1.0 Data Governance Concepts and Mission Drivers (15%)

Public Sector Data Governance (Release July 2017)

1.1 Concepts & Definitions

1.1.1 Definitions

•Data Governance/Information Governance

•Data Stewardship

•Data Ownership

•Data Curation

•Relationships between owner/steward/curator roles

1.1.2 Key Public Sector Concepts

•Data Lifecycle

•Open Data

•Right to Information

•Restricted data

1.2 Governance Organizational Structures

1.2.1 Data Governance Council

•Typical membership of a public sector data governance council

•Role of the Chief Data Officer in a public sector organization

1.2.2 Centralized vs. Federated Governance Models

•Use of Federated Governance in a public sector context

•Open Archival Information System

1.3 Mission Drivers

1.3.1 Data as a democratizer

•Improving Discovery

•Enabling Reuse

1.3.2 Data as enabler of good government

•Using data to increase government accountability

•Using data to improve public welfare

1.3.3 Data as a national security issue

•Cybersecurity issues in public sector governance

•National security exceptions to standard governance protocols

1.4 Data Governance & Stewardship Management Tools

1.4.1 Meta-data tools and repositories

•Establish metadata standards first

•Tools apply standards, but do not create them

•Examples of relevant metadata standards applied by common tools (Dublin Core, ISO 19115, Darwin Core)

1.4.2 Data asset inventory

•Definition and process

•Utility in risk management

•Utility in identifying data gaps

•Utility in increasing data management maturity

1.4.3 Data modeling tools

•Conceptual vs. logical vs. physical data models

•COTS vs. Internal development

1.4.4 Communication tool suite

•Internal email and intranet

•Blogging, podcasts, wikis

•Collaborative workspaces

2.0 Legal and Regulatory Environment (20%)

2.1 Federal data governance statutes

2.1.1 Freedom of Information Act

•Right to request access to records from any federal agency

•Nine exemptions protecting personal privacy, national security, and law enforcement

•State and local government parallel FOIA, FOIP laws and regulations

2.1.2 US Privacy Act

•What is a system of record?

•Collection, maintenance, use, and dissemination of information about individuals that is maintained in systems of records by federal agencies

2.1.3 Health Insurance Portability and Affordability Act

•Privacy Rules

•Covered Entities

2.1.4 Federal Records Act

•Preservation Requirement

•Organization, functions, policies, decisions, procedures, and essential transactions

2.1.5 Federal Information Security Modernization Act

•DHS authority to administer the implementation of information security policies for non-national security federal Executive Branch systems

•Office of Management and Budget's (OMB) oversight authority over federal agency information security practices

•State, local, and tribal government requirements under FISMA

2.2 Regulatory frameworks

2.2.1 Executive Order 13556 on Controlled Unclassified Information

•Executive Agent

•Categories and subcategories of control markings

2.2.2 Executive Order 13526 on National Security Information

•Original and Derivative Classification Authority

•Requirements for security markings on data

•Rights and responsibilities of classifying agencies

2.2.3 2013 Open Data Policy

•Open Data Provisioning at Municipal, State/Provincial, Federal/National levels (Decision authorities and releasing of appropriate data)

•Management of information as an asset

•Promotion of the openness and interoperability of government data and information

2.2.4 Commerce Department Privacy Shield (Global universal data privacy regulations)

•Resulting from European Union data privacy laws

•Compliance mechanism for transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce

•Self certification provisions (2017-not sufficient under EU Court)

2.3 Data Sharing & Ethics

•Responsibilities of the government to the governed - right of access to personal information

•Reasonable use of data in a public sector environment

•Risks of both oversharing and of lack of sharing

•Personally identifiable information in a public sector context

•Specific national security responsibilities and exemptions

3.0 Data Governance and Stewardship Roles & Responsibilities (20%)

3.1 Data Governance Roles

3.1.1 The Role of Chief Data Officer (CDO)

•Responsibilities differentiated from the CIO

•Relationship to organizational leadership

•CDO change management strategies

•Assessing Data Governance/Organizational Maturity

3.1.2 Composition of a Public Sector Data Governance Council

•CDO

•Data Owners or their proxies

•Information Management Executives

•IT Senior Management

•Data User Representatives

3.1.3 Data Owner

•Public sector ownership of data

•Decision Rights

•Responsibilities for sharing and discovery

3.1.4 Data Steward

•Interagency stewardship responsibilities

•Business Data Steward

•Technical Data Steward

•Coordinating Data Steward

•Information Management Officer

3.1.5 Data Custodian

•Bridge between the consuming IT system and data stewardship

•Possible overlaps with technical data stewardship responsibilities

3.1.6 Data Curator

•Responsibility to enable data discovery, add value, provide for reuse over time

•Creation of documentation and contextual metadata standards

•Enablement of data analytics through effective curation

3.2 Public Sector Stakeholder Management

3.2.1 Data Providers

•Negotiation of data licenses in a public sector environment

•Responsibility to avoid duplication of data to reduce costs to taxpayers

3.2.2 Data Users

•Understanding the data needs and ultimate goals of governmental knowledge workers

•Understanding the needs of the public in terms of access to data

•Managing expectations of data users in a restricted data environment

3.2.3 Education and Training of Stakeholders

4.0 Data Governance Inputs and Deliverables (20%)

4.1 Inputs

•Mission goals

•Data Collection Authorities

•Data Protection and Use Requirements

•Reporting Requirements

•Funding parameters and constraints in a public sector environment

4.2 Primary Deliverables

4.2.1 Data Governance Policies

•Accountability and ownership policies

•Public Sector governance best practices

•Access Control Policies

•Data Discoverability (Rules relating to access to data, that does not allow sharing across agencies, without justification (legal positions - vis-a-vis State, Department rules)

•Data Retention Schedules

•Disaster Recovery Plans

4.2.2 Data Governance Standards and Procedures

•Metadata Standards

•Documentation Standards

•Data Lineage

•Dissemination and Sharing Procedures

•Clearance and access requests

•Systems of Record identification and maintenance

4.2.3 Data Governance Goals and Outputs

•Increase Knowledge of Data Governance through training and education

•Change management

•Increased Use of Data for Public Good

•Decisions

5.0 Fundamental Knowledge Areas for Public Sector Data Stewardship (25%)

5.1 Data Preservation Planning

•Role of the National Archives

•Planning for legacy data formats and file types

•Need for adequate funding for data and records preservation

5.2 Data Access and Security Issues

5.2.1 Concepts and Terms

•Security classification

•Access control

•Use of role-based access

•Data leakage

•Malicious attack

•Privacy

5.3 Reference and Master Data Management

5.3.1 Key Concepts

•The “golden record”

•Difference between master data and metadata

•Scoping “master data” in public sector environments

5.3.2 MDM tools and methodologies

•Tools help you consolidate and view your master data, but won’t create it for you

•How to evaluate tools for public sector MDM

5.4 Metadata Management

5.4.1 Concepts and Terms

•Meta-data types (technical, ownership, contextual)

•Meta-data perspectives (lineage, definitions, rules)

•Role of data curation in effective metadata management

5.4.2 Stewardship Activities

•Data definitions

•Data cataloging

•Data lineage

•Data sharing agreements

5.5 Document and Content Management

5.5.1 Key Concepts

•Overlap between data management and information management

•Records Management

•Unstructured and semi-structured content

5.6 Data Warehousing and Cloud Solutions

5.6.1 Concepts and Terms

•Data warehousing

•Cloud Computing

•ETL

•Data mart

5.6.2 Stewardship Activities

•Defining requirements

•Establishing authoritative data sources

•Metrics definition

•Data ownership in a warehouse environment

5.6.3 Risk/Reward Calculations

•Enabling information sharing across jurisdictional boundaries

•Privacy issues with cloud solutions

5.7 Data Quality Management

5.7.1 Concepts and Terms

•Quality definition in public sector context

•Data quality principles

5.7.2 Activities

•Identifying data quality issues

•Data quality assessment

•Data profiling and auditing

•Data cleansing