Definition of Roles
A Data Trustee is accountable for the security, privacy, data definitions, data quality, and compliance to data management policies and standards within their functional areas. The data trustees work with the CIO to ensure that the appropriate resources (staff, technical infrastructure) are available to support the data needs of the entire university.
Assigned by and accountable to Trustees. Define, implement, and enforce data policies and procedures within their functional area Data stewards are responsible for ensuring that the management of individual data sets conforms with relevant University policies and standards.
- Reviewing and approving access to institutional data and student data as allowed by the Family Educational and Privacy Rights Act (FERPA)
- Completing data classification and stewardship training
- Identifying major data systems where data under their responsibility resides
- Assigning Data Custodians for their respective areas
- May assume the duties of the data custodian as appropriate
Data Custodians / Security Officers
A data custodian is a University employee who has been assigned operational responsibilities for maintaining technical solutions and/or enforcing access procedures related to Institutional Data (including data maintenance roles). Data custodians often work in teams to document, implement, and monitor operational standards and procedures.
- Maintaining technical solutions and executing procedures in compliance with relevant University policies, standards, and data steward requirements
- Managing Data User access and modification requests as authorized by appropriate Data Stewards
- Providing and updating procedures in conjunction with Data Stewards and Data Management Group
- Ensuring adequate system backup and system disaster recovery plans
Data Users / Consumer
Data Users are end users who have been granted access to institutional data in order to perform assigned duties or in fulfillment of assigned roles or functions within the University. This access is granted solely for the conduct of university business; all users will abide by APSU Policy 4-042 and APSU Policy 4-029.