Data Domain Governance

Introduction

Data domain governance is important for managing data within organizations, including universities. This document outlines Purdue University’s data domain governance framework, focusing on functional and organizational domains. This framework aims to ensure that our data is accurate, consistent, accessible, and secure while also identifying the roles and responsibilities of individuals and departments involved in managing data.

For questions and requests, use the “Start Your Request Now” link on this page.

Policy Statement

Purdue University recognizes the importance of data governance in ensuring effective data management. Therefore, our policy is to establish a comprehensive data governance framework that outlines the responsibilities, processes, and procedures for managing data within functional and organizational domains.

Subdomains

At Purdue University, a subdomain is a logical subdivision of the top-level domain, purdue.edu, allowing for more specific data management related to a particular department, program, or project. Subdomains can be used to manage data related to academic programs, research projects, administrative departments, and other entities within the university. Purdue uses subdomains within the data domain governance framework to manage the data related to these various entities.


Functional Domain Governance

Functional domains refer to the different areas or department within a university that perform specific functions or provide specific services to students, faculty, and staff. Data governance within each functional domain is the responsibility of data owners and stewards, who define and implement policies related to their respective domains. Data custodians are responsible for managing the technical aspects of data management, including data storage, backup, and recovery. Data users are responsible for using the university’s data compliance with the defined policies and procedures. For more information about data governance committees and who to contact in your department, visit this Data Governance Committees resource.

Data Governance Committees

Organizational Domain Governance

Organizational domains refer to the different colleges and schools within the university. Data governance within each organizational domain is the responsibility of the college or school dean, who is the data owner. The dean is responsible for defining and implementing policies related to their respective domains. Data stewards may be appointed to assist the dean in implementing data policies and procedures within their respective domains. Data custodians and users have the same responsibilities outlined in the functional domain governance section. For more information about data governance committees and who to contact in your department, visit this Data Governance Committees resource.

Data Governance Committees

Best Practices and Criteria for Top-Level Domains and Subdomains

To ensure that subdomains are effectively managed within Purdue University’s data domain governance, the following best practices and criteria should be considered when creating top-level subdomains:

  1. Consistency: The URL should be consistent with the university’s branding and naming conventions, such as “business.purdue.edu” or admissions.purdue.edu.”
  2. Clarity: The URL should be clear and easy to understand for both internal and external users. They should clearly indicate what the subdomain or top-level domain represents. For example, the subdomain for the College of Engineering is “engineering.purdue.edu.”
  3. Functionality: The URL should serve a specific purpose or function, such as providing information about a department, service, or program. They should not be created simply for the sake of having a subdomain or top-level domain.
  4. Scalability: The top-level domain or subdomain should be scalable to accommodate future growth and expansion. It should be flexible enough to adapt to Purdue’s structure of offerings changes. For example, if Purdue University was to add a new college or department, a subdomain could be created for it, such as “newcollege.purdue.edu.”
  5. SEO: The URL should be optimized for search engines to help improve the university’s online visibility and search engine rankings. For instance, a subdomain such as “studyabroad.purdue.edu” could be used to provide information about study abroad programs. The content on the subdomain could be optimized with relevant keywords to help it rank higher in search engine results.
  6. Security: The subdomain or top-level domain should be secure and protected from potential security threats. Purdue University should ensure that all domains have proper security measures, such as SSL certificates and firewalls.
  7. Priority: Top-level domain and subdomain requests that represent high-priority initiatives will be considered and quickly approved if needed. For instance, purdue.edu/computes exists to support Purdue Computes, a new major initiative for the university.

Actions of the Domain Oversight Committee

The Domain Oversight Committee (DOC) at Purdue University is responsible for overseeing the management of subdomains within the university’s data domain governance. The DOC’s actions related to subdomains include the following:

  1. Approve requests for new top-level domains: Approve requests for new top-level domains: To request a new top-level domain, use the “Start Your Request Now” link on this page. Include the purpose of the top-level domain, the name, and the reason for high priority. Creating new content verticals (“purdue.edu/new-content”) cannot be granted to all requesters in order to avoid an overall structurally flat purdue.edu domain. These requests will be reviewed, approved, or denied by the DOC. If denied, the DOC will work with the requester to devise an alternate option.
  2. Approving requests for new subdomains: To request a new subdomain, a request must be submitted to the DOC that includes the purpose of the subdomain, the name of the subdomain, and the data classification category.
  3. Reviewing and approving subdomain policies: The DOC is responsible for developing and reviewing subdomain creation, management, and security policies.
  4. Monitoring compliance with subdomain policies and procedures: The DOC ensures that all individuals and departments involved in managing subdomains comply with the policies and procedures outlined in the data domain governance framework.
  5. Resolving issues related to subdomain management: The DOC is responsible for addressing any issues related to the management of subdomains, including security breaches, policy violations, and other issues.

How to Request a Top-Level Domain or Subdomain

To request a new subdomain at Purdue University, the following steps must be taken:

  1. Submit a request to the Domain Oversight Committee and include the following information:
    • Reason for requesting a new top-level subdomain vs. a directory of an existing site or a subdomain off an existing departmental subdomain.
    • Purpose of the site on the new subdomain, and whether or not it’ll redirect to a different URL vs. being a site.
    • The technical contact.
    • The person or department who will own it.
  2. The Domain Oversight Committee will review the request and determine if it meets the criteria for creating a new subdomain.
  3. If the request is approved, the Domain Oversight Committee will provide guidance on policies and procedures for managing the subdomain.

Vanity URLs and URL Shorteners

Vanity and shortened URLs allow users to avoid typing in full-length (and sometimes complicated) URLs. For example, instead of https://purdue.edu/purdue/academics/new-content” it can appear as “go.purdue.edu/new-content”. The shorter URL would then redirect to the actual home of that content. Vanity URLs are possible upon request and are managed by the Purdue DOC.

The DOC also manages multiple URL shortener tools. These are also available upon request:

  • purdue.university/new-content (Bitly)
  • purdue.link/new-content (Short.io)
  • purdue.ws/new-content (Short.io)
  • go.purdue.edu/new-content

Data Classification Categories

To effectively manage subdomains, data within each subdomain should be classified according to its sensitivity and criticality. Purdue University uses the following categories for data classification:

  1. Restricted Data: Data classified as restricted is the most sensitive and critical. This data requires the highest level of security and access control. Examples of restricted data at Purdue include social security numbers, credit card numbers, and health records.
  2. Sensitive Data: Data classified as sensitive is less critical than restricted data but still requires a high level of security and access control. Examples of sensitive data at Purdue include student records, financial information, and research data.
  3. Unrestricted Data: Data classified as unrestricted is the least critical and sensitive. This data requires a lower level of security and access control. Examples of unrestricted data at Purdue include public information, marketing materials, and general university information.

Roles and Responsibilities

The followings are the roles and responsibilities of individuals and departments involved in managing the university’s data:

  1. Data Owners: Data owners are responsible for defining and approving data definitions, policies, and procedures related to their respective domains. They are also responsible for ensuring that the data within their domain is accurate, consistent, and secure.
  2. Data Stewards: Data stewards are responsible for implementing data policies and procedures defined by data owners within their respective domains. They are also responsible for ensuring that the data within their domain is high quality, accessible, and secure.
  3. Data Custodians: Data custodians are responsible for managing the technical aspects of data management, including data storage, backup, and recovery. They are also responsible for ensuring the data is secure and protected from unauthorized access or disclosure.
  4. Data Users: Data users are responsible for using the university’s data in compliance with the policies and procedures defined in this framework. They are also responsible for reporting any suspected data quality or security issues to their respective data steward.

Data Governance Processes

The following are the processes for managing the university’s data within functional and organizational domains:

  1. Data Classification: All university data must be classified based on sensitivity and criticality. The data classification level determines the access control, storage, and handling procedures required for the data.
  2. Data Quality Management: The university must have a data quality management program to ensure the data is accurate, complete, and consistent.
  3. Data Security Management: The university must have a data security management program that ensures that the data is protected from unauthorized access, use, disclosure, modification, or destruction.
  4. Data Retention and Disposal: The university must have a data retention and disposal policy outlining the procedures for retaining and disposing of data based on its classification level and legal requirements.
  5. Data Governance Oversight: The university must have a data governance oversight committee that oversees the implementation of this framework and provides guidance on data governance issues.

User and Content Governance

For more information about data classification roles, permissions, user governance, and content governance, click here.


Conclusion

This document outlines Purdue University’s data domain governance framework, best practices, and criteria for top-level subdomains, focusing on functional and organizational domains. The framework provides a comprehensive approach to managing the university’s data and online presence, ensuring it is accurate, well-organized, accessible, user-friendly, and secure while effectively communicating its various functions and offerings to its audience. It is the responsibility of all individuals and departments involved in managing the university’s data to comply with this framework and ensure the effective management of data.


Contact

If you have questions, a request, or need to contact this Domain Oversight Committee, use the “Start Your Request Now” link on this page and someone from our team will be in touch.

DISCOVER OUR BRAND GUIDELINES

Download