...
<== Back to Area 3 - Glossary | Forward to Area 5 - Standards ==> | Models for referenced objects: Referenceable
...
Area 4 covers the types that store information needed to govern the assets described in area 2. In a similar way to the glossary (area 3) this information is authored in the metadata repositories and then distributed to the enforcement points and data platforms to action and return measurements that can be used to confirm that the governance program has a positive effect.
Figure 1: Summary of area 4 for governance |
Governance Definitions
The definitions that control the governance of data resources are authored in the metadata repository. They are Referenceable, which means they have a unique identifier and link to external references for more information.
Governance Drivers
Governance Drivers provide the core requirements of the governance program. The data strategy is derived from the business strategy. It defines how data supports the business strategy. Regulations define legal requirements relating to data management. Reconciling the data strategy with the regulations creates synergies in an organization's approach to data management.
Governance Responses
Regulations and the Data Strategy are broken down into 3 types of policies: Principles that defines the overall values and guidelines for the governance program; obligations define specific actions or processing that must be accommodated; Approaches define how a process, or data asset should be implemented and managed.
Governance Projects
The roll-out of a governance program is typically divided into projects that are grouped together into a campaign (see Projects in Area 1). The GovernanceProject classification tags these projects so they are easy for the governance team to identify when it comes to reporting.
Governance Controls
Governance is enabled through People, Process and Technology. These are controlled through a combination of technical controls (implemented IT function) and organizational controls (training, responsibility, buddy-checking etc).
Governance Action Classifications
Governance Action Classifications describe the common (ie typical) types of classifications that are used in the governance controls.
Governance Zones
A Governance Zone describes a collection of Assets that are used, or processed in a specific way. An Asset may belong to many Governance Zones
Technical Controls
Technical controls are governance controls that are implemented using technology. They are deployed into
Naming Standards
Naming Standards provide means for classifying glossary terms to allow naming rules to use them.
Organizational Controls
Organizational controls describe governance controls that are implemented through people, organizational structures and responsibilities plus manual procedures and rules.
Project Charter
The project charter defines the mission and purpose of the project. The access to resources for a project may be partially controlled by the type/mission of the project. For example, the purposes, specifically are used in GDPR scenarios.
Governance Roles
Someone or something needs to be identified as being responsible for managing and updating the descriptions of metadata. The Staff Assignment defines the role of people or engines that are responsible for particular aspects of the maintenance of a referenceable object.
Exception Management
Exception management handles errors detected by verification points.
Security Capabilities
Licenses
The data economy brings licensing to data and metadata. Even open data typically has a license. The license will define the permitted uses and other requirements for using the asset. Details of a type of license are described in a LicenseType. The asset that is licensed is identified with the License relationship. |
Certifications
Many regulations and industry bodies define certifications that can confirm a level of support, capability or competence in an aspect of a digital organization’s operation. Having certifications may be necessary to operating legally or may be a business advantage.
The certifications awarded can be captured in the metadata repository to enable both use and management of the certification process. |
...
...