Framework for Data Coherence and Stewardship

Information Resource Stewardship

A suggested approach for managing the criticalinformation assets of the organization

Information Resource Stewardship Is…

A business framework in which allinformation resources (i.e., data,applications and technology) aremanaged intentionally, and carefully;similarly to other critical businessresources.

Information Resource StewardshipArises…

Out of a strategic vision for MSU’senterprise business systems; that theyshould:

Make data accessible and useful for work;

Provide trust (security, compliance,consistency and integrity);

Be available, robust and support businesscontinuity;

Have a coherent and consistent overalldesign and framework;

Streamline and automate businessprocesses.

Objectives for Information ResourceStewardship

Protect, maintain and secure thequality and integrity of the institution’sdata

Promote adherence to commonstandards that ensure consistency andaccuracy

Foster technological designs andimplementations that support processintegration

Provide information required to makeinformed business decisions, at alllevels of the institution

Provide access to the right data by theright people at the right time

These objectives are brought together toform “The Framework”

for institutional Information ResourceStewardship at MSU

“The Framework” for Institutional Information Resource Stewardship

1. Data coherence

Data models

Data definitions

Data security andconfidentiality policy

Data security andconfidentiality (data access)practices

Network security

Host system security

Application and databasesecurity

Physical security

2. System integration

Middleware design,policies and practices

Integration architecture

3. Data securityand confidentiality

5. Business rules coherence

4. Records management

Records managementpolicies: paper andelectronic

Workflow design,policies and practices

Document imagingpractices

Systems of record

Functional data stewardshipresponsibility assignment

6. Data usability and business value to the user(e.g.,business intelligence, analytics, decision support)

Data integrity

Work process security

Data Coherence

Data Coherence: Assuring theconsistency, integrity and“auditability” of institutional data byadhering to best practice principles ofdatabase and system design with regard todata modeling; creating and maintaininginstitutional “meta-data” dictionaries andrepositories; understanding andestablishing formal “systems of record”;recognizing and establishing functionalroles for data stewardship.

System Integration

System Integration: Making datathat are shared across theinstitution available where andwhen they are needed. Thisinvolves a functional understanding ofthe processes that require and usethe data, and the articulation of theproper technical infrastructure (i.e.,“middleware”) that best supportsthem.

Data Security & Confidentiality

Data Security andConfidentiality: Developing andmaintaining not only accesspolicies and best practicestandards for access, but thephysical and logical securitysystems and platforms to ensurethe safety, viability and coherence ofdata, and to satisfy legal andregulatory requirements.

Records Management

Maintaining required informationas records (digitally or on paper)over time. This involves the propermaintenance and disposition ofinformation (records) havingpermanent (or long term) historical,legal, administrative or fiscalsignificance, and includes institutionalstandards for document “imaging”.

Business Rules Coherence

Business Rules Coherence:Developing and maintaining thepolicies, practices, andprocedures to create, update anduse data in consistent ways.

Data Usability

Data Usability and BusinessValue to the User: Ensuring thatdata are useful to people for theeffective and efficient conduct ofbusiness; that data vital to usefulanalysis and decision support areavailable, robust and understandable.

Identity Management

Is an excellent example of why InformationResource Stewardship is critical

Juxtaposition of Process and Data

More often than not, processes exist“vertically” in an organization (asmuch as we try to tear down “silos”,they certainly exist and arisenaturally)

Data, however, cut across processes

This “orthogonality” must bemanaged carefully.

The “Framework” identifies thecomponents that are essential to thismanagement

Juxtaposition of Process and Data (IdentityManagement is a PERFECT example)

Processes where identifying a person consistently isimportant (using Students, and a few typical StudentProcesses)

StudentEnrolmnt& Regis.

StudentEmplmnt

StudentPayroll

StudentID’s

Housing

Identity Characteristics (NAME, DOB, PID, SSN, etc.)cut across ALL of these processes (and certainlyothers)

Problems Result When…

This shared nature of data across processes is notrecognized or managed.

Think of the problems that arise when:

The same student has multiple PIDS (duplicates)

The same student has different names in differentsystems

The same student has different SSN’s in differentsystems

There are inconsistent definitions for these criticalpieces of identity data

There are different rules (in each system) forupdating one of these critical pieces of identitydata

The pieces exist in multiple places (but are neededby one system)

How Could the Framework Help?

Data coherence:

Consistent definitions for each identitycomponent

Identification of a single source system ofrecord for each component; where is eachcomponent (e.g., name, dob, etc.) added,maintained, and retrieved?

System integration:

Developing the proper technical platform forkeeping core identity information (that may bemaintained elsewhere), and making it availablewhere needed and when needed (at the firstpossible instance? When appropriate?)

Identification and linking of data from systemsof record

How Could the Framework Help?(con’t)

Data Security & Confidentiality

Much of the core identity data are sensitiveand/or confidential

What should the access, and update rules bethat preserve this confidentiality, but promotethe effectiveness and needed efficiencies ofbusiness processes?

How do we keep the data safe from intrusion?

Records Management

Where and how do we store our copies of thesedata? For how long should we retain theserecords, and in what form?

How Could the Framework Help?(con’t)

Business Rules Coherence

Development of rules for maintaining core identity data,as well as identification of where this updating will takeplace, when it will take place (What type of “physical”evidence is needed for proving identity? Under whatconditions, for example, do we accept a name change?How do we verify a death?)

These rules apply institution wide, are documented andwidely communicated

Data Usability

Centralized identity management will ensure consistencyof results (e.g., issuance of a single net ID per person)

The integrity of core identity attributes is maintained andassured in each of the processes