Data Governance Policy - Governance Support - Home

1 data Governance Policy Version Approved by Approval date Effective date Next review President and Vice-Chancellor 20 February 2017 1 January 2017 March 2019. Policy Statement data policies are a collection of principles that describe the rules to control the integrity, security, quality, and usage of data during its lifecycle. The Policy also defines the roles and responsibilities of University staff, contractors, and consultants with internal and external parties in relation to data access, retrieval, storage, disposal, and backup of University data assets.

2 The purpose of the data Governance Policy is to: Define the roles and responsibilities for different data creation and usage types, cases and/or situations, and to establish clear lines of Purpose accountability. Develop best practices for effective data management and protection. Protect the University's data against internal and external threats ( breach of privacy and confidentiality, or security breach). Ensure that the University complies with applicable laws, regulations, exchange and standards Ensure that a data trail is effectively documented within the processes associated with accessing, retrieving, exchanging, reporting, managing and storing of data .

3 This Policy applies to all institutional data used in the administration of the University and all of its Organisational Units. This Policy covers, but is not limited to, institutional data in any form, including print, electronic, audio visual, Scope backup and archived data . This Policy applies to all UNSW staff, contractors and consultants. Policy Provisions 1. Background Information Institutional data is a strategic asset of UNSW Australia (UNSW) and the appropriate Governance for management and use of data is critical to the University's operations.

4 Lack of Governance can lead to operational inefficiencies and could expose the University to unwanted risks. The data Governance Framework (DGF) was introduced in the data Governance Steering Committee meeting earlier 2015 to improve the oversight, guidance and quality of data . The framework focussed across People, Process, Technology and Governance to improve the management of data assets from a strategic and operational perspective. It allows UNSW to better leverage their data quality activities, business processes and capabilities.

5 The framework was approved and endorsed by the committee for implementation. data Governance policies are a sub component of DGF. The policies are guided by principles that should be adhered to Support the improvement in managing and securing the data across the University. 2. Policy Framework and Principles The following framework outlines the principles and minimum standards that guide the University's data Governance procedures and must be adhered to by all UNSW staff: data Governance Policy Page 1 of 8. Version: Effective 1 January 2017.

6 Figure : data Policy Framework Governance and Ownership data Governance Role data Governance Responsibility data Custodian UNSW, rather than any individual or Organisational Unit, is the Custodian of the data and any information derived from the data . Chief data Officer The Chief data Officer is responsible for the overall management of the University's data and Information Governance data Governance Steering The data Governance Steering Committee is responsible for the overall Committee management of the University's data Governance .

7 data Executive A data Executive supported by a data Owner has the responsibility for the management of data assigned within their portfolio. data Owner data Owners are delegated by a data Executive, and are responsible for ensuring effective local protocols are in place to guide the appropriate use of their data asset. Access to, and use of, institutional data will generally be administered by the appropriate data Owner. data Owners (or a delegated data Steward) are also responsible for ensuring that all legal, regulatory, and Policy requirements are met in relation to the specific data or information asset.

8 This includes responsibility for the classification of data in accordance with the data Classification Standard. data Owners are responsible for ensuring that data conforms to legal, regulatory, exchange, and operational standards. The data Owner must ensure the process for the administration of data is in accordance with the data Management Life Cycle (refer Appendix 1). data Stewards Every data area must have one or more data Stewards, who are responsible for the quality and integrity, implementation and enforcement of data management within their Division, Faculty, Centre or research project.

9 The data Steward will classify and approve the access, under delegation from a data Owner, based upon the appropriateness of the User's role and the intended use. Where necessary, approval from the data Executive/ data Owner may be required prior to authorisation of access data Creators data Creators are academic researchers who create original research data during the course of an academic appointment with UNSW. data Creators under Ownership and Responsibility category (refer Appendix 2) are People who are responsible for the Creation and Ownership of research data and primary materials.

10 Original research data and primary materials generated in the conduct of research at the University is owned and retained by the University, subject to any contractual, statutory, ethical, or funding body requirements. Researchers are permitted to retain a copy of the research data and primary materials data Governance Policy Page 2 of 8. Version: Effective 1 January 2017. data Governance Role data Governance Responsibility for future use, subject to any contractual, statutory, ethical or funding body requirements. data Specialists data Specialists are business and technical subject matter experts in relation to the data or information asset.