Monitor

DG Monitor

Purpose

The Data Governance Committee will appoint a Data Governance Officer to actively monitor compliance with the Data Governance and Management Policy and the corresponding guidelines, procedures, and resources referenced therein. Other roles and responsibilities will be defined to monitor specific areas of this Policy.

 

Go to Procedures
Go to Resources

 

Related Policies

Data Governance and Management Policy

Related Guidelines, Procedures and Resources

Definitions

Capitalized terms not otherwise defined herein shall have the same meaning as set forth in the Data Governance and Management Policy

Audience

Responsible Data Governance team
Cyber Security
Library Records Management
Accountable Data Governance Committee
Support Data Domain & Technology Sub-Committees
Associate Data Trustee
Data Steward
Associate Data Steward
System Owner
Technical Manager
Data Administrator
Data User
Consulted Internal Auditing
General Counsel
Informed  

Procedures

Monitor Roles and Responsibilities
  1. The Chief Information Security Officer (or their appointed designee) must monitor:
    1. Cybersecurity policies, guidelines, procedures, and resources
    2. Georgia Tech Protected Data Practices
    3. Cybersecurity Training
  2. The Dean of Libraries (or their appointed designee) must monitor:
    1. Data Retention and Disposition policies, guidelines, procedures, and resources
    2. Data Retention and Disposition Training
  3. The Data Governance Officer must monitor:
    1. Data Governance Structure
    2. Intersection with the Technology Governance Structure
    3. Data Domains
    4. Data Categorizations
    5. Systems Inventory
    6. Data Element Dictionary
    7. Access Procedures
    8. Separation of Duties
    9. Regulatory Compliance
    10. Data Governance and Management Training
  4. The General Counsel and Vice President for Ethics & Compliance (or their appointed designee) may partner in the monitoring areas described above (#1-3).
  5. The roles described above (#1-4) must consult with the Chief Audit Executive (or their appointed designee) in the creation and execution of their respective monitoring programs.
  6. The roles indicated in the “Support” section of the “Audience” list above must support monitoring efforts by participating in surveys, interviews, and review of documentation that supports compliance with the Policy and the corresponding guidelines, procedures, and resources.
Monitoring Program
  1. Monitoring efforts may be prioritized using the following guidelines:
    1. Data Domains with a “Data Impact Categorization” of “High Impact,” then “Moderate Impact,” then “Low Impact.”
    2. Information Systems with a “System Criticality Categorization” of “Mission-Critical,” then “Moderate Criticality,” then “Low Criticality.”
  2. Monitoring must be conducted at a frequency determined by the Data Governance Committee.
  3. Monitoring may be conducted through the use of surveys, interviews, and review of documentation that supports compliance with the Policy, guidelines, procedures, and resources. Monitoring must inform:
    1. Understanding of the Data Governance and Management Program (“Program”)
    2. Steps towards compliance
    3. Documentation supporting compliance
  4. Monitoring must be conducted with a sampling of Associate Data Trustees, Data Stewards, Associate Data Stewards, System Owners, Technical Managers, Data Administrators, and Data Users. Monitoring may be conducted with the Data Governance Committee, the Data Management Committee, and the Data Domain & Technology Sub-Committees.
  5. Monitoring results will be documented and retained for a period determined by the Data Governance Committee. A summary of findings will be provided to the Data Governance Committee, highlighting areas of concern, improvement, and success.
  6. The Data Governance Committee will communicate any areas of concern to the Data Trustees and Data Owner as appropriate.

Resources

When will monitoring efforts begin?
The USG expects all institutions to have a Data Governance and Management Program in place by June 2021. Monitoring of this Program may begin as early as the second half of 2021.

 

Revision Date Author Description
2021-07-27 Zachary Hayes, Data Governance New