Data Governance

 

 

Overview

Florida A&M University’s Data Governance program establishes a university-wide framework for managing institutional data as a strategic asset. Effective data governance supports planning, administration, compliance, protection, and informed decision-making across the University. The policy recognizes that data is essential to FAMU’s operations and strategic goals, and it provides the structure needed to manage data responsibly throughout its lifecycle.

What Is Data Governance?

Data governance is the management of data availability, usability, integrity, and security through clearly defined standards, policies, and practices. At FAMU, data governance helps ensure that institutional data is accurate, accessible to authorized users, protected from misuse, and handled in accordance with applicable laws, regulations, and University requirements.

Scope of the Policy

FAMU’s Institutional Data Governance Policy applies to data that supports the University’s administrative, educational, competitive, and institutional research functions, regardless of where that data is stored or maintained. Although data may exist across multiple systems and physical locations, the policy treats it as part of a single logical institutional database and applies governance procedures in a coordinated and consistent way. The policy applies to faculty, staff, students, affiliates, and third-party vendors.

The DQAC includes:

  • The advisory chair, who is the Vice President of SPAIE or designee
  • The co-chair, who is the Chief Information Security Officer from the Division of Information Technology Services or designee
  • A lead technical data steward
  • A lead functional data steward
  • Divisional representatives appointed from across the University, with each representative serving as lead data steward for their area

The committee helps coordinate activities and recommend practices that strengthen the quality, accuracy, consistency, security, and accessibility of University data and reports.

Restricted data includes information protected by law, regulation, or contract. Examples include student records that are not directory information, identifiable health records, Social Security numbers, credit card holder data, certain personally identifiable information, export-controlled data, and system security information.

Sensitive / Confidential

Sensitive or confidential data includes information whose loss or unauthorized disclosure could impair University operations, create legal exposure, or cause financial or reputational harm. Examples include investigation-related information, animal research protocols, unpublished research results, exams and answer keys, and employee data excluding Social Security numbers.

Open

Open data includes information intended for public use and that does not fall into a more restricted category. Examples include University regulations, course catalogs, public websites, job announcements, and certain directory information as permitted by policy and law.

Enforcement

Data-related incidents and noncompliance with the policy are referred to the appropriate University offices for investigation and corrective action. This may include reporting issues to the appropriate vice president and taking disciplinary or other corrective measures as needed.

Administration

The Institutional Data Governance Policy is administered by the Division of Strategic Planning, Analysis, and Institutional Effectiveness (SPAIE). The policy document provided is University Policy No. UP-01-04, Institutional Data Governance Policy.