Data Management Policies

Policies

Appropriate Storage Policies

1. Information must only be stored on company authorised storage media. USB sticks and other temporary storage solutions should not be used to hold corporate data.
2. The appropriate storage solution for the information must be used.  This may be a structured database, Sharepoint, shared drives, document management systems, proprietary system or  archive solution.

### Accessibility, Confidentiality and Privacy Policies

3. Information must be appropriately classified to determine the applicable level of privacy and confidentiality that must be applied.

4. For business processes to be effective the right information must be made available at the right time to support that process. When designing business processes, record the data needs of that process.

5. As a global business careful consideration must be given to the type of information we share with our partners in order to protect our intellectual property and market position.

   Master Data Management Policies

6. Master data must be sourced from the “System of Record”

7. Deviations or changed from the central definition of master data can only be completed with agreement of the Data Owner

8. Where industry, national or international standards for master data values exist they should be used in preference to internal codes, e,g. ISO Country Codes.

9. Master data must only be updated using the agreed processes and to agreed SLAs

   Lifecycle Management Policies

10. Data must be retained in compliance with Company Records Management Policy

11. Information that is no longer actively in use, but needs to be retained for compliance or other business reasons must be moved from the operational data store to an appropriate archiving solution.

12. Information that is no longer required must be disposed in a secure manner, having regard to the level of confidentiality and security that applies to the information.  All copies of the information should be destroyed and not just the master copy.

    Data Design Policies

13. All new system development projects must document their data requirements to at least a conceptual level.

14. All projects must use corporate data definitions in their designs wherever appropriate

15. Data designs must be documented using the standard tool sets.

    Data Quality Policies

16. The Information Owner is responsible for determining the rules to measure the level of quality required for the information they control.

17. The most efficient way of maintaining data quality is ensuring data items are correct at the point of entry. Therefore applications, business process and training must be designed to make correct entry as easy as possible

18. All corrections to poor quality data must be made as close to the source of the errors as possible.

19. Information quality must be monitored to ensure it meets business needs.

    Business Intelligence and Reporting

20. Business intelligence solutions must use the standard tool sets for ETL, data quality and report creation.

21. All new business intelligence requirements must be submitted to the BI Design Authority to determine the best solution for delivery.

22. Always assess business intelligence reports for security and confidentiality.  Data from different sources which is not confidential may produce results that require higher security rating when combined together.