Professional Documents
Culture Documents
4 Data Quality Management Competency Framework Iso Standards
4 Data Quality Management Competency Framework Iso Standards
Copyright Notice:
The cited and annotated content of cited standards are duly owned by their research
organization or publishers.
The provided information about the rules and standards are for educational purpose.
The PowerPoint of the competency guide is free to use and share.
Being Competent
“A competent person has definitive
understanding, skills and character needed to
perform at a given level of
performance
standard,
the decision and work associated to the
mandated function and outcome of a defined
strategy and operation of the organization.
Being Competent
(ISO 8000-61)
Data Quality Management: Process Model
(ISO 8000-61)
Data Quality Management: Process Model
Data Quality Planning
Key Result Areas Activities
1. Requirements management Identification, definition and prioritization of the delivery of
different data related requirements for the organization
2. Data quality strategy Establish, evaluate and improve the organizations data
management quality strategy
2. Data processing Checking that data arising from processes meets data
requirements;
3. Data quality monitoring and Identify and respond to instances where data
control processing does not conform to requirements
(ISO 8000-61)
Data Quality Management: Process Model
Data Quality Improvement
Key Result Areas Activities
1. Root Cause Analysis and Identify root causes of data quality issues and propose
Solution Development solutions to prevent re-occurrence;
(ISO 8000-61)
Data Quality Management: Process Model
Data Quality Assurance
Key Result Areas Activities
1. Review of Data Quality Assess reported data quality issues to understand their
Issues nature and extent
(ISO 8000-150)
Send now
your question messages
in the chat box.
Data Driven Governance Competency Guide
Jayson.velasco@deped.gov.ph
09976183328
Data Quality Management – Quality Requirements
(ISO 25012)
Data Quality Management: Process Model
System-Dependent Quality
Characteristic Description
1. Accessibility The degree to which data can be accessed in a specific context of
use, particularly by people who need supporting technology or
special configuration because of some disability.
2. Compliance The degree to which data has attributes that adhere to standards,
conventions or regulations in force and similar rules relating to data
quality in a specific context of use.
3. Confidentialit The degree to which data has attributes that ensure that it is only
accessible and interpretable by authorized users in a specific context
y of use. Confidentiality is an aspect of information security (together
with availability, integrity)
(ISO 25012)
Data Quality Management: Process Model
System-Dependent Quality
Characteristic Description
3. Efficiency The degree to which data has attributes that can be processed
and provide the expected levels of performance by using the
appropriate amounts and types of resources in a specific
context of use.
4. Precision The degree to which data has attributes that are exact or that
provide discrimination in a specific context of use.
5. Traceability The degree to which data has attributes that provide an audit
trail of access to the data and of any changes made to the data
in a specific context of use.
(ISO 25012)
Data Quality Management: Process Model
System-Dependent Quality
Characteristic Description
6. Understandabili The degree to which data has attributes that enable it to be read and
interpreted by users, and are expressed in appropriate languages, symbols
ty and units in a specific context of use.
7. Availability The degree to which data has attributes that enable it to be retrieved by
authorized users and/or applications in a specific context of use.
8. Portability The degree to which data has attributes that enable it to be installed,
replaced or moved from one system to another preserving the existing
quality in a specific context of use.
9. Recoverability The degree to which data has attributes that enable it to maintain and
preserve a specified level of operations and quality, even in the event of
(ISO 25012) failure, in a specific context of use.
Send now
your question messages
in the chat box.
Data Driven Governance Competency Guide
jayson.velasco@deped.gov.ph
09976183328
Data Management: Data Privacy and Security
Data Management -Privacy and Security Safeguards
R.A. 10173 – Rule VI SECURITY MEASURES
Organizational Security Physical Security Technical Security
1.Compliance Officers. 1.Policies and Procedures on Limited 1.Security policy in processing personal
Physical Access data
2.Data Protection Policies 2.Security Design of Office Space and 2.Safeguards to protect computer
Room network again unlawful, illegitimate,
and destructive activities
3.Records of Processing Activities 3.Person Duties, Responsibility and 3.Confidentiality, integrity, availability,
Schedule Information and resilience of the processing systems
and services
4.Processing of Personal Data 4.Policies on transfer, removal, 4.Vulnerability assessment and regular
disposal, and re-use of electronic monitoring for security breaches
media
5.Personal Information Processor 5.Prevention policies against 5.Ability to restore the availability and
Contracts mechanical destruction of files and access to personal data
equipment
6.Regularly testing, assessing, and
evaluating the effectiveness of security
measures
Rule and Standard Based Management of Data Privacy
R.A. 10173 Implementing Data Privacy Information Security
Rules Policy Policy
ISO 29100 ISO 27001 Annex A
Rule 1 – Policy and Definitions 5.2 Consent and choice A5 Information security policies
Rule 2 – Scope of Application 5.3 Purpose legitimacy and A6 Organization of information security
Rule 3 – National Privacy Commission specification A7.Human resource security
Rule 4 – Data Privacy Principles 5.4 Collection limitation A8.Asset management
Rule 5 – Lawful Processing of Personal Data 5.5 Data minimization A9.Access control
Rule 6 – Security Measures Protection of Personal 5.6 Use, retention and disclosure A10.Crytography
Data limitation A11.Physical and environmental security
Rule 7 - Security of Sensitive Personal Information 5.7 Accuracy and quality A12.Operations security
in Government 5.8 Openness, transparency and A13.Communications security
Rule 8 - Rights of Data Subject notice A14.System acquisition, development and
Rule 9 - Data Breach Notification 5.9 Individual participation and maintenance
Rule 10 – Outsourcing and Subcontracting access A15.Supplier relationship
Rule 11 - Registration and Compliance 5.10 Accountability A16.Information security incident
Requirements 5.11 Information security management
Rule 12 – Rules on Accountability 5.12 Privacy compliance A17.Information security aspects of
Rule 13 – Penalties business continuity management
Rule 14 – Miscellaneous Provisions A18.Compliance
Rule and Standard Based Management of Data Privacy
Policy Inventory Risks Controls Operation
R.A. 10173 -2016 ISO 10007 – ISO 31000 – Risks R.A. 10173 Security NPC Circular 16-03
Implementing Rules Configuration Management Measures Personal Data Breach
and Regulation Management ISO 27005 – Security ISO 29151 – Privacy Management
NPC Advisories and Risks Management Controls NYMITY
Circulars ISO 27036 – Security Accountability
Supplier Relationship Framework
ISO 29100 – Data NPC Circular 17-01 ISO 29134 – Privacy ISO 27002 – Security ISO 27701 – Privacy
Privacy Framework Registration of Data Impact Assessment Controls Information
ISO 27001 – Processing System and ISO 22307 - Finance CSI Security Management System
Information Security Automated System Sector Privacy Impact CONTROL ISO 27035 – Security
Framework Assessment ISO 27017 – Cloud Incident Management
ISO 29190 – NPC Advisory No. Security ISO 27032 – Cyber
Privacy Management 2017-03 PIA IS0 27018 – Cloud Security Guidelines
Capability Guidelines Privacy ISO 27550 -Privacy
ISO 29184 – ETSI Security Engineering For System
ISO 27045 – Big Data Life Cycle Processes
Notification and Indicators
Security and Privacy
Consent OWASP
National Cyber Vulnerabilities
Training Activity
Data Governance Roles and Responsibilities
Roles
Data Manager Data Manager Data Technician
Responsibility Responsibility Responsibility
https://www.dpadvantage.co.uk/wp-content/uploads/2018/03/DPA-White-Paper-ISO-8000-Part-150-1-1.pdf
Data Quality Checklist
https://iso25000.com/index.php/en/iso-25000-standards/iso-25012
Data Quality Checklist
https://iso25000.com/index.php/en/iso-25000-standards/iso-25012
Send now
your question messages
in the chat box.
Data Driven Governance Competency Guide
jayson.velasco@deped.gov.ph
09976183328