Deep-Dive Articles

Domains - A Deep Dive

Overview

The Business Glossary’s purpose is to document business knowledge through business glossary terms. The Business Glossary is built with a hierarchical structure with the Domain being the highest level of organization, followed by Categories, and Subcategories.

A domain will most often align with either a business process structure or a departmental structure. Both types of structures are often used at the same time. Domains may look like Financials, Client Relations, or HR Policies if business process-based. If departmentally based, organizations may use domains like Sales, Accounting, Manufacturing, etc. Regardless of which approach an organization uses, OvalEdge recommends creating a privacy domain to benefit from some of the advanced capabilities that leverage the privacy domain, such as the Data Classification module and the Governed Data Query.

Types of Domains

  • Primary Domains

The Primary Domains offer a straightforward structure where terms created within this domain are referred to as “Primary Terms”. Data objects can only have one primary term associated with them. This practice enables users to enhance their understanding of data objects linked to the terms by providing consistency and clarity from a singular term association.

  • Auxiliary Domains

The Auxiliary Domain consists of Auxiliary Terms. Auxiliary Terms are used in situations where stakeholders from different lines of business and departments have different definitions for a Term with the same name. Typically, having a single term with a unique definition is preferable for clarity. However, in certain unavoidable situations, auxiliary terms are created and can be linked to data objects to accommodate different definitions for diverse perspectives and needs. 

Typically, when applying a single term to data objects, attempting to add another would trigger a pop-up indicating that the data object is already associated with a primary term. However, in the case of auxiliary terms, multiple auxiliaries can be assigned to a data object.

Categories 

A category serves as a high-level container for organizing related terms within a specific domain. Think of it as a folder that holds various terms that share a common theme or purpose. For instance, in a domain related to finance, there might be a category called "Financial Instruments," grouping terms such as stocks, bonds, and derivatives.

Each category can have a description, providing a brief overview of its purpose and the types of terms it encompasses. This helps users quickly understand the context and content of the category.  Categories also come with governance roles, allowing users  to define who has the authority to manage and update the terms within that category.

Subcategories 

Subcategories allow for a more granular organization of terms within a specific category. Going back to the finance example, within the "Financial Instruments" category, there might be  Subcategories like "Equities" and "Fixed Income”. 

Similar to categories, subcategories can have descriptions that provide more detailed information about the subset of terms they contain. Governance roles extend to subcategories, enabling precise control over who manages the terms within each subcategory.

Setting Up & Managing Domains


Within the OvalEdge application, domains can be created by navigating to the Administration > Security section from the left panel menu. Within the "Security" module, choose the "Domains" option from the top, available across the tabs. To create a new domain, select the plus icon from the top right corner of the Domain Security tab.

Multiple domains can be created, each capable of accommodating a multitude of terms. Illustrated below in the image, under each domain, categories, and subcategories are configured, default classifications, default associations, governance roles, default permissions, and custom fields can be established to govern the behavior of terms. These properties are then inherited from the domain to the term level and further extended to the associated data objects, ensuring security and effective data management.

 

Creating a Domain 

When first creating a new domain, you will be prompted to fill out the following details:

  • Domain Name
  • Domain Description
  • Security and Governance Admins
  • Governance Roles (Steward, Custodia, Owner + 3 configurable governance roles)


Who can create and manage a Domain?

  • Users who hold roles with the designation of Domain Creator have the authority to create domains. This means that individuals assigned to these roles can create domains. 
  • The Security and Governance administrator roles and users associated with this role can configure Categories, Subcategories, Classifications, Governance Stakeholders, and Default Associations, and define user/role permissions for accessing the domain and terms created under it.
  • The Governance stakeholders (e.g., Owner, Steward, Custodian) can be assigned at the domain level category level, or subcategory level.  These individuals serve as subject matter experts with deep knowledge of business processes. Their primary role is to uphold the consistency and quality of terms and their associated attributes.

 

Domain Security & Default Permissions

For every domain, the users holding the Security and Governance Administrator role have the responsibility and authority to grant domain permissions. Domain permissions can be granted to both individual users and roles (users within the role). Users affiliated with these roles can then access the terms within the domain in the Business Glossary and perform actions on it based on their license privileges.

In the application, when creating a new user, they are assigned a role along with specific permissions categorized as "meta" permissions (which includes Meta-Read and Meta-Write) and "data" permissions (ranging from no access to preview, read, and write). These permissions determine how users can engage with the application based on their assigned roles and permissions.

For the purpose of this discussion, the main focus will be on Metadata permissions, such as Meta-Read and Meta-Write, which play a pivotal role in ensuring that the right individuals have the necessary access and control of the domain.

  • Meta-Read: Users with this permission can access and view terms pertaining to the domain within the Business Glossary. This means that they can view the term details, and read through the descriptions, default associations, data object associations, term relations, classifications, and other details related to the terms.
  • Meta-Write: Users with this permission will not only be able to view term details but also have the capability to curate, edit, and revise them. They can modify term descriptions, adjust term relationships, add/delete data object associations,  edit default associations, and curate the terms within the domain.

 

Default Governance Roles

Governance Roles are crucial in ensuring the quality and consistency of terms and attributes within our Business Glossary. These Governance Roles are the subject matter experts for their respective domains and are responsible for addressing any concerns raised by the data users related to terms and their attributes.

For each domain, OvalEdge has specific default governance roles - Owner, Steward, Custodian, and Governance 4, 5, and 6 (if configured). These roles are responsible for maintaining the quality and consistency of terms. 


Let’s look at default domain properties and how to update them next:

  • Domain Security & Default Permissions
  • Default Data Association Preferences
  • Default Governance Roles
  • Default Classifications
  • Default Custom Fields

Managing Domain Properties 

Update Permission

From the security module and Domains tab you can update permissions from the nine-dot icon by selecting “Update Permissions”. Permissions allocated at the domain level extend to term-level actions, allowing users to perform actions based on meta permissions, as described above.

Note: Users and roles without domain permissions will not be able to see the domain or its related terms within the Business Glossary.

 

Delete Role

If the roles are no longer required to have access to the domain can be deleted. Deleting a role involves removing the users associated with the role from the domain, ensuring that the role no longer has access. 

 

Updating Governance Roles at Domain and Category levels

Assigning governance roles is required when creating a new domain, and these roles can be configured at both the domain and domain-category levels. The default governance roles set at the domain level automatically apply to the terms created within that domain. Additionally, at the term level, we have the ability to modify these governance roles, ensuring that individuals with the right expertise handle each term appropriately. The notable advantage here is that users with appropriate authority can update governance roles for individual terms without affecting the broader domain configuration.

 

Default Data Association Preferences

The Default Associations functionality serves a crucial purpose in securing and managing data across the organization.

One key aspect of Default Associations is that these settings are inherited by the terms created within a domain, and they extend to the data objects associated with those terms. 

The functionality of Default Associations establishes data object security through the application of masking policies, restriction, and classification functionalities. It enhances the understanding of the data object, data discovery, and standardization by enabling the copying of Titles and Business Descriptions.


These preferences include options such as:

  • Copy Title to Catalog: Replace a data object's original title with that of the associated term name, simplifying data discovery and standardization. 
  • Copy Business Description to Catalog: Replace a data object's original business description with that of the associated term. This action enhances your understanding of the data object by providing enriched context and information.
  • Masking: Masking policies help protect sensitive information by concealing it from unauthorized users while still allowing authorized access.
  • Restriction: Restrictions control who has access to specific data objects, enhancing overall data security.
  • Classification: Classification functionalities categorize data based on Sensitivity, confidentiality, or PII data,  making it easier to understand the nature and purpose of different data objects.
  • When these settings are set as defaults at the domain level, they automatically apply to all the terms created within that domain. Nonetheless, at the term level, there exists flexibility for users to customize these default settings according to their preferences.
  • Even if no default preferences are chosen at the domain level, the term level offers a set of associations that can be selected as needed.

 

Configure Classifications

Default Classifications allow the categorizing of data objects based on their sensitivity and significance. This categorization process is essential to ensure that confidential information is handled and protected appropriately. Users have the flexibility to set up classifications within a specific domain, aligning them with their organization's specific needs.

For example, you can establish labels such as "Sensitive", "Restrictive",  "Confidential",  "Internal", "Public" and more as classifications. This classification system aids in the organization of data objects according to predefined criteria, including levels of confidentiality, privacy, data sensitivity, and compliance standards.

The default classifications at the domain level,  automatically apply to all the terms created under that domain. Plus, these classifications also extend to the data objects linked to those terms.

In a nutshell, when you classify a term, you're essentially classifying all the associated data objects, indicating their specific security and handling requirements. This makes it easy for users to understand what each data object is about. For example, they can quickly spot sensitive or restricted data, which helps them make better decisions.

If the classifications are not configured at the domain level, they won't be visible at the term level. However, if some classifications are configured but not marked as defaults, they will be visible on the term's detailed page, accompanied by checkboxes. To apply these classifications to data objects, users will need to manually check the checkboxes at the term level or domain level.

 

Configuring Categories and Subcategories 

Categories can be configured for a particular domain to provide users more in-depth categorization of data or terms. 

When a domain is created, users can access detailed information about it by clicking on the domain name. This action takes the user to a domain summary page, which provides comprehensive information about the specific domain.   The page features a detailed description of the domain's purpose and scope, The Default Association Preferences section highlights crucial information, indicating which options are enabled or disabled within the domain, and the classifications configured for the domain. Also, a table view format is facilitated at the bottom for the users to quickly scan through categories, subcategories, descriptions, and governance roles, facilitating efficient data management decisions.

Custom Fields on Domain

Extending Term Metadata with Custom Fields

Custom fields offer a means to include extra term information or details that are not covered by standard term attributes in the Term summary page of the Business Glossary. Users can create custom fields for text, code, numbers, and dates to enhance searchability and data usefulness. These custom fields can be configured globally for all domains or for specific domains. 

When custom fields are created for a specific domain, terms linked to that domain will display the additional fields in their summary page within the Business Glossary.

In the absence of global or domain-specific custom fields, no additional fields will be displayed.

Viewing Domains

Through the domain page users can add a domain to the watchlist and homepage. 

  • Adding a Domain to the Watchlist facilitates easy access of data to stakeholders and manages the notifications about the terms and other governance activities happening within that domain. 
  • Add a domain to the Home Page to view the terms created under the domain on the top of the home page screen.

Domains can be viewed through Business Glossary Tree View and List View. 

Tree view: The tree view in the business glossary provides a top-down approach to visualizing the entire organizational term structure. It displays a hierarchical representation in the left panel, showcasing domains, categories, subcategories (if any), and the associated terms within each. Clicking on a specific term allows users to quickly access term details.


List View: List view on the other hand, offers a comprehensive presentation of terms in a tabular format. This format provides detailed information about terms, allowing users to efficiently filter and locate specific terms based on their attributes.

Link to Business Glossary 

In the world of business, a "domain" is like a special zone where we keep all the important words and phrases that are specific to a particular area, like finance or technology. Now, think of a "business glossary" as a big dictionary where we explain and define these important terms so that everyone in the business can understand them. So, when we say "linking a domain to a business glossary," it's like connecting that special zone to our dictionary. This connection makes it super easy for everyone in the company to find and understand the right meaning of all the important words related to that specific area, helping everyone speak the same language and work together smoothly.

Business Glossary Dashboard

OvalEdge now introduces a dedicated Domais Dashboard, designed to visualize the relationships among various domains and the terms created within different domains. 

For instance, Term 1 from Domain 1 can be intricately linked to Term 2 from Domain 2 through relationship types such as "is synonym to," "calculates," and more. These cross-domain relationships create a web of interconnected links.

In the Domains Dashboard, you can see different domains represented as circles. These circles are connected by dotted lines, showing how the domains are related. The size of each circle shows how important the domain is, with bigger circles meaning more important domains. When you move your cursor over a domain or a dotted line, you can see more details about that domain or the connection between domains. This includes categories, subcategories, and specific relationships between domains.

You can also zoom in and out of the diagram, search for specific domains, or filter the information to focus on what you're interested in. This makes it easy to explore and understand the relationships between different domains.

System Settings on Domains 


ordertyperetrieve.default.classification

To view data object columns for specified Term- Classification.

Parameters:

The default value is empty.

Enter the classifications names in the field provided.

oef.domain.category

Specify the format for logs that contain personally identifiable information (PII).

Parameters:

The default value is set to domain.category to include information about the domain and category in the log entry.

Enter the value in the field provided.


show.draft.terms.to.viewers

This setting enables a toggle button in the Business Glossary to toggle and display both Draft / Published terms in the Tree View and List View of the Business Glossary.

Parameters:

  • The default value is set to 'True'.
  • If set to 'True, it allows viewers to switch the toggle between published and draft terms. In the list view, the term status filter can be used to distinguish between draft and published terms.
  • If set to 'False' it restricts viewers from seeing draft terms in both tree and list views.

ovaledge.domain.creator

Assign domain creator privileges to Roles.

Parameters:

The default value is OE_ADMIN.

Click on the field and define the roles you wish to assign to a Key.


bg.unique.constraint

To create Terms with the same names under different categories and sub-categories of the same domain.

Parameters:

The default value is set to Domain.

Enter the values (domain, category, subcategory) in the field provided.

registration.valid.domains

This parameter is used to check userid have valid domains while registering the user

Change Management

Who can do this?

Governance stakeholders (Owner, Custodian, Owner, Governance Roles 4,5,6 (If configured)) and the users with Meta-Write privileges on the domain can change the Term details within the Business Glossary > Term detailed page.   


Changing Domain of a Term

The process of changing the domain for a term allows us to keep the Business Glossary terms updated and aligned with the evolving business’s dynamic nature.  Moreover, it significantly enhances the findability of terms, empowering users to quickly locate relevant terms based on their specific areas of interest and focus.


Changing the Category of a Term

Moving a term to a different category enables users to navigate and access relevant terms efficiently. By placing terms in the most appropriate category helps users understand the term's context more accurately and delve deep into specific knowledge domains. 

It is imperative to ensure that these terms belong to the same domain to migrate to a different category. To move to a different category in a distinct domain, the term should first be relocated to the desired domain and then have its category adjusted accordingly.


Change Management through LMDF 

Load Metadata from Files is a feature in OvalEdge that allows users to manually create and bulk update terms within any domain.  In upcoming versions, we are using LMDF to create and manage domains, classifications, categories, and subcategories within the domain. 


Deleting a domain 

Authorized users and roles or the domain creator can delete a domain. Deleting a domain involves the removal of all the domain properties i.e., the categories, subcategories, and associated terms within the domain. Users engage in domain deletion to maintain data integrity, eliminate redundant information, and enhance system efficiency. This process ensures the removal of outdated or irrelevant data, enabling organizations to uphold regulatory compliance, optimize storage resources, and enhance overall data security measures.