Data Governance Framework
The purpose of this Data Governance (DG) Framework is to establish the guiding principles, governance structure, roles and responsibilities, and processes required to manage institutional data as a strategic asset. The framework supports consistent, secure, and ethical handling of data across McMaster University.
This Framework applies to all institutional data created, collected, stored, processed, and reported by the University. It includes student data, HR data, financial data, and system-generated data.
Administrative data related to research grants and publications generated are considered in scope of Data Governance. However, research data collected and created through research or scholarly activities are out of scope and generally covered by best practices in Research Data Management (RDM) Framework.
The McMaster Data Governance Program works collaboratively with the IT Security and Privacy offices which retain final authority within their respective domains.
McMaster University’s vision emphasizes excellence, transformation, and community impact. Data Governance enables these objectives by ensuring that data is accurate, secure, accessible, and trusted to support evidence-based decision making and institutional planning.
Accessibility – Authorized users can access data they require to support the performance of their duties.
Accountability – Clear ownership and responsibility for data.
Authorized Use – Ethical and legal use of data.
Availability – Data is available to support operations.
Compliance – Alignment with regulations and policies.
Efficiency – Streamlines processes for data management.
Effectiveness – Data supports institutional outcomes.
Fit for Use – Data meets quality standards.
Protection – Safeguards protect data across its lifecycle.
Respect – Protection of personal information and privacy.
Security – Data is secured against unauthorized access.
Trust – Transparent and reliable data management.
Transparency – Data processes, decisions, and lineage are openly communicated to ensure clarity, traceability, and confidence in how data is managed.
Adaptability – Governance supports rapid adjustments to the data ecosystem to meet evolving institutional needs and strategic priorities.
Enablement – Fostering an environment where data can support strategic goals.
Data Governance Structure
The governance structure includes the Executive Sponsors, Steering Committee, the Data Governance Council (DGC), Data Governance Networking Group, and operational roles such as Data Stewards, Data Custodians, Data System Stewards, Privacy Office, IT Security, and other Data Governance Support Units. These groups collectively ensure strategic oversight, operational consistency, and compliance.
The DGC includes representation from the following domain areas:
Financial Affairs, Human Resources, Institutional Research and Analysis (IRA), Office of the Registrar, University Library, University Technology Services (UTS), University Secretariat – Privacy Office, and Guests – As required.
This section defines the formal responsibilities for individuals and bodies involved in Data Governance. Data Governance RACI document is enclosed in the Supporting Documents section.
- Executive Sponsors:
-
- Provide strategic oversight, approve major directions, and champion institutional alignment.
- Enterprise Administrative Technology Committee (EATC) – Steering Committee:
-
- Approve major DG initiatives and policies, oversee strategic progress.
- Data Governance Council (DGC):
-
- Endorse standards, review issues, and guide program direction.
- Institutional Research and Analysis (IRA) Data Governance Team:
-
- Develop guidelines and standards, socialize DG best practices, and administer DG tools.
- Domain Stewards: The term “Data Stewards” may refer to “Domain Stewards” or “Sub-Domain Stewards”. All Domain Stewards activities may be delegated to Sub-Domain Stewards or Data Custodians at the Domain Stewards’ discretion.
-
- Oversee data within their domain, approve definitions, classifications, and access.
- Sub-Domain Stewards:
-
- Subject Area Experts (SAEs) responsible for data quality management and implementing initiatives to improve data integrity within their domain.
- Data Custodians:
-
- Subject Matter Experts (SMEs) responsible for initiating, reviewing and recommending approval for definitions and data systems, as well as fixing data quality issues when they arise.
- Data System/Application Stewards:
-
- Ensure data aligns with stewards’ guidance and document system metadata.
- Privacy Office:
-
- Conduct Privacy Impact Assessments (PIAs), maintain privacy compliance, and manage Personal Information Banks (PIBs).
- IT Security:
-
- Define security requirements and respond to security risks.
- University Technology Services (UTS) Data Systems & Integration Services:
-
- Responsible for technical administration and DG software, APIs, and integrations.
- Data Creators / Consumers:
-
- Create and use data responsibly and incompliance with DG guidelines and best practices.
Data Governance Program Areas of Focus
The Data Governance Program prioritizes Stewardship, Data Classification, and Metadata Management through the University’s data catalogue, the Data Cookbook. These components provide foundational support for consistent data use, documentation, and risk management.