Data Governance at SPS

Statement of Purpose

The Data Governance Committee has been established to provide oversight and guidance over how the School of Professional Studies’ internal business units collect, maintain, disseminate, and integrate data on behalf of the school.  

 

Scope

The School of Professional Studies (SPS) Data Governance Committee has authority over all data related to SPS’ prospective and enrolled students, alumni, and faculty stored in, but not limited to, approved databases, applications, and reporting tools.

  

Goals and Objectives 

The goals of the data governance committee are to:
  1.   Provide clear and consistent policies regarding SPS’ data management.
  2.   Ensure compliance with University’s Data Governance guidelines and CUIT’s security policies.
The primary objectives of the data governance committee are to:
  1.   Create and maintain an easily accessible data knowledge base consisting of the following: 
  • Approved Applications and Data Sources Inventory
  • Business Glossary
  • Data Dictionary for each Data Source
  1. Establish and communicate Data Use Guidelines for SPS.    
  2. Establish access management policies and formal access request process.

 

Membership 

(a) The data governance committee shall consist of a Committee Chair, a Vice-Chair, and six permanent voting members, one representative from each of the following business units:

  1. Admissions
  2. Student Affairs
  3. Programs
  4. Faculty Affairs
  5. Systems & Analytics
  6. Finance

(b) Each business unit must designate a proxy member who is authorized to vote if the appointed unit’s member is unable to vote. 

(c) The Senior Associate Dean of Administration shall act as Chair.

(d) The Director of Analytics shall act as Vice-Chair.

(e) The committee will have a non-voting member, acting as Secretary.

(f) Subject matter experts, guests, and presenters will be invited to participate as needed.

 

Roles and Responsibilities

The Committee Chair is responsible for the following: 

(1) Setting priorities for the Committee and, as needed, Working Groups. 

(2) Communicates Committee decisions and school policies to internal business units and, as needed University Leadership.

The Committee Vice Chair is responsible for the following: 

(1) Ensuring that Committee meetings are scheduled and appropriate documentation has been provided to Committee members by the Secretary.

(2) Approving meeting attendee lists

(3) Facilitating Committee meetings

(4) Calling for and tallying of votes

The Secretary has the following responsibilities:

(1) Ensuring meeting documentation including agendas and other supporting documentation are completed and dispersed to all members.

(2) Submitting agendas and supporting documentation to the committee for comment no later than 1 week before the next scheduled data governance committee meeting.

(3) Providing status reports to the committee for review no later than 1 week before a scheduled meeting. The status report will include the following:

  • Updates on the status of data governance goals, objectives and identified issues.
  • Identified barriers in achieving all goals, objectives, issue resolutions and   
    identified timelines.
  • Recommended strategies to address challenges or delays.

(4) Ensuring meeting minutes are provided for review no later than 2 weeks following a scheduled meeting.

(5) Scheduling data governance committee meetings.

(6) Securing the location of data governance committee meetings.

Voting members have the following responsibilities:

(1) Ensure attendance at all meetings [or by proxy].

(2) Review of distributed materials to ensure productive and efficient meetings.

 

Voting

(a) Decisions will be put to a vote and must pass by a two-thirds majority.

(b) At least 5 voting members must be in attendance to constitute a quorum. In the absence of a quorum, the chair may conduct the meeting for informational purposes only or may adjourn the meeting.

(c) In the event the committee is unable to achieve a two-thirds majority vote, the Committee Chair’s vote will be the deciding vote.

 

Meeting Cadence 

(a) The Data Governance Committee shall be held bi-monthly.  Additional meetings may be scheduled as needed. 

(b) The meeting location may vary at the discretion of the members.

 

Working Groups

Working groups will be established as needed to draft potential guidelines or focus on the creation and/or maintenance of Data Governance documentation.

Established Working Groups are to provide status reports to the Committee at each Committee meeting. 

Established Working Groups are to present their findings and/or documentation to the Committee for Approval prior to distribution to the SPS community.   

Policies

Introduction

Access Management is the process of identifying, tracking, controlling, and managing user access rights to data, specifically that which pertains to the School of Professional Studies (SPS).

Provisioning of access must include modification of a user’s privileges in the event of a change in that user’s role, and disablement and revocation of a user’s privileges upon leaving SPS either through termination or a transition to a position at another school at the University.

Elevated access privileges must only be provided to users as needed for legitimate business purposes. 

Purpose

The purpose of this policy is to define required access control measures to any relevant school data and to protect the privacy, security, and confidentiality of those resources.

Policy 

This policy applies to those responsible for the management of access to shared SPS-specific data. Such information can be held within a database, application or shared file space.

Data owners must have documented procedures for access control and must be able to produce the documented procedures when required. Evidence of access approval, termination, and disabling must be available when required.

 

Ratified by Committee on 3/31/2022

Introduction

Each unit has data that is used across the school to help inform a view of where things stand, what we hope to achieve, and to make key decisions for our organization. To ensure we have consistency in our terminology and how we manage data such that it can be coupled with other data sources we need a Data Governance Policy to which we all adhere. To this end we need a policy that governs how we maintain data in our respective areas and how this is shared upon request.

Purpose

Implementing a process for users to request data or new reports from application owners, allows for the following:

  • Ensures data sharing security policy compliance
  • Identifies duplicate data requests that should become reports
Policy

All owners of data at School of Professional Studies, must, if they have not already, establish, document, and communicate a data/report request process to its users.

Data/report process should include a single point of entry e.g., email address, request form, etc.

As part of the request process assigned users should verify that the requestor is authorized to view the data being requested.

 

Ratified by Committee on May 12, 2021