ASU IT Governance

ASU Data Governance

ASU data governance advances institutional goals for excellence and builds a strong culture of data access, quality, literacy, informed decision-making and data protection. It ensures the formal management of data within the university through the use of clear practices and processes to support data-informed decision-making and the protection of ASU data throughout its lifecycle.

 

ASU Data Governance Guiding Principles

ASU data governance practices are principle-driven.
 

  • Shared Responsibility
    Everyone has a role in ensuring data quality, data protection and the responsible handling and use of University information resources and data in alignment with legal and ethical obligations. 
  • Appropriate Access
    All ASU units facilitate appropriate access and sharing of University Data, subject to established data handling and protection requirements and specific guidelines established on each campus. 
  • Adaptive and Continuous Improvement
    Data governance activities are guided by ASU’s strategic priorities and a process that includes annual objectives, goals, and measures and program improvements. The ASU privacy and data governance program will remain agile and responsive to an innovative community.
  • Transparency
    Data governance-related decisions and processes should be assessed not only for how they meet compliance-based requirements, but also for how they support the mission of the ASU enterprise and provide the most efficient, secure, and privacy-protective experience.

 

ASU Data Governance model

The ASU data governance model represents enterprise-wide governance supported by an engaged and active community of practice.

 

PDGAC Diagram v2

View a larger version of the model here.

ASU Data Governance Community

Numerous groups are involved in developing, managing and implementing ASU data governance.
 

  • ASU Senior Leadership
    Members of the ASU leadership team, collectively referred to as data trustees within the privacy and data governance program, appoints members of the Privacy and Data Governance Advisory Committee, receives reports on program activities, and provides executive sponsorship to overall initiative. ASU Senior Leadership helps promote the privacy and data governance program throughout ASU and removes barriers to the implementation and ongoing operations of the program.
     
  • Data Trustees
    Data Trustees (University Vice Presidents) are the highest-ranking divisional leaders with responsibility for ensuring that data are properly managed and appropriate compliance is practiced related to data-related functions for their units. Data Trustees work together to ensure data are viewed as an institutional asset and promote appropriate data use, data quality, and data management practices and procedures. Each Data Trustee appoints one or more Data Stewards for the Data Trustee’s specific units and divisions.
     
  • Privacy and Data Governance Advisory Committee
    The Privacy and Data Governance Advisory Committee is responsible for strategic privacy and data governance program oversight and for allocating program resources where applicable. The Committee is established to ensure that privacy and data governance program objectives and strategic priorities are developed, reviewed and applied to ASU data throughout its lifecycle (from collection to long term storage and/or destruction). The Committee may also provide guidance and advice on ethical issues arising from the use of personally identifiable information.
     
  • Data Stewards Working Group
    The Data Stewards Working Group, with membership consisting of the Data Stewards and other individuals as determined by the Privacy and Data Governance Advisory Committee, is tasked with overseeing the implementation of privacy and data governance strategic priorities, creating policies and guidance on privacy and data governance program activities, and promoting a culture that embraces the responsible use and handling of ASU data throughout its lifecycle. Together they are responsible for promoting the sharing of knowledge and institutional data practices and processes across campus units and enterprise divisions. The working group has two primary workflows: a data governance workflow and a privacy workflow. The data governance workflow addresses issues related to the implementation of the data governance strategy. The privacy workflow addresses privacy-related issues and promotes privacy-protective practices at ASU. Within each workflow, Data Stewards help develop and implement privacy and data policies, standards, procedures, and guidelines, as well as manage processes for data collection, access control, quality, use, retention, and disposal in accordance with policies and standards.
     
  • Data Stewards
    Data Stewards are designated by and accountable to the Data Trustees. Data Stewards view data as an institutional resource, maintain broad institutional knowledge of data, and deeply understand data sets in their responsibility area, as well as how that data may be used across the university. Data Stewards are responsible for working collaboratively together and with the Privacy and Data Governance Advisory Committee. Data Stewards have the primary responsibility for the accuracy, privacy and security of the institutional data under their responsibility.
     
  • Data Users
    Data Users are all users granted access to university information resources and data, including but not limited to university employees, affiliates (e.g., contractors, partners, volunteers) and students. Individual Data Users play a critical role in protecting the confidentiality and privacy of university information resources and data while helping to ensure the appropriateness, accuracy, and timeliness of data. Data Users are responsible for completing any university data training required for access to specific data sets and for only using institutional data as required for the conduct of university business. All Data Users are responsible for reporting unauthorized access, data misuse, or potential privacy security incidents to itsecurity@ASU.edu.
     
  • Data Custodians
    Data Custodians are university employees who are assigned specific data management, access management, or information security responsibilities by the appropriate Data Steward. They are responsible for understanding business needs, operationally ensuring procedures are consistent with university policy, approving user access for data maintenance roles, and performing other activities to keep data intact and available to Data Users.