Data Governance
At University of New England (UNE), we prioritise the responsible and strategic management of data and information to propel our institution to new heights of academic excellence, operational efficiency, and research innovation. Data governance is the cornerstone of our commitment to upholding the highest standards of data integrity, security, and transparency.
What is Data Governance?
Data governance refers to the framework of policies, procedures, and practices that govern the collection, management, and use of data within an organisation. It establishes clear accountability, responsibilities, and decision-making processes to ensure that data is treated as a valuable organisational asset. By defining roles, data ownership, and data quality standards, data governance enhances data’s trustworthiness, accessibility, and reliability.
At UNE, data governance is integral to our pursuit of academic and institutional excellence, enabling us to harness the power of data to drive informed decision-making and foster a data-driven culture.
What are the Benefits of Data Governance?
UNE is embracing data governance as a strategic initiative to unlock the full potential of the data assets, gaining a competitive edge in today’s data-driven landscape. UNE is establishing a robust data governance framework, to improve data quality, enhance decision-making, ensure regulatory compliance, mitigate security risks, facilitate data integration, and optimise costs.
Minimise Risks
Data governance helps mitigate risks associated with poor data quality, security breaches, privacy violations, and non-compliance with regulations like…(put reg). By addressing key risks, organisations safeguard their operations, reputation, and avoid potential legal consequences.
Establish a Single Enterprise-Wide Understanding of Data
Data governance harmonises the understanding of data across different business units by developing common terminology and classification. This promotes consistency, eliminates conflicts during data handoffs, and ensures accurate interpretation and application of data across the organisation.
Improve Data Quality
Data governance ensures data consistency, completeness, and accuracy. By implementing data quality controls, organisations can make informed decisions based on reliable and trustworthy data. This leads to improved operational efficiency and better outcomes in areas such as student services, product development, and strategic and corporate planning.
Enable Data Mapping
Data governance allows businesses to map the location and flow of data throughout the organisation. This enhances data discoverability, accessibility, integration, and facilitates connections to strategic goals. It provides a comprehensive view of data assets, simplifying data management and enabling effective decision-making.
Ensure Consistent Compliance
Data governance helps organisations comply with industry-specific and regulatory requirements such as (reg). By establishing data handling policies and practices, businesses reduce the risk of non-compliance, avoiding penalties, reputational damage, and potential data license revocations.
Improve Data Management
Data governance goes beyond data management by establishing best practices and codes of conduct. It ensures comprehensive and consistent application of compliance, security, and legal considerations. This human-centric approach complements technology-driven data management practices, leading to effective and responsible data handling.
Obtain Better and Quicker Insights
Data governance streamlines data organisation and enhances data quality, leading to better and quicker insights.
Data and Information governance Management at UNE
At UNE, we recognise the importance of effective data and information governance management to support academic and administrative functions.
Data and information governance management refers to the strategic and systematic management of data throughout its lifecycle, encompassing collection, storage, analysis, dissemination, and protection. At universities in Australia, this discipline plays a pivotal role in facilitating evidence-based decision-making, promoting academic excellence, and ensuring compliance with regulatory requirements.
In recent years, UNE has experienced a significant increase in the volume, variety, and velocity of data generated. This data spans a wide range of areas, including student enrolment, research outputs, financial transactions, alumni engagement, and more. With this abundance of data, UNE recognises the need to establish robust data and information governance management frameworks and adopt innovative technologies to unlock its full potential.
One of the primary objectives of data information management is to enable informed decision-making at all levels. Through the collection and analysis of various data sets, university administrators can gain valuable insights into student performance, curriculum effectiveness, resource allocation, and institutional performance metrics. These insights can drive evidence-based improvements in teaching methodologies, student support services, and operational efficiency, ultimately enhancing the overall student experience.
Furthermore, effective data information management plays a crucial role in supporting research activities at UNE. Researchers rely on access to accurate and reliable data to conduct studies, analyse trends, and make scientific breakthroughs. UNE is implementing sophisticated data infrastructure and analytics capabilities to support collaborative research efforts, interdisciplinary studies, and the exploration of emerging fields such as artificial intelligence, bioinformatics, and climate science.
At UNE we continue to embrace digital transformation and face evolving data challenges, establishing effective data governance frameworks, investing in advanced analytics technologies, and fostering a data-driven culture.
Information Classification: Safeguarding UNE's Data Assets
Information classification is a critical component of the University of New England’s (UNE) data governance framework. It is a systematic process that categorises data and information based on its sensitivity, value, and confidentiality.
By classifying information, UNE ensures that appropriate security controls and access restrictions are applied, safeguarding our data assets from unauthorised access, disclosure, or misuse.
Why is Information Classification Important?
Data Protection and Security
Information classification ensures that sensitive and confidential data is identified and protected with the appropriate level of security measures. This includes access controls, encryption, and other security protocols to prevent data breaches and unauthorised access.
Compliance with Regulations
UNE is subject to various data protection regulations and legal requirements. Proper information classification assists in complying with these regulations, and other privacy laws.
Risk Management
Identifying and classifying data based on its criticality and sensitivity helps UNE prioritise risk management efforts. This allows us to allocate resources effectively to protect the most valuable and vulnerable data.
Data Sharing and Collaboration
Information classification also facilitates secure data sharing and collaboration within UNE and with external partners. It ensures that data is shared only with authorised individuals or entities, maintaining confidentiality while enabling collaboration.
Information Classification Categories
The University of New England adopts the mandatory information classification categories specified below for all information held:
Unofficial
Information not related to official work duties or functions.
Official
Information created or processed in the University as part of the business of Government, System Manager and Education Provider functions.
Official: Sensitive
Official information that could result in damage to individuals, organisations or government if released.
Training and Awareness
UNE provides comprehensive training and awareness programs to educate employees and stakeholders about the importance of information classification. Training sessions cover data handling best practices, security protocols, and the proper use of classified information.
UNE’s Data catalogue
A data catalogue is a powerful tool that enables organisations to effectively manage, organise, and maximise the value of data assets. It serves as a centralised repository or inventory of an organisation’s data assets.
It provides a comprehensive and structured overview of the available data sets, including information about their structure, quality, lineage, and usage. By capturing and cataloguing metadata, such as data source, format, owner, and relationships, the data catalogue acts as a valuable reference guide for data users across the organisation.
A data catalogue also promotes data understanding and collaboration by providing detailed metadata, such as data definitions, data lineage, and data transformations, the catalogue helps business users gain a deeper understanding of the available data assets. This knowledge is crucial for data scientists, analysts, and other stakeholders who rely on accurate and reliable data to make informed decisions. Furthermore, the data catalogue fosters collaboration by allowing users to comment, rate, and share their insights and experiences with specific datasets, promoting knowledge sharing and collaboration across teams and departments.
At UNE we are evaluating a data catalogue that supports data-driven decision-making and innovation. By providing a comprehensive view of available data assets, the catalogue encourages data exploration and experimentation. It enables users to identify patterns, uncover insights, and discover new data relationships that can drive strategic decision-making and innovation.
Security and controls
We prioritise the security and confidentiality of our data assets. We understand that protecting sensitive information is paramount to maintaining the trust of our students, staff, and stakeholders.
To achieve this, we have implemented a comprehensive framework of security measures and controls to mitigate risks and safeguard our data.
Data Security
We employ industry-leading practices and technologies to ensure the security of our data. Our robust infrastructure includes firewalls, intrusion detection and prevention systems, and encryption mechanisms to protect against unauthorised access and data breaches. We regularly update our security systems to stay ahead of emerging threats and vulnerabilities, ensuring the confidentiality, integrity, and availability of our data.
Access Controls
We enforce strict access controls to ensure that data is only accessible to authorised individuals. Role-based access controls (RBAC) are implemented, granting appropriate privileges based on job roles and responsibilities. Multi-factor authentication (MFA) is employed to add an extra layer of security, requiring users to verify their identities through multiple means. We conduct regular access reviews to ensure that access rights remain appropriate and are promptly revoked when no longer needed.
Data Privacy
We are committed to protecting the privacy of personal data in accordance with applicable privacy laws and regulations. Our data privacy policies outline how personal information is collected, used, disclosed, and stored. We obtain consent for data collection and only retain information for as long as necessary. We provide transparency about data handling practices and offer individuals the right to access and manage their personal data.
Data Backup and Recovery
To mitigate the risk of data loss, we implement robust data backup and recovery procedures. Regular backups are performed to ensure that critical data is protected and can be restored in the event of data loss or system failure. Our backup systems are securely stored and regularly tested to verify their effectiveness. We maintain disaster recovery plans to minimise downtime and quickly restore services in the event of a disruptive incident.
Data Classification and Handling
We employ data classification and handling practices to ensure that data is appropriately identified, labeled, and protected based on its sensitivity and regulatory requirements. Confidential and sensitive data, such as personal information and research data, are subject to heightened security measures and access controls. Data encryption, anonymisation, and pseudonymisation techniques are employed as needed to protect sensitive data during transmission and storage.
Security Awareness and Training
We prioritise security awareness and training initiatives to foster a culture of security throughout the university community. Regular training programs educate staff, students, and other stakeholders about best practices for data security, phishing prevention, password hygiene, and the responsible handling of data. By raising awareness and promoting a security-conscious mindset, we empower our community to be proactive in identifying and mitigating security risks.
Auditing and Compliance
We conduct regular internal and external audits to assess the effectiveness of our security controls and ensure compliance with relevant laws, regulations, and standards. We continuously monitor and analyse security events and incidents to promptly detect and respond to potential threats. Our security and controls framework is designed to align with international standards and industry best practices to maintain a strong security posture.
At UNE, we are committed to ensuring the security and confidentiality of our data assets. We continuously invest in enhancing our security measures and controls to stay ahead of evolving threats and protect our data from unauthorised access or compromise.