Description: In-depth, comprehensive, professionally developed Data Governance Program & Charter from Arlington that includes measures relating to the full life cycle of data, from acquisition to use to disposal as required by PM-23 of NIST SP 800-53, Revision 5.
Additionally, the Data Governance Program & Charter includes measures relating to establishing decision-making authority, policies, procedures, and standards regarding data security and privacy protection, data inventories, content and records management, data quality control, data access, data security and risk management, data sharing and dissemination, as well as ongoing compliance monitoring of all the above-mentioned activities.
Note: It is highly recommended to purchase the additional supporting documents within the Program Management (PM) family to allow for complete coverage of all controls within PM-1 to PM-32.
The Data Governance Program & Charter includes the following sections:
Goals and Objectives
Application of Metrics
Privacy by Design
Data Lifecycle Management (collection, use, sharing/disclosing, storage, protection, retention, disposal)
Framework and Organizational Structure (Data Administrators, Chief Data Officer, Data Protection Officer (DPO), Data Engineers & Developers, Data Scientists, Data Owners, Data Stewards, Data Custodians, Data Consumers)
Laws & Regulations
Data Literacy & Training
Specifications:Developed in accordance with NIST SP 800-53, Revision 5 (12-10-2020), and other related security control frameworks, where applicable.
Control Family: Program Management (PM).
Security Control Baseline Coverage:Includes coverage for all LOW, MOD, and HIGH Baselines, per NIST SP 800-53B (12-10-2020).