Effective model risk management requires a combination of analytical skills, governance and organizational structure, as well as the ability to negotiate. In early studies of model risk management (MRM), analytics and model validation were the primary points of focus. Various writers led the way in discussing the possibility of model errors and the need for analytic review and skepticism toward models and results. Others addressed the risk of assuming models to accurately represent or measure risk within financial institutions. Losses due to model failure resulted in fresh regulations addressing the risk posed by inaccurate or inappropriate models. Very few writers, however, have addressed comprehensive model risk governance, organization or negotiation structures within MRM. This paper expands on the foundation of model risk analytics to address the governance, organizational and human behavior challenges associated with enterprise MRM. It proposes a comprehensive framework for model risk governance, organizational responsibilities and human behavior covering the Risk Committee of the Board to MRM. It expands the definition of models into decision-support tools (DSTs) so that end-user computing (EUC), big data analytics and machine-learning DSTs may be included in model risk governance, organization, negotiation and control.