actual IP theft, for example, can be identified by analysing possibly dysfunctional behaviours around the company's IP/Code Repository. For example, someone downloading large amounts of code that isn't part of what they are working on, might be rather suspicious (although be careful about just assuming evil intent; it might be simple, if possibly misplaced, curiosity).
From a different point-of-view, this is just bringing Perforce into the world of Big Data - this isn't "big" in the sense of large size, particularly; but in the sense of a bigger scope. All data, wherever it is, is now available for analytics, in the interests of all sorts of decision-support and governance - it's now all about a lot more than just analysing relational databases for customer behaviour. Analysing your code/IP repository for dysfunctional behaviour, even by in-house employees and consultants, is just another example of the wider use of data we tend to call "Big Data", in today's data-focused organisations.