Every day, thousands of gigabytes of data pass through the CU servers. To ensure that data is managed as a material asset the University has established a data governance program with the goals of ensuring that data provides value, meets compliance requirements, and risks are managed appropriately. Data governance plays a central role in the control and distribution of important information within the university. Without data governance, people may not know who to go to for answers to their questions, and may receive and/or circulate incorrect information. Communications can also become point to point and randomized, and people may rely merely on informal collaboration for the university to operate properly, which can be risky. Data governance helps address these risks. The program consists of Data Trustees, Data Stewards, Data Custodians, and Data Users. (See the Data Governance policy APS 6010.)
Appointed by the President, Chancellor, or delegates of the Council of Data Trustees, Data Trustees are accountable for managing, protecting, and ensuring the integrity and usefulness of university data. In addition to upholding University policies and state/federal law, Data Trustees are responsible for identifying the sensitivity and criticality of data.
Data Custodians have control over a data asset's disposition whether stored, in transit, or during creation. They are usually associated with IT units within the University, and typically have modification or distribution privileges. Because they take such a hands-on role, Custodians carry a significant responsibility to protect data and prevent unauthorized use.
Although they often have custodial responsibilities, Data Stewards are distinguished by having delegated decision-making authority. They may represent Data Trustees in policy discussions, architectural discussions, or in decision-making forums.
Data Users create and control university data, and share responsibility in helping Data Stewards and Custodians manage and protect data. Data Users can consist of any individuals or University units that create or manage sets of University data.
The Data Trustees advise the President and Chancellors that the University is taking appropriate measures to ensure data quality and ensure compliance with relevant regulations and policies. These individuals, appointed by the President and Chancellors, work to resolve conflicts where data overlaps between multiple data trustees. (See the current list of Data Trustees.)
Data Management Groups
Data Management Groups (DMGs) are an integral part of data governance. Among several functions, DMGs aid in developing processes to assure confidentiality and security of data by managing access to and usage of data. They also assist in governing the risks that pose a threat to university data and data trustees. These groups consist primarily of Data Stewards and Data Custodians.
When University Units (Data Users) create shared data repositories they take on responsibilities as Data Custodians. As such, units must work with Data Stewards to ensure that they understand external regulatory and University policy compliance requirements. In addition to ensuring adequate safety procedures are being upheld, it is the duty of the Data Steward to understand business needs of the University unit and facilitate appropriate access to the required data. Data Trustees, managed by the Council of Data Trustees, oversee the actions of the Stewards and make sure that the data maintains a level of quality, protection, and effectiveness.