...
<== Back to Area 3 - Glossary | Forward to Area 5 - Standards ==> | Models for referenced objects: Referenceable
...
Area 4 covers the types that store information needed to govern the assets described in area 2. In a similar way to the glossary (area 3) this information is authored in the metadata repositories and then distributed to the enforcement points and data platforms to action and return measurements that can be used to confirm that the governance program has a positive effect.
Figure 1: Summary of area 4 for governance |
Governance Definitions
The definitions that control the governance of data resources are authored in the metadata repository. They are Referenceable, which means they have a unique identifier and link to external references for more information.
Figure 2: Root for all governance definitions |
Governance Drivers
Governance Drivers provide the core requirements of the governance program. The data strategy is derived from the business strategy. It defines how data supports the business strategy. Regulations define legal requirements relating to data management. Reconciling the data strategy with the regulations creates synergies in an organization's approach to data management.
Figure 3: What drives the governance program |
Governance Responses
Regulations and the Data Strategy are broken down into 3 types of policies: Principles that defines the overall values and guidelines for the governance program; obligations define specific actions or processing that must be accommodated; Approaches define how a process, or data asset should be implemented and managed.
Figure 4: What are the principle responses to the governance drivers |
Governance Projects
The roll-out of a governance program is typically divided into projects that are grouped together into a campaign (see Projects in Area 1). The GovernanceProject classification tags these projects so they are easy for the governance team to identify when it comes to reporting.
Figure 5: How is the development of new governance capability organized |
Governance Controls
Governance is enabled through People, Process and Technology. These are controlled through a combination of technical controls (implemented IT function) and organizational controls (training, responsibility, buddy-checking etc).
Figure 6: How is governance implemented |
Governance Action Classifications
Governance Action Classifications describe the common (ie typical) types of classifications that are used in the governance controls.
Figure 9: What are the key governance classifications |
Governance Zones
A Governance Zone describes a collection of Assets that are used, or processed in a specific way. An Asset may belong to many Governance Zones
Figure 10: How are assets organized |
Technical Controls
Technical controls are governance controls that are implemented using technology. They are deployed into
Figure 11: Types of technical controls |
Naming Standards
Naming Standards provide means for classifying glossary terms to allow naming rules to use them.
Figure 12: Naming standards reduce integration cost, reduce errors and increase reuse |
Organizational Controls
Organizational controls describe governance controls that are implemented through people, organizational structures and responsibilities plus manual procedures and rules.
Figure 13: More detail on organizational controls |
Project Charter
The project charter defines the mission and purpose of the project. The access to resources for a project may be partially controlled by the type/mission of the project. For example, the purposes, specifically are used in GDPR scenarios.
Figure 14: Identifying the purpose of a project |
Governance Roles
Someone or something needs to be identified as being responsible for managing and updating the descriptions of metadata. The Staff Assignment defines the role of people or engines that are responsible for particular aspects of the maintenance of a referenceable object.
Figure 15: identifying staff assigned to governance roles |
Governance Rollout
Figure 16: Measuring the effectiveness of governance |
Exception Management
Exception management handles errors detected by verification points.
Figure 17: Taking action to correct errors |
Security Capabilities
Figure 18: Security capabilities |
Governance Actions
Figure 19: Governance Action Types |
Licenses
Figure 20: Licenses | The data economy brings licensing to data and metadata. Even open data typically has a license. The license will define the permitted uses and other requirements for using the asset. Details of a type of license are described in a LicenseType. The asset that is licensed is identified with the License relationship. |
Certifications
Figure 21: Certifications | Many regulations and industry bodies define certifications that can confirm a level of support, capability or competence in an aspect of a digital organization’s operation. Having certifications may be necessary to operating legally or may be a business advantage.
The certifications awarded can be captured in the metadata repository to enable both use and management of the certification process. |
...
...