Skip to main content

A NSW Government website

Data.NSW

Module 6: Assigning roles and responsibilities

Back a page 
Module 5: Organisational Structures
Next page 
Module 7: Organisation Enablers

 

What is it? 

While good data governance is everyone’s responsibility, agencies need to clearly define the key people who will be responsible for governing and managing data across the organisation. Assigning responsibilities to specific roles ensures there are specific people within the organisation who are responsible for ensuring that data is appropriately managed throughout its lifecycle. 

 

To ensure this Toolkit meets agency needs, outlined below is a guidance on developing a robust roles and responsibilities model. The model is specific to data (i.e. excludes information management) and describes the roles in functional terms rather than using traditional role titles (e.g. Data Custodian, Data Steward, Data Owner, Data Sponsor). The purpose of this is to ensure that people are assigned responsibility for undertaking these functions, and to allow agencies to assign these functions in ways that work for them. A more comprehensive list of roles can be found in the Data Governance roadmap  template

 

 
FunctionMain Responsibilities 

Accountable Executive

Accountable Executives have accountability for the data and are generally the responsibility of the Agency Head (Secretary, Chief Executive, or equivalent authority), however this role is often delegated to a designated Senior Executive. This role is typically referred to as the Data Sponsor or the Data Owner. 

  • Approve policies, protocols and guidelines in relation to the data asset, process and/or system 

  • Ensure that all legal, regulatory and policy requirements are met in relation to the data assets management 

  • Approve significant changes to the data collection, process and/or system 

  • Approve budget and resourcing/provide funding for data management projects 

  • Monitor the performance of data governance responsibilities and identify improvements 

  • Ensure data assets held by the agency are identified and documented in a data catalogue or register of data assets 

  • Delegate responsibilities for decisions and tasks to Responsible Executives. 

 

Responsible Executive

Responsible Executives are generally Directors with delegation from the Accountable Executive to exercise overall responsibility for a specified data asset. This role is typically referred to as the Data Custodian. 

  • Enforce the rules on behalf of the Accountable Executive 

  • Identify and document data assets held in a data catalogue or register of data assets 

  • Identify the information security classification of data assets to ensure appropriate protection and handling of the information 

  • Determine the conditions for appropriate collection, storage, use and sharing of the data and approve data change requests, data sharing requests and open data release 

  • Agree and set the standards for the data asset 

  • Nominate the Operational Data Manager for data assets and ensure responsibilities are fulfilled 

  • Develop a strategic plan for the use and management of the data asset. 

 

Operational Data Manager

Data Managers are generally business managers, process owners or subject matter experts with the greatest operational stake in the content of the data asset. They are responsible for operational (frontline) data management and for stewarding the data through the data pipeline. This role is sometimes referred to as the Data Steward and is seen as the ‘gatekeeper’ to accessing the data asset. 

  • Day-to-day operational management and operation of the data asset 

  • Ensure data is shared under an agreement or license to ensure privacy, security and data quality are maintained 

  • Manage the data asset in compliance with relevant legislation, policies, standards and any conditions specified by the Responsible Executive 

  • Work with stakeholders to develop and maintain metadata including a data dictionary, business rules and guide for use 

  • Provide advice to the Responsible Executive on the management of the asset 

  • Provide advice on the proper use and interpretation of the data to Data Users 

  • Provide feedback to Data Creators in relation to data quality issues and the resolution of errors in the data. 

 

Data Creator

Data Creators are any employee, contractor or consultant who captures or creates data on behalf of the agency, to be processed as a data asset. This role is sometimes referred to as the ‘Supplier’ of data to government. 

  • Ensure data is recorded or collected according to agreed data standards and liaise with the Accountable or Responsible Executive on standard requirements 

  • Ensure data is accompanied by accurate and sufficiently detailed metadata that enables people to understand it (e.g. creating a data dictionary, recording your methodology and how the data was created) 

  • Ensure processes are in place for the ongoing maintenance of the data 

  • Ensure data security 

  • Comply with legislation, policies and terms and conditions associated with data collection, including consent where applicable. 

 

Data User

Data Users can be anyone, public and government, who uses government data. 

  • Acknowledge the source of data and abide by any copyright or licensing requirements when using data 

  • Understand the data and ensure it is fit for its intended purpose 

  • Report any errors or omissions to the Operational Data Manager or Responsible Executive regarding data they receive in a timely manner 

  • Comply with terms and conditions of the license or agreement for access to data. 

  • Comply with legislation, policies and standards 

  • Ensure security and privacy are maintained whenever data is accessed 

  • Report any breach or suspected breaches to the Operational Data Manager and/or Responsible Executive in the first instance 

  • Obtain approval from the Accountable Executive or delegated authority for release of data. 

 

Why is it important?

Under the State Records Act 1998 Act (NSW), agencies are responsible for the creation, management, protection, and maintenance of their data, even when these management responsibilities have been delegated to another agency. It is important that agencies assign staff specific data responsibilities to ensure data is managed appropriately across its full lifecycle. A clear understanding and acceptance of custodianship roles and responsibilities can also help maximise benefits and minimise costs associated with data management for agencies, and lead to greater efficiency along data value chains. 

What good looks like

  • Assigned: responsibilities are defined and formalised across the organisation and at all stages of the data lifecycle. 

  • Appropriate: responsibilities are appropriately matched with the responsible person’s skills, expertise and delegation level. 

  • Understood: while some staff are formally assigned data management roles, all staff who handle data understand the data responsibilities associated with their role. 

  • Shared: data responsibilities are spread across all levels of the organisation and are not just the responsibility of the IT department, a specific data governance body or team. 

  • Specified: data sharing agreements and service arrangements clearly specify data rights, including whether responsibilities for the data will be transferred to a third party. 

How to achieve good practice

  • Assign data responsibilities across the organisation and ensure the data is mapped to the responsible person(s) in a data catalogue. 

  • Develop a data governance framework or policy that specifies who is responsible for the various aspects of the data, including who is responsible for giving permissions for open release and data sharing.  

  • Formalise data responsibilities where they already exist and avoid assigning responsibility to anyone who is not already undertaking the role in their day-to-day work. 

  • Ensure responsibilities are matched to the responsible person’s skills, expertise and delegation level. If parts of your agency lack data expertise, recruit new staff or leverage staff in different areas of the agency with specialised data skills. 

  • Ensure staff with specific data responsibilities are provided with training and supported by workflow tools that make their jobs easier. 

  • Ensure data sharing agreements specify data rights, including whether ownership of the data will be transferred to a third party. 

  • Develop a visual representation of your organisation’s data roles and responsibilities that is accessible to staff within the organisation, as well as other agencies. 

Questions to ask yourself

Who within the organisation should be responsible for overall data governance, and what authority will they have to make decisions? 

What are the specific roles or positions that will be involved in data governance, and what are their respective responsibilities? 

What expertise and skills are required for each data governance role, and how will the organisation ensure that the right individuals are in these positions? 

How will communication and collaboration be facilitated among data governance stakeholders and other relevant departments? 

What mechanisms will be put in place to resolve conflicts or disagreements related to data governance decisions? 

How will data governance responsibilities be cascaded throughout the organisation, especially in larger or decentralised organisations? 

What level of involvement should data owners have in data governance decisions and activities? 

How will data governance roles and responsibilities be documented and communicated to all relevant parties? 

What training and support will be provided to individuals taking on data governance roles to ensure they understand their responsibilities fully? 

How will data governance roles adapt to changes in the organisation, such as new projects, mergers, or expansions? 

How will the roles and responsibilities be balanced to avoid duplication of efforts or gaps in accountability? 

How will data governance roles be coordinated across different business units or departments to maintain consistency and avoid silos? 

What measures will be in place to ensure compliance with data governance policies and procedures? 

How will the effectiveness of data governance roles and responsibilities be assessed, and what metrics will be used to measure success? 

How will data governance roles collaborate with legal and compliance teams to ensure adherence to relevant regulations and data protection laws? 

What is the escalation process for addressing data governance issues or breaches? 

How will data governance roles ensure data quality and accuracy throughout the data lifecycle? 

How will data governance roles balance the need for data security and privacy with the organisation's goals of leveraging data for innovation and growth? 


Download Module 6

 

Back a page 
Module 5: Organisational Structures
Next page 
Module 7: Organisation Enablers

 


Last updated 11 Jul 2024