A9.5 Data Security Management
Activities |
Deliverables |
Responsible Roles |
Approving Roles |
Contributing Roles |
5.1 Understand Data Security Needs and Regulatory Requirements (P) |
Data Security Requirements and Regulations |
Data Stewards, DM Executive, Security Administrators |
Data Governance Council |
Data Stewards, Legal Department, IT Security |
5.2 Define Data Security Policy (P) |
Data Security Policy |
Data Stewards, DM Executive, Security Administrators |
Data Governance Council |
Data Stewards, Legal Department, IT Security |
5.3 Define Data Security Standards (P) |
Data Security Standards |
Data Stewards, DM Executive, Security Administrators |
Data Governance Council |
Data Stewards, Legal Department, IT Security |
5.4 Define Data Security Controls and Procedures (D) |
Data Security Controls and Procedures |
Security Administrators |
DM Executive |
Data Stewards, IT Security |
5.5 Manage Users, Passwords and Group Membership (C) |
User Accounts, Passwords, Role Groups |
Security Administrators, DBAs |
Management |
Data Producers, Data Consumers, Help Desk |
5.6 Manage Data Access Views and Permissions (C) |
Data Access Views Data Resource Permissions |
Security Administrators, DBAs |
Management |
Data Producers, Data Consumers, Software Developers, Management, Help Desk |
5.7 Monitor User Authentication and Access Behavior (C) |
Data Access Logs, Security Notification Alerts, Data Security Reports |
Security Administrators, DBAs |
DM Executive |
Data Stewards, Help Desk |
5.8 Classify Information Confidentiality (C) |
Classified Documents, Classified Databases |
Document Authors, Report Designers, Data Stewards |
Management |
Data Stewards |
5.9 Audit Data Security (C) |
Data Security Audit Reports |
Data Security Auditors |
Data Governance Council, DM Executive |
Security Administrators, DBAs, Data Stewards |