UPPS 04.02.05 - Data Governance Program

POLICY STATEMENT

Texas State University is committed to maintaining a data governance program to ensure accountability and responsibility for the quality, security, and appropriate use of data.

1. BACKGROUND INFORMATION

   1. University data are institutional assets integral for informed decision- making in support of Texas State University’s mission. The administrative and academic units must serve as stewards of these data, working together to properly manage and protect these assets. Therefore, a centralized approach to data management must be in place to ensure consistency in data quality, availability, access, and reporting.

   2. This policy outlines the objectives of the Data Governance Program as required by Section 2054.137 of the Texas Government Code. The policy defines the structure and responsibilities of the governing entities allowing for effective and efficient management and use of university data. The Data Governance Program provides a centralized mechanism to:

      1. promote data and information quality through widely accepted data and reporting standards, definitions, documentation, and best practices;

      2. provide access to data in an efficient and effective manner in compliance with university policies related to data security and privacy;

      3. communicate data quality and reporting initiatives across the institution;

      4. assign ownership responsibility and accountability for university data to ensure effective stewardship;

      5. empower the data owner, in collaboration with the data management council and its sub-committees, to develop and enforce policies and procedures that promote consistent data management and reporting for informed decision-making; and

      6. ensure compliance with relevant state and federal laws related to data management.

2. PRINCIPLES

   1. Adherence to certain principles is key to the success of the Data Governance Program. These principles include:

      1. Transparency – Data governance processes will exhibit transparency; it should be clear to all participants and auditors how and when data-related decisions and controls were introduced into the processes.

      2. Auditability – Data-related decisions, processes, and controls subject to the Data Governance Program will be auditable; they will be accompanied by documentation to support compliance-based and operational auditing requirements.

      3. Accountability – The program will define accountabilities for data-related decisions, processes, and controls.

      4. Stewardship – The program will strive for the responsible and ethical governance of data.

3. SCOPE

   1. The Data Governance Program will support the business objectives of Texas State, addressing data ownership, stewardship, integrity, access, privacy, privacy classification, and reporting for all Texas State data including, but not limited to, student, faculty, human resources, finance, facilities, and alumni or donor data elements, wherever they reside.

   2. The management of data elements related to police, medical, counseling, legal, and disability records is the responsibility of each element’s respective institutional data owner; notwithstanding, these elements are subject to governance under this policy and additional requirements as ascribed by the university, Texas State University System (TSUS) Rules and Regulations, and applicable law.

   3. This policy applies to all individuals whose affiliation with Texas State requires or permits access to university data, without regard to the manner, form, duration, or location of access.

   4. Matters of data security are key to any data governance program and addressed in Section 04.01, Computing Services, of the university Policy and Procedures Statements (PPS) website.

   5. Policies regarding proper management and retention of records are addressed in UPPS No. 01.04.32, University Records Management.

4. DEFINITIONS

   1. Data Asset – an object comprised of data elements, which could be logical or physical.

   2. Data User – an authorized user, as defined by UPPS No. 04.01.11, Risk Management of Information Resources, who accesses university data in performance of their assigned duties. A data user is expected to be familiar with and abide by all data governance and data security policies and procedures.

   3. Data Custodian – an individual or team charged by the data owner to provide information asset services to data owners and data users.

   4. Data Dictionary – a set of information describing and defining the contents, format, and structure of a database and the relationship among its elements.

   5. Data Element – any defined unit of data.

   6. Data Management – encompasses the people, processes, and technology required to create consistent and proper handling of data and understanding of information across the organization, ignoring the boundaries created by organizational structures.

   7. Data Governance Program – the framework to manage university data effectively, efficiently, and ethically in support of the university’s mission.

   8. Data Owner - an individual responsible for the oversight of an information resource or data asset.

   9. Data Steward – a data custodian responsible for planning, prescribing, and managing the sourcing, use, documentation, and maintenance of data assets. Functional data stewards are required to be knowledgeable regarding data assets in relation to business processes. Technical data stewards are expected to be knowledgeable about the underlying structure and administration of data assets. It is possible that a data steward could have both functional and technical knowledge.

   10. Data Stewardship – the governance, management, and protection of an organization’s data assets that results in high-quality data that are easily accessible and reportable.

   11. Functional Area – a department that represents and serves a particular subset of university data.

   12. Metadata – describes how and when a particular set of data was collected and how the data are formatted, necessary for understanding how data are stored in data warehouses.

   13. Stakeholder – an employee who affects, or would be affected by, data policy or procedural change. A stakeholder requests data, initiates requests for changes to university data, and identifies problems with university data that are impeding normal daily operations. They provide input or feedback that assists with the process of satisfying any change request.

   14. Subject Matter Expert (SME) – any employee with extensive knowledge of given functional, technical, reporting, or security-related data issues.

   15. University Data – any data element stored or used in the management and operation of Texas State.

5. ROLES AND RESPONSIBILITIES

   1. Roles and duties under the Data Governance Program are considered part of regular job duties assigned to university employees.

   2. The Data Governance Program establishes the structure and roles needed for effective data governance as well as a Data Management Council to oversee management of the program and direct activities in support of the university mission. The Data Management Council consists of a leadership team and ex officio members determined by positions held within the university, as well as divisional representatives appointed by the vice president for each division.

      1. The Data Management Council Leadership Team is comprised of the council chair, council co-chair, a lead technical data steward, and a lead functional data steward.

         1. The role of council chair will be filled by the assistant vice president for Data, Analytics, and Institutional Research, who serves as the Chief Data Management Officer for the university and shares the managerial function with the executive sponsors and other members of the Data Management Council.

         2. The role of council co-chair will be filled by a data management analyst from the Office of Data, Analytics, and Institutional Research, who will serve as the deputy Chief Data Management Officer for the university and will share the managerial function with the executive sponsors and other members of the Data Management Council.

         3. The lead technical data and lead functional data steward will be appointed for a one-year term by the Chief Data Management Officer in consultation with executive sponsors based on the needs of the council in support of university goals.

      2. The Chief Information Security Officer, University Archivist and Records Manager, Chief Compliance Officer, and TSUS System Chief Data Officer will serve as ex officio members of the Council.

      3. All divisions, except Academic Affairs, are to appoint one divisional representative to the Data Management Council. Divisional representatives will serve for a one-year term running from September 1 to August 31 and can be re-appointed for consecutive terms. Divisional representatives will function as the lead data steward for their area and chair Divisional Data Management Committees.

   3. The council chair, as Chief Data Management Officer, is responsible for:

      1. providing oversight of the Data Governance Program and Data Management Council;

      2. leading the Data Management Council to ensure the duties and responsibilities of the Council are met;

      3. serving as the institutional representative on the state data management advisory board;

      4. coordinating with the State of Texas Chief Data Officer to ensure the performance of duties assigned under Section 2054.0286 of the Texas Government Code;

      5. arrange posting on the Texas Open Data Portal at least three high-value data sets, as defined by Texas Government Code Section 2054.1265, in partnership with the Texas Higher Education Coordinating Board;

      6. coordinating with the university’s Chief Information Security Officer, University Archivist and Records Manager, and Chief Compliance Officer to ensure state requirements for data governance and management are met; and

      7. serving as an ex officio member on each of the divisional Data Management Committees.

   4. The council co-chair, as Deputy Chief Data Management Officer, is responsible for:

      1. assisting with oversight of the Data Governance Program and Data Management Council;

      2. helping ensure the duties and responsibilities of the Data Management Council are met;

      3. serving as an alternate on the state data management advisory board in the event the Chief Data Management Officer is unable to attend; and

      4. performing other required duties in the absence of the Chief Data Management Officer to ensure compliance with the Texas Government Code.

   5. The lead functional and technical data stewards are responsible for:

      1. assisting with oversight of the Data Management Council;

      2. serving as subject matter experts by providing insight into the use and management of data from the functional and/or technical perspective;

      3. chairing Data Management Council standing sub-committees; and

      4. helping ensure the duties and responsibilities of the Data Management Council standing sub-committees are met.

   6. The Data Management Council is responsible for:

      1. developing data management policies and procedures addressing data privacy, ownership, stewardship, integrity, access, privacy classification, and reporting;

      2. ensuring compliance with state and federal laws related to data management including:

         1. implementing best practices for managing and securing data in accordance with state privacy laws and data privacy classifications;

         2. ensuring the university’s records management programs apply to all types of data storage media;

         3. increasing awareness of and outreach for the university’s records management programs within the agency;

         4. conducting a data maturity assessment of the university’s Data Governance Program.

      3. ensuring adherence to data management policies and procedures;

      4. securing funding for data management activities;

      5. arbitrating escalated data issues;

      6. directing shared data management activities across the university through guidance of data management sub-committees and working groups;

      7. coordinating training and support programs for data users;

      8. developing, maintaining, and documenting data and reporting standards;

      9. identifying and resolving cross-functional data issues;

      10. developing goals and metrics for the data governance program; and

      11. informing stakeholders of important data and reporting issues.

   7. Divisional Data Management Committees are standing sub-committees established to accomplish data management duties within each division.

      1. Each divisional Data Management Committee will be comprised of the divisional representative, as chair, a lead technical data steward, a functional data steward, and additional data stakeholders as deemed appropriate by the divisional vice president or director.

      2. The Chief Data Management Officer will serve as an ex officio member of each divisional Data Management Committee.

      3. Divisional Data Management Committees are charged with:

         1. ensuring adherence to data security, record retention, and data management policies and procedures within the division;

         2. developing data dictionaries for functional areas within the division;

         3. making policy recommendations to the Data Management Council;

         4. identifying and resolving cross functional data issues within the division;

         5. identifying cross divisional functional data issues; and

         6. escalating unresolved issues to the Data Management Council.

   8. Data Management Council standing sub-committees are formed by the Data Management Council, comprised of functional and technical data stewards and SMEs from one or more departments or areas. Sub-committees will be chaired by a member of the Data Management Council, or designee. These sub-committees will be responsible for operational data quality, usage, and reporting within their areas. Specifically, they:

      1. monitor compliance with data-related policies and legal or regulatory requirements, and report any issues of concern to the Data Management Council;

      2. define operational procedures and ensure any maintenance, use, and release of data complies with UPPS No. 04.01.01, Security of Texas State Information Resources;

      3. develop and maintain documentation, including data dictionaries and metadata for data elements;

      4. ensure the university’s records management policies are applied to data in accordance with UPPS No. 01.04.32, University Records Management;

      5. monitor data quality and develop programs and procedures for data quality improvement; and

      6. resolve issues assigned to them by the Data Management Council.

   9. Data Management working groups are temporary work groups, formed by the Data Management Council, to solve a defined data management issue. These can be made up of any combination of data stewards, SMEs, stakeholders, and data users. The charge to Data Management working groups will be defined at the time each is created.

6. DATA GOVERNANCE PROCEDURES

   1. All data governance procedures are developed by the Data Management Council and, depending upon the scope, will be added to this section of the Data Governance Program policy or as additional university policy and procedure statements.

7. REVIEWERS OF THIS UPPS

   1. Reviewers of this UPPS include the following:

      Position	Date
      Assistant Vice President for Data, Analytics, and Institutional Research	June 1 E3Y
      Associate Vice President for Technology Resources	June 1 E3Y
      Associate Vice President for Institutional Effectiveness	June 1 E3Y

8. CERTIFICATION STATEMENT

   This UPPS has been approved by the following individuals in their official capacities and represents Texas State policy and procedure from date of this document until superseded.

   Assistant Vice President for Data, Analytics, and Institutional Research; senior reviewer of this UPPS

   Vice President and Chief of Staff

   President