Access to the OAT database

Similar documents
Use Cases for Argonaut Project. Version 1.1

October 8, User Conference. Ronald Layne Manager, Data Quality and Data Governance

UC Berkeley Data Warehouse Roadmap. Data Warehouse Architecture

Information Security Policy and Handbook Overview. ITSS Information Security June 2015

Proposal to Streamline and Strengthen Shared Governance at Westminster College

Graduate Studies in the Cheriton School of Computer Science University of Waterloo

Internal Controls. A short presentation from Your Internal Audit Department

SOA REFERENCE ARCHITECTURE: WEB TIER

Wright State University Information Security

Institutional Quality Assurance Process. University of Ottawa

Policies and Procedures SECTION:

Rowan University Data Governance Policy

Ulster University Standard Cover Sheet

MPP Internal Benchmark Survey Job Descriptions by Job Title

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

Data Management Standard

How To Manage Information Security At A University

California State University

Final Exam for: IS-100.a Introduction to Incident Command System, I-100

UMDNJ COMPLIANCE PLAN

ADMINISTRATIVE DATA MANAGEMENT AND ACCESS POLICY

Marist College. Information Security Policy

UC Berkeley Campus Data Warehouse Governance and Delivery Organization Proposal Campus Data Warehouse / Business Intelligence Competency Center

Graduate Program Resource Manual

Education Systems Roadmap

Article I: Organization

Master Data Management

Business Intelligence (BI) Data Store Project Discussion / Draft Outline for Requirements Document

Responsibilities of Associate Deans and School Directors of Teaching and Learning

Building an Academic Analytics Capability at KSU

DIRECTIVE TRANSMITTAL

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

Data Governance Policy. Staff Only Students Only Staff and Students. Vice-Chancellor

Continuing the MDM journey

Recommendations for the PIA. Process for Enterprise Services Bus. Development

UNIVERSITY OF WATERLOO Software Engineering. Analysis of Different High-Level Interface Options for the Automation Messaging Tool

GUIDE FOR FACULTY WORKLOAD PLANNING

Biomedical Engineering Graduate Program

Charter of the Audit Committee of the Board of Directors

Change Management Best Practices

Student Course Evaluation Management and Application

GRADUATE GROUP REVIEW PROTOCOL FOR SCHOOLS

Position Description Senior Associate Dean and Chief Operating Officer of the Darden Graduate School of Business Administration University of Virginia

SERVICE EXCELLENCE SUITE

Senior Academic and Administrative Officers Benefits: 7 weeks of PTO upon date of hire or transition to the position

COMPLAINTS FROM RESEARCH SUBJECTS ABOUT UCL SPONSORED STUDIES AND TRIALS

UNITED STATES DEPARTMENT OF THE INTERIOR BUREAU OF LAND MANAGEMENT MANUAL TRANSMITTAL SHEET

PhD Information Session. Prof. L. Robin Keller Director, Ph.D. Program

SCHWAB OPENVIEW WORKFLOW LIBRARY ONBOARD CLIENT WORKFLOW SERIES: NEW ACCOUNT SETUP PROCESS

An Enterprise Architecture and Data quality framework

Human Resources POSITION DESCRIPTION (HR 120)

Eligibility Procedures and Accreditation Standards for Accounting Accreditation

Current Environment Assessment Specification. Single Sign On Customer Relation Management Workstation Support

ITC 19 th November 2015 Creation of Enterprise Architecture Practice

BUDGET ADMINISTRATOR JOB DESCRIPTION

Project Management the smart way. Engineering & Construction. Timesheet Management QTIME. System. Improve Efficiency with QTIME

UC Santa Cruz - Office of the Registrar Academic Information Systems User Information: Academic Advisement Report

VIII. RESPONSIBILITIES AND FUNCTIONS OF COLLEGE ADMINISTRATIVE OFFICERS

Finance Division. Strategic Plan

College of Business Faculty Charter. Code of Operating Standards for Academic Policy and Administrative Structure

CONSTITUTION of the Department of Philosophy at the University of Florida

University of Michigan Medical School Data Governance Council Charter

Institutional Quality Assurance Process

A 5 STANDING COMMITTEES. Academic and Student Affairs Committee

By Bruce Schneider, Ambassador Education Solutions

Common Rules Courses leading to the Awarding of a Professional Doctorate (Research) Doctor of

STRATEGIC FINANCIAL PLANNING SANTA CLARA UNIVERSITY GUIDELINES FOR BUDGETING AND FINANCIAL MANAGEMENT OF CURRENT OPERATIONS

"Charting the Course to Your Success!" MOC B Configuring and Administering Microsoft SharePoint Course Summary

Non Health Sciences Departments Academic Affairs Academic Human Resources Accounting Operations Accounts Payable UW Admissions and Records

ARTICLE I: OBJECTIVE A.

Non-Academic (Departmental) Assessment

Cloud computing in the Enterprise: An Overview

Assistant Dean of Strategic Initiatives School of Business Administration, Dean s Office

Transcription:

Access to the OAT database The model: OAT is the online academic tools database containing much of the data within Quest (from which the database is regularly updated) but arranged in tables that make accessing the data for statistical and other purposes much simpler. OAT&Access&projects& OAT&Access&projects& OAT&Database& Quest & Admissions& Quest& WatIAM&???& As the diagram shows, OAT provides access to the database through both a query service and a web service. This access is to be provided to organizational units university wide so that they may use it to build tools to improve their academically related information processes. The only purpose of this direct access is to further the academic mission of the university. It is intended that such access will be through well defined OAT Access Projects, represented in the diagram as grey triangles. The purpose of the current document is to describe how such access projects are to be sponsored, instantiated, and put into production. Throughout, it is essential that the process be straightforward, streamlined, and secure. The governing principle is to devolve the responsibility and authority for providing programmatic access by technical staff within an organizational unit. The OAT Management Board devolves this approval authority within any University of Waterloo organizational unit to the so- called OAT access sponsor who is a senior officer of the university within that unit. The organizational unit is to be as large as is reasonable (e.g. an entire Faculty, all of IST, the Library, the Centre for Extended Learning, etc. any other large academic or non- academic unit with technical resources).

The diagram below sketches the relationship between the OAT board, the OAT project sponsor, the project itself, and the OAT database. Oat& Access& Project& OAT&Access& Sponsor& OAT&Produc9on& Live& The thick arrows are the delegation of responsibility and authority from the OAT management board to the OAT Access Sponsor to the project itself. An example of an existing project currently under development is the UW student portal use of the OAT web services: UW&org/business&unit,& Students,& Registered&Apps,& Student& Portal& UW&Enterprise& Architect& OAT&ProducAon& Live& As the sketch shows, in this case the OAT Access Sponsor is the University s IST Enterprise Architect. This Sponsor, working with the OAT management board, is responsible for the use made of the OAT database by the Student Portal project. This project in turn provides controlled access to the data by other entities, including UW organizational units, students, and perhaps registered apps provided by third parties. The project is still under development.

Rules for providing access the OAT database: Two distinct people are to be assigned to oversee and manage all access within a large organizational unit 1. The OAT access sponsor for all access within the organizational unit and is the primary connection with the OAT Management Board. 2. An OAT technical sponsor who oversees technical access within the organizational unit and who is the primary technical connection with OAT technical administrators. The two sponsors and the OAT Management board individually and collectively act as Information Custodians (in the sense of University of Waterloo Policy 8 ) over the content of, and access to, the OAT database. These custodial responsibilities naturally entail both procedural and technical components the OAT access sponsor will largely be responsible for the former, the OAT technical sponsor for the latter. Any potential OAT access sponsor may formally approach the OAT Management Board to be granted the rights and responsibilities of that role. The OAT access sponsor must provide the name of the OAT technical sponsor before approval. Approval requires and means that all of the following conditions hold on these two sponsor positions: 1. OAT access sponsor a. must be one of the following i. For a Faculty based group: 1. Associate Dean (Computing) for the Faculty 2. Associate Dean (Undergrad or Grad), if no AD (Computing) ii. For an IST based IT group, any of the following: 1. Chief Information Officer 2. IST Director of Enterprise Architecture 3. IST Director of Enterprise Systems iii. Directly approved by the OAT management board. iv. The appropriate Information Steward as in Policy 8 b. has authority i. to directly sponsor groups and users within their organizational unit ii. to allocate OAT access levels and roles to IT groups and users c. has responsibility for i. all University of Waterloo Policy 8 responsibilities for any sponsored IT group s use of the OAT database

ii. ensuring sponsored users are aware of their University of Waterloo Policy 8 responsibilities iii. activity of all IT groups and users that they have sponsored iv. creating and maintaining documentation on who has been sponsored and what level of access or role they have v. ensuring that all sponsored use is consistent with University of Waterloo Policy 19 vi. ensuring an orderly transition of this role to their successor 2. OAT technical sponsor is a. formally designated by the OAT access sponsor b. normally a senior member of technical staff within the organizational unit (e.g. the technical director, manager, or team lead of an IT group reporting to the OAT access sponsor) c. the primary conduit between the organizational unit s IT groups/users and the OAT technical administrators d. responsible for ensuring usage within the organizational unit meets all UW security standards and procedures (to the satisfaction of IST s Information Security Services) e. the person providing technical oversight of all IT uses of the OAT database within the organizational unit Notes: All users are treated as reasonable and responsible agents of the University. All use must be consistent with University of Waterloo Policy 8 and Policy 19. It should be expected that any data stored on a student (e.g. notes) could one day be provided to that student upon their request. All activity will be logged so that an audit trail exists for all interactions. OAT is located at oat.uwaterloo.ca Privacy and Security Impact Assessment (PSIA) requirements for access projects. Each new access project sponsored by an OAT access sponsor requires a separate assessment with respect to its additional impact on privacy and security beyond that of the OAT database itself. The assessment and approval is the joint responsibility of the offices of the University of Waterloo s Privacy Officer and IST s Information Security Services. It is the responsibility of the OAT access Sponsor to effect this assessment. When approved, this impact assessment will be appear as an Addendum to the PSIA for the OAT database itself and the technical development may begin. The PSIA for the OAT database has the Provost and the Dean of Mathematics as co- sponsors.

Examples: ASIS (production, OAT based): The Advising Student Information System (ASIS) was the first OAT Access project and the driving force behind OAT s design and construction. Though first used as a tool within the Faculty of Mathematics, ASIS has since been made available to other Faculties. Reflecting this history, it differs slightly from the general model. ASIS&users& AssocDean& Undergrad& ASIS& OAT&Produc<on& Live& In this case, the OAT management board has directly overseen ongoing ASIS development and so has been largely responsible for the OAT ASIS connection. Indeed, the ASIS designers and developers are the OAT designers and developers. The OAT management board set up well defined rules for providing access to the ASIS system. These include identifying the Associate Dean for Undergraduate Studies as the ASIS sponsor for all ASIS use within that Faculty. Canned Queries (production, OAT based): Several canned queries have been developed by the OAT designers and developers, largely in conjunction with the Mathematics Faculty s Associate Dean of Undergraduate Studies. These queries are very helpful in analysis and planning within the Faculty. The Canned Query project makes these available to other Faculties as well, following the same authorization as for ASIS. Canned&& users& AssocDean& Undergrad& OAT& Canned& Queries& OAT&Produc=on& Live&

The Access Sponsor is also the Associate Dean Undergraduate Studies for each Faculty s use. IT technical (production, potentially OAT based): IT units within the Faculties, and elsewhere, create computer accounts for students by Faculty, by course, by term, etc. This requires information such as userid, student id, course id, etc. This must be automated. Presently, IT units use a variety of sources including several regular data extracts provided by IST. Much of this could be simplified by providing query access to the OAT database. There are many other use cases from IT units that would be of high value to Faculties (e.g. exam seating) and the University academic mission. For IT units within a Faculty, the OAT Access Sponsor would be the Associate Dean for Computing. Undergraduate admission offer management (planned, planned to be OAT based): The Faculty of Mathematics (and others) has a strong interest in incorporating applicant data into the OAT database so that tools could be developed for more efficient and effective management of admission offers. The OAT Sponsor of any such project would likely be an Associate Dean in a Faculty. OGSAS (production, potentially OAT based): OGSAS is an online graduate application management system that was designed, developed, and implemented by the School of Computer Science. It interfaces with the University s document management system (to access the graduate application documents). It does not use the OAT database, nor is it overseen by the OAT management board. The Access Sponsor for this system is the Director of the School of Computer Science. OGSAS is however a very attractive and efficient system to manage hundreds of applications. This includes their review and ranking by graduate officers, their assignment to potential research supervisors for further review (grouped by keywords provided by the researchers), and expedites the entire decision making process. Other UW graduate programs have expressed a strong interest in using OGSAS for their programs. Any undergraduate admissions process within a Faculty would also be greatly helped by the design and tools available in the OGSAS system. Others (possibilities): Degree auditing, app development,

OAT project development: Each access project is expected to depend on the construction of particular queries to the OAT database. The information from these queries may be delivered directly from the OAT Query service or through an OAT managed intermediary such as a web service. Some of the queries approved for the project might already exist as part of an existing OAT project such as Canned Queries. In this case, the project could have access to those canned queries it required. Technical development must be staged as pictured in the diagram below: Approved(Addendum(to(( OAT(PSIA( OAT(Sponsor( Approval( ( OAT(Board( Technical(VeDng( ( Query( Develop(&( Test( Approval( Query( (Quality( Assurance( Approval( OAT( Approved( Produc9on( web( web( web( query( query( query( Devel(&(Test( Anonymous( Stale( Data( QA( Iden9fiable( Stale( Data( Produc9on( Live( The balloons indicate the approval necessary to proceed. The overall project requires the completion of the process described by the Access Rules. The end point of that process will normally be the Addendum to the PSIA. The OAT sponsor (approved by the OAT management board) and the OAT Board (through its technical team) will have to approve different parts of the development of an OAT access project before it becomes production. The three stages are 1. Query development and testing a. takes place on the OAT development and test database b. OAT development database is identical in content and functionality to the production database with the following exceptions: i. Individual records are anonymized ii. Data is stale, possibly months old c. Testing is meant to be exhaustive on this database

d. Testing proceeds to the next stage only when signed off by the OAT sponsors 2. Query Quality Assurance a. Takes place on the OAT Quality Assurance (QA) database b. Requires approval of the OAT sponsors before access is granted c. OAT QA database is identical in content and functionality to the production database with the following exception i. Data is stale, possibly months old d. Testing is meant to be exhaustive on this database e. Testing proceeds to the next stage only when signed off by the OAT sponsors 3. Production a. Takes place on the OAT production database i. Data is live b. Requires approval of the OAT management board before access is granted i. Entails technical vetting by the OAT management board Passed by the Mathematics Faculty Online Academic Tools Management Board February 24 2014.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information