Data Governance

Data governance is the process of organizing, securing, managing, and presenting data using methods and technologies that ensure it remains correct, consistent, and accessible to verified users. This definition can be broken down into more manageable parts.

Organization: Organizing data is about identifying the domains within your organization responsible for contributing data to the ecosystem, understanding its meaning at inception, and providing safe handling instructions, terms, acronyms, source of truth, and lineage, so it is ingested easily for decision-making.

Security: Securing data is about ensuring all your data is compliant with data privacy regulations and internal company policies.

Management: Data management is the IT discipline of how data is compiled, cared for, stored, shared, and integrated.

Presentation: Finally, presentation is all about leveraging data for analysis, planning, decision-making, and reporting.

OvalEdge data governance helps to ensure that your data is correct, consistent, and accessible to the verified data users in your organization

Data Governance Best Practices

A governance catalog is a practice of identifying relevant data across an organization. A data certification policy is a document that formally outlines how organizational data is managed and controlled.
It ensures,

Data Quality- Ensuring that data is correct and consistent.
Data Availability - Ensuring that data is available and easy to consume by business functions.
Data Usability - Ensuring data is structured, documented, labeled, and enables easy search.
Data Integrity - Ensuring data retains its essential qualities even as it is stored, converted, transferred, and viewed across different platforms.
Data Compliance- Ability to protect and secure the data and adhere to the regulations and policies.

Data Sharing Strategies

To give access to data and metadata, organizations can use multiple strategies in this section.

Strategy 1

Make metadata available to everyone but limit data access to those who ask for it.

Advantage & Concerns:

Every user can quickly find the data and maintain the control of data by its owner. This way, owners can share data objects with ease. This is good for a large company that adapts to very controlled access permission. As data is having lots of power Data owners do not want to share their data with other stakeholders.

OvalEdge Solution:

In this case, OvalEdge's best practices are: Provide preview access to data, but hide the PII like SSN, etc. The advantage is that users can very easily understand the data, but they can’t download and query. Permissions to access and edit still exist with owners.

Strategy 2

Provide partial metadata access to certain departments and do not give any access to data.

Advantage & Concerns:

This is the same as strategy 1, except it’s a large company and does not want to share metadata.

For example, an organization has multiple companies, and it is not relevant to share the data.

Strategy 3

Provide read-only access to data to everyone except confidential and PII data.

Advantage & Concerns:

This is great for startups. They want an environment where data is flowing freely but concerns of PII/confidentiality are met. It leads to faster innovation.

The concern is that owners do not have much control over the data. This is OvalEdge’s most favorable method as it drives innovation in the company.

OvalEdge Solution:

OvalEdge Predefined and Custom roles and permissions help to achieve all the above strategies.

Understand the Custom User-role permissions

In OvalEdge, the user roles assigned to a specific domain have permissions to Read-only/Read-Write on the Glossary terms. Also, each Data asset group (DAG tag) created, is associated with a Domain name. However, to tag and add data objects to a DAG Tag, the user roles must have Metadata Write permissions on both the DAG Tag and the associated data objects.

The following are the user role Metadata permissions on the Domain,

Meta Permission Type	Permission Abbreviation	Access Privileges
READ-ONLY	RO	No rights to edit Domain Steward/Reviewer No rights to edit DAG TAG Owner/ Steward/ Author No rights to create a new DAG tag. Can view DAG TAGs only when the user-role at least has Read-only permissions on Domains. Tagging data elements and adding Glossary terms to data Tables/Reports/Files (Depending on Metadata Permissions on DAG TAG) Cannot suggest a Business Glossary term. Cannot associate Business Glossary terms to data objects. Cannot delete a Data asset group tag/ business Glossary term/PII Data access of an object associated with a term depends on the Data permissions set for data objects at the schema level. STEWARD with Domain Read-Only access can only review the term but cannot suggest a term. REVIEWER with Domain Read-Only access can only Publish a term but cannot suggest a term.
READ_WRITE	RW	No rights to edit Domain Owner/ Steward/ Approver (User should have OE_ADMIN access) Has no rights to edit Owner/Steward/Author of Data Asset Group TAG Has rights to delete the Business glossary terms/PII Can create a business glossary term for that domain. Tagging data elements and adding Glossary terms to data tables/Reports/files (Depends on Metadata Permissions on DAG TAG) Data access depends on the Data permissions set for data objects. STEWARD with Domain Read-Write access can review and suggest a term. REVIEWER with Domain Read-Write access can Publish a term and suggest a term.