What Does It Mean?
NDMO Control DC.3.5 requires organizations to label their datasets and documents with specific classification levels, such as “Confidential” or “Public.” These labels must be added as metadata in a Data Catalog, a tool that helps organize and manage data. The process of adding and managing this information should follow the organization’s guidelines for metadata and catalog management. This control ensures that data is clearly labeled and easy to manage, helping keep it secure and organized.
Example
Imagine a company with three types of data:
- Customer Transactions: Labeled as “Highly Confidential.”
- Internal Emails: Labeled as “Internal Use Only.”
- Marketing Plans: Labeled as “Confidential.”
Activation Guidelines
- Define Labels: Create clear labels (like Public, Confidential, etc.) for your data based on its sensitivity.
- Label Your Data: Go through your data and apply the appropriate labels.
- Update the Data Catalog: Enter these labels as metadata in the Data Catalog, making sure this process is automated if possible.
- Regular Updates: Check and update the labels in the Data Catalog regularly to keep them accurate.
Success Criteria & KPI
- Success Criteria
- All datasets are labeled and recorded in the Data Catalog.
- Compliance with internal and external data management requirements.
- KPI
- Percentage of labeled datasets: Strive for 100% completion.
- Frequency of updates: Track how often labels are reviewed (e.g., every quarter).
- Compliance Score: Measure how well the metadata aligns with audits and regulations.
Some Potential Uses
- Access Control: Make sure only the right people access sensitive data.
- Risk Management: Reduce risks by handling sensitive data appropriately.
- Regulatory Compliance: Meet legal requirements for data protection.
- Data Security: Strengthen security based on the sensitivity of data.
Dependencies
- Data Classification Policy: A clear set of rules for labeling data.
- Metadata Management Process: A system for keeping the Data Catalog up to date.
- Data Catalog Tool: A tool that can handle and organize these labels.
- Staff Training: Ensure everyone understands how to label and manage data properly.
For Your Further Reading:
- KSA PDPL – Initial Framework
- KSA NDMO – Data Catalog and Metadata
- TOGAF – ADM (Architecture Development Method) vs. Enterprise Continuum
- KSA NDMO – DG Artifacts Control – Data Management Issue Tracking Register
- Enterprise Architecture & Architecture Framework
- Enterprise Architecture Governance
- Data Security Standards
- Data Steward – Stewardship Activities
- Data Modeling – Metrics and Checklist
- How to Measure the Value of Data
- What is Content and Content Management?
