The purpose of this policy is to establish and enforce practices to allow the capture and subsequent consumption of large and diverse data sets. These data sets will relate to information, which, when analysed, will provide a solid and real-time foundation upon which to make well informed business decisions for the University as a whole as well as at organisational unit level.
This policy applies to all members and partners of Plymouth University who are directly involved in the creation, delivery, support, maintenance, procurement and supply of systems and services into the enterprise architecture and contributing component architectures.
This policy applies to all systems that contain technology, application and information components throughout the organisation, including hosted or 3rd party platforms, with particular emphasis on public facing, university wide or business critical systems.
Going forward, good information will become the cornerstone of sound business decisions. This information must be gathered, analysed and reported. At the present time, Plymouth University barely scratches the surface of gathering useful data to allow for centralised and dispersed reporting functions to be able to gather the complete picture. A great deal of information is wasted due to the lack of importance associated to it currently. Most, if not all of our IT systems and services generate data, which is either discarded almost immediately or after a relatively short period of time, such as server system logs, email transactional data (not content), telephone usage statistics and the like. Traditionally, the University has only been interested in data from student records or admission systems, human resources data, finance and timetabling. By augmenting this data with system logs, website routing data and many other sources of data a fuller picture of what actually happens at Plymouth University can be surfaced.
In order to support this all new systems and services will have a requirement to be procured with the ability to hand off pertinent data to a centralised data warehouse repository. Existing systems will, over a period of time, be aligned with this policy to enable the further population of the repository.
Data will conform to data quality standards of accuracy, validity, reliability, timeliness, relevance, completeness and compliance with University regulations and statutory obligations, as established by the Data Quality Policy (draft).
Data stored in the repository must conform to an architected data model and be stripped of any personally identifiable information, with the possible exception of the information required for identified student or staff pastoral reporting, under these circumstances the data must be located in a highly secure location, which may be different from the anonymised information.
All operations will conform to Information Security and Information Management policy, procedure and classifications as set out by Plymouth University.
The security of data transmission and penetration to detect possible leakage must be tested at regular intervals to ensure satisfactory operation; these tests must be scheduled and communicated with the business in advance to ensure business continuity.
Failure to comply with this policy will lead to the solution architecture being rejected during Enterprise Architecture review, returned for rework, being placed on hold or managed by a waiver to the Enterprise Architecture.
Exceptions to this policy may be granted using the Enterprise Architecture Waiver Process and will be considered on merit as well as alignment with the overall architecture.
This policy is supported by established Enterprise Architecture documents, namely:
- Enterprise Architecture Principles – Principle 8: Data Security
- “Security must be designed into data elements from the beginning; it cannot be added later. Systems, data, and technologies must be protected from unauthorised access and manipulation. Vice Chancellor’s Executive information must be safeguarded against inadvertent or unauthorised alteration, sabotage, disaster, or disclosure.”
- Enterprise Architecture Principles – Principle 9: Data is an Asset
- “Accurate, timely data is critical to accurate, timely decisions. Most corporate assets are carefully managed, and data is no exception. Data is the foundation of our decision-making, so we must also carefully manage data to ensure that we know where it is, can rely upon its accuracy, and can obtain it when and where we need it, in doing so data assets can provide additional value to academic and research endeavors.”
- Enterprise Architecture Principles – Principle 10: Data is Shared
- “Data where applicable, will be available externally to the enterprise. This will afford both rich service provision also the ability to perform research collaboratively with partners.”
- Enterprise Architecture Principle – Principle 11: Data is Accessible
- “Wide access to data leads to efficiency and effectiveness in decision-making, and affords timely response to information requests and service delivery. Using information must be considered from an enterprise perspective to allow access by a wide variety of users. Staff time is saved and consistency of data is improved.”
- Enterprise Architecture Principles – Principle X: Data will be Analysable (Draft)
- “Data assets provide invaluable information to the enterprise for research and business intelligence decision-making when gathered, stored and accessed correctly.”
- Enterprise Architecture Policy
- “All Plymouth University information management and technology development, modernisation, enhancement, and acquisitions shall conform to the enterprise architecture and comply with applicable Capital Planning and University budgeting processes. “
- Data Quality Policy (draft)
- “High quality data enables accurate reporting and informed decision-making. Plymouth University recognises this key role, as well as the risks associated with poor data quality. Hence, the University is committed to continually improve the quality of its data.”
|Document Security Level:||PUBLIC|
|Document Approvals:||Technical Architecture GroupEnterprise Architecture Practice
Enterprise Architecture Board
|Review Date:||November 2015|