ANNUAL CONFERENCES
2006 TAIR CONFERENCE
2006 SAIR CONFERENCE
ADDITIONAL LINKS

TAIR TRAVEL GRANTS

FACT BOOK CONTEST INSTRUCTIONS / LINKS

IR WEB PAGES FROM OTHER TEXAS COLLEGES & UNIVERSITIES

AIR JOB LISTINGS

LINKS

CONTACT US

2006 TAIR Conference

Organizational Climate: Access and Security Considerations for an Institutional Data Warehouse

Data access through a mainframe computer, and the institutional researcher’s responsibility for those data, required the programmer and institutional research to be “gatekeepers.” The advent of data warehouses puts a multitude of information at everyone’s fingertips, but with that brings concerns with the misinterpretation and release of data. The data warehouse can control for misinterpretation of data by predefining information (data cubs, reports) and existing rules can control for external data requests (FERPA, Open Records Requests, etc.), but how can we control for an institutional climate of being “closed” versus “open” where one Dean wants everyone to have access to data while another does not. Also discussed is the role of the institutional researcher in these issues.

Introduction

      The nature of academic administration is undergoing a vigorous transformation on many college and university campuses today; more executive administrators are adopting a decentralized management approach that pushes accountability for performance and resource allocation out to Deans and department chairmen. This transformation is driven by, and dependent upon, accurate, consistent, flexible, and readily available management information and a “single version of the truth” that is shared by all. Data-driven decision-making is becoming paramount to the success of units, departments, and schools, and to more closely aligning shrinking resources with increasing demand. Accordingly, organizational climates that were once closed and controlling with respect to information flow must become more open and transparent. The ensuing proliferation of institutional data warehouses (accessible to an ever-widening base of academic administrators) is raising new concerns about access and security for the academic community. This, in turn, is changing the role that Institutional Research offices have traditionally played in higher education administration. 

      One role of the Institutional Research Office, as well as other offices that handle institutional data, has been that of “gatekeeper” for the institution’s data. There is an organizational need for a centralized office (or offices, depending on the type of data) with responsibility for knowing the data definitions and ensuring that any information that is released, internally or externally, meets those definitions. These data “stewards” are charged with maintaining “clean” data and verifying that the data released answer the specific questions that are being asked. One key benefit of this type of data centralization is that that reporting integrity is more manageable; as long as there is one entry-and-exit point for the sharing of data, the resulting information is more likely to be accurate and the definitions more consistently applied.

      Unfortunately, the single contact point approach has also posed a bottleneck. Typically, requests are made to the IR office where the data are retrieved, verified, and then released to the requesting entity. If the requesting entity does not have a good initial idea of what they are really looking for, or if they discover after the initial request that they need more or different data, another request must be generated and another response made. Granted, IR offices have solved many of these problems by generating standard reports, the most common solution being a statistical handbook or factbook. However, not all questions can be anticipated, and to attempt to do so would be futile for most IR offices. 

      More often than not, the IR office response to these non-standard requests has been “we don’t have that information” or “submit a request and we will put it in the queue, but we cannot guarantee when we can get to your request.” At the very least, programmer intervention has been required to create ad hoc reports from legacy databases. The notion that an academic administrator could research facts and figures for his/her unit without the assistance of the IR office or a staff of programmers has been unheard of, if not impossible. And then, in the event that departmental programming resources are available, the very ugly possibility of “multiple versions of the truth” and contradictory reports has often become a reality.

      While IR offices can provide data and information, they are not the decision-makers for the University, and they are not accountable for those decisions. How many courses to schedule, who to assign to those courses, teaching load credits to be generated, etc., are all the responsibility of the colleges and departments. While a central office like the Provost’s Office may set performance based metrics (percent of lower division courses taught by tenured/tenure track faculty, room utilization rates, grade distributions, etc.) there is a growing need for management information analysis by academic departmental personnel. 

      The logical solution is to have a repository of information that can be accessed by non-programmers to answer the variety of questions that are commonly asked by academic administrators. While external questions must still go through the IR office, academic data needed for the internal operation of the institution and for researching specific management issues can be readily accessible and presented in an intuitive, yet flexible format.

The UT Austin Solution – “Project IQ”

      We have a saying at the University of Texas at Austin that we are “data-rich but information-starved.” Our massive mainframe-based operating systems are dependable “workhorses” that accurately and reliably process millions of registration, accounting, purchasing, and grade transactions on a continuous basis. But the information in these transactional systems is heavily encoded, with data structures that are optimized for processing, not for analysis or reporting. Programmer intervention is required for even the most simplistic extraction of data from these systems. The problem is how to leverage these massive, dependable systems (and our investment in them) with the need for more usable and readily available management information for our executive administrators. Our solution is Project IQ.

      Project IQ (“Information Quest”) is an enterprise-wide business intelligence initiative that provides accurate and flexible analytical tools and management information to support University leaders in making data-driven decisions. Project IQ is far more than a data warehouse; it is a management tool that employs Cognos business intelligence software to facilitate quick and efficient analysis and cross-comparisons of data that were not previously possible for our administrators. Business rules are embedded in the toolset (cubes and reports) and the user requires no technical expertise (no knowledge of “joins” between warehouse tables) and only a limited understanding of the relationships between the underlying data elements. This system gives University leaders the information they want in the way they want it by providing tools for reporting and analysis, quick extraction of data without programmer intervention, and flexible control over data formatting while maintaining data integrity and appropriate security.

      Of critical importance is the role played by the “data stewards.” These are the campus offices that “own” and maintain the underlying legacy source data, such as the Office of Accounting, the Budget Office, the Registrar’s Office, and the Office of Institutional Research. The data stewards are responsible for the integrity of the data held on the mainframe files and the data definitions and business rules that govern the appropriate use of their data. Without their tenacious review of Project IQ products, particularly validation of data represented in the cubes, the project could not possibly achieve its goal of accurately providing “one version of the truth” for institutional data.

   So, now we have a lot of our data in one place and accessible to institutional officers who need the information in order to plan for future semesters and generally make their units runs better. But, who should have access to these data, who determines who has access, and how does the institution control use and release of the information? This is the tricky part, because there are differences between institutions and even within institutions concerning the culture of “openness.” Many of the accessibility “rules” have been defined for institutions by FERPA requirements and Open Records laws, for example, but there are still issues regarding the latitude that an institution has in granting access to, and releasing, data. Specific concerns include misuse of data, the obligation to respond to requests, ultimate responsibility for the data, and a plethora of questions regarding appropriate limitation on internal access.

Public Access to Institutional Data

      Rules and regulations concerning public access to information have recently been defined by Open Records (Public Information Act) and FERPA rules. Under the Texas Public Information Act, each person is entitled to complete information about the affairs of government and the official acts of public officials and employees, unless otherwise expressly provided by law.  An open records request is a request for public information contained in the files or records of a Texas governmental agency.  For more information about the Texas Public Information Act or open records requests, refer to the Attorney General’s 2004 Public Information Handbook (University of Texas System http://www.utsystem.edu/OGC/openrecords/openrecordstoc.htm). 

Similarly, the Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education (http://www.ed.gov/policy/gen/guid/fpcoferpa/index.html). These two laws state, generally, that while the public has a right to a review of the affairs of public officials (public institutions of higher education fall under that category) there are restrictions on the disclosure of certain student data. 

      All institutions of higher education are aware of these rules and regulations and are expected to follow them to the letter. However, these rules do not apply to internal requests for information for which the requestor has a legitimate managerial or business need.

Control of Information: “Access” vs. “Use”

      When the concept of data “security” is discussed, the topic is really the “control” of data definitions and how the data are being used. In the past, there was one point of contact for the data, usually the Institutional Research office. In that case, control was achieved through direct contact with the requestor. Data were secure because we knew who was getting the data, the exact data they were getting and how it was defined, and the specific question the requestor said they were trying to answer. The control in this situation was the IR office as the single access point. Even with standard reports (published documents and factbooks/statistical handbooks), the publisher of the data had control over data definitions and business rules through a static format. With these standard reports, there was an implied control over the use of the data because it was predetermined that these data were “official” university data and therefore suitable for “public” consumption.

      With the advent of the data warehouse, there is no longer one point of contact for the data. While Institutional Research and other offices on campus are responsible for collecting and cleansing the data, as well as maintaining data definitions and business rules, the requestor no longer plays a passive role. Rather than merely asking for data, the requestor now plays an active role in deciding which data elements they choose to analyze, to combine and compare with other data elements, and to use in making management decisions that affect academic operations. Determining who will have access to the warehoused data, and then educating them on the meaning and proper use of the data, becomes paramount to any continued “control” of information.

      There are, ultimately, two ways to control data: access and use. Each of these will be discussed in light of the perceived organizational climate, and UT Austin’s solution to control of access and use will be presented.

Different Types of Data Require Different Types of Control

      The first phase of the data warehouse (Project IQ) for the University of Texas at Austin involved financial data. The data elements/reports needed were distilled down to a handful of cubes and reports needed for college-level financial officers to efficiently conduct business for their college/school. Control over financial data could easily be handled through access, since access to data in these cubes could easily be limited based on college. A financial officer in one college has no legitimate need to analyze data about the finances of another college; hence “institutional” data was not needed in this cube. Cognos user classes were set up for each college/school and access to these cubes was limited programmatically with well-defined parameters for access at a college or VP area level. While misuse of financial data may still be an issue, the next phase of the project involved student, faculty, and course data, and the control issues were different. 

      Limits cannot be placed on which data “belong” to any one college; student majors, courses taken, source of funds for instruction, etc., cross college boundaries and restrictions would result in an incomplete picture of instruction in any one college. Therefore, academic data must be viewed from an “institutional” perspective whereby an administrator can request information on all of the student majors who took classes in a given college, or all of the classes offered, regardless of the “home” department of the class instructor. Obvious sensitivities arise when institutional data become transparent to a broad (and often competitive) audience, particularly when there is not a homogenous organizational climate to support that transparency. 

      “People” data are different from “financial” data in many ways. We know that these data cross college lines and, therefore, a user needs access to institution-wide data. But there is also a pervasive privacy concern with “people” data. “People” data, though it may be “public” information, can still be very unsettling in its use or misuse. The types of data that are available in the “people” cubes include grading trends, teaching histories, faculty workload credits, and individual productivity measures. With the drill through capabilities of the data warehouse, a Dean or Assistant Dean can see the activities of an individual faculty member in their college for planning or promotion considerations, but with institution-wide data, anyone with access can assess or draw assumptions regarding individual performance. In light of this fact, UT Austin’s Provost asked that access to student/faculty/course data and reports be limited to the Dean’s offices for the first academic year, with consideration of more generalized access to be given at a later time.

The Effects of Organizational Climate on Control

      In this context, “organizational climate” refers to the institutional culture in terms of sharing information internally. An institution may have an open, transparent culture or a closed, controlling culture. This can also vary across subgroups (“subcultures”) within the institution. One Dean may want all of his/her department chairs to have access to (and be accountable for) all management information for the college, while another may choose to retain all planning and analysis at the college level, therefore restricting access to only the Dean’s office.

      According to Schein (1987) organizational culture is the “…basic assumptions and beliefs that are shared by members of an organization, that operates unconsciously, and that define in a basic “taken-for-granted” fashion an organization’s view of itself and its environment.” Robert Birnbaum (1988) presents in How Colleges Work four basic types of organizational functioning for higher education institutions: collegial, bureaucratic, political, and anarchical. Lines of communication differ for the different types of organizational functioning, but communication is one aspect of management that significantly impacts the functioning of an institution. According to Birnbaum, “on many campuses, important information is collected but not adequately disseminated” (p. 219). Within institutions there may also be differing lines of communication, which can lead to tensions. It is through these lines of communication that control is exerted.

      In the following section, different scenarios are presented which show potential problems when restricting access to data (closed climate) and the potential negative effect on the appropriate use of the data.

Problem Scenarios for Access and Use

      As has been described, institution-wide access to an academic data warehouses can pose potential problems when there are internal differences among the organizational climates of the units that will be using the data. We have devised several scenarios to emphasize the resulting questions that may arise about who should have access to the data warehouse information and how much access they should have. In these scenarios, the Provost has designated the Deans as the primary users of the data. The Deans then designate “delegates” from their colleges/schools who can also access the information. (Note: In the examples below, “institutional cubes” refers to data presented in a tabular format that can be easily manipulated, but with a finite level at which data details are presented.  “Drill through access” refers to a highly detailed report that is available through a secondary query executed from within a “cube”).

  1. Dean A wants department chairs to be delegates with drill through access (access to all data)
  1. Dean B wants department chairs to be delegates for cubes only, no drill through access (limited access to data)
  1. Dean C does NOT want department chairs to have access to cubes OR reports (no access)

Situation 1: Department chair in College B wants a drill through report of all of College B but does not have access to drill through reports, so calls department chair in College A. Department chair in College A runs report, exports it, and emails it to department chair B.

Situation 2: Department chair for College C wants cube information for his own department but does not have access to the cubes, so he calls department chair in College A or B. Department chair B gets the information, exports it, and emails it to department chair C.

Situation 3: Dean or delegate A drills through to grade inflation data for College B to justify his own grade inflation data to the Provost.

Situation 4: A department chair in College A uses data from other departments to advise his students against taking classes from a specific professor or against taking classes with a historically low grade inflation index. Department chairmen in College B or C do not have this advantage. Over time, the department in A shows better outcomes for its majors compared to other colleges.

Situation 5: Faculty in College C are continuously requesting teaching activity and profile reports for themselves from the Dean’s office. The Dean did not have this information in the past, and is now overwhelmed with requests.

Situation 6: A delegate in College A uses a drill through report to answer a student newspaper request for information on average GPAs for classes in his college as compared to other colleges.

Situation 7: An administrative assistant in College A is given access to cubes for the sole purpose of monitoring faculty workload and planning for the spring semester. She accesses rate information for specific faculty members in another college and emails it to a friend in College C.

      The following is a general list of questions that an institution can ask itself when considering limitations on data access, and control over possible misuse of the data. These questions are a starting point in thinking about control over the data in a repository of information that while it allows for decision-making based on management information by those who will be held responsible for the decisions, it also opens this repository to a large number of people on campus. Mixed climates between the colleges/schools (some promoting the sharing of data while others want all data held at the Dean’s level) lead to further complications when trying to preserve the integrity of the data and the liability of the institution concerning release of information.

Questions for Consideration

  • Should access to data be limited?
  • Is access the best way to control security/use?
  • Who determines who gets access?
  • How should access to [the cubes] be limited?
  • Should access to different types of data be different?
  • Can the restrictions to access be done programmatically?
  • Are there technical (i.e., capacity) issues to how many people can have access?
  • Are access issues different now from in the future?
  • Can use be controlled through training or other requirements? Is that enough?
  • Do different people have different access needs?
  • What is a person’s responsibility once they get access to the data?
  • Are all institutional data “public” data?
  • Is there a difference between personal use and job-related use of data?
  • Should Deans/delegates be required to sign a statement acknowledging data use and public information policies?
  • Should there be consequences for misuse of the data?

(Mis)Use of the Data

   One could easily reason that each Dean should retain the right to grant or deny access based on the climate and management structure of his own organization. The organizational climate and the level at which responsibility and accountability exist within a college and the degree to which a Dean is engaged in the specific academic affairs of his/her college should be the determining factor on how security is handled. Given these scenarios, the real issue becomes obvious - it is not granting the access, it’s what the user does with the data once he/she has access that poses the real problem. Can we prevent the misuse of information? There are several types of misuse that must be considered:

  1. Misinterpretation of data

   When the IR office has responsibility for the data they can control data definitions and calculated metrics. Not everyone is aware of the differences between semester credit hours by funding department and semester credit hours by academic area (who pays the instructor teaching the course versus what department offers the course). Access to data can also lead people to calculate ratios that are not meaningful. Percent of lower division courses taught by tenured/tenure track faculty is meaningful, while number of semester credit hours taught by tenured/tenure track faulty divided by numbers of As given by tenured/tenure track faculty does not have a readily identifiable use. One of the basic questions that every IR person asks a data requestor is “what are you going to use these data for?” When someone asks for graduate level data, you always ask if they just want masters and doctoral level data, or do they want special professional level data included. Without realizing the nuances of data (“how many faculty members do you have?” is not a simple question) the people who have direct access to the data warehouse may misinterpret the data they extract.

  1. Improper distribution

   A number of the situations previously presented deal with one aspect of improper distribution of data – when one unit has access to data that another unit does not have access to. Another aspect deals with release of data.

   If a Dean decides that only his/her Associate Deans will have access to the data warehouse data, it is their right to impose this restriction. However, easy access by department chairs or administrative associates in another college can easily lead to asking of favors from someone in another college. For example: “Situation 7: An administrative assistant in College A is given access to cubes for the sole purpose of monitoring faculty workload and planning for the spring semester. She accesses rate information for specific faculty members in another college and emails it to a friend in College C.” Bad feelings, mistrust, feeling put upon, are some of the consequences of improper distribution of data. At the other end of the spectrum termination of employment may result from an employee not following prescribed office procedures.

   Concerning release of data, the single point of contact at an institution for the institution’s official data leads to a “single version of the truth” that is shared by all. When different units are all releasing data, especially to the press, it can lead to, at best, embarrassment that contradictory information is being released, and at worst, allegations that the institution is lying or has something to hide. IR offices take great pains in dealing with the public, especially the Legislature, and in ensuring that consist data are released, or that sufficient explanations are given on tables/graphs to define the data.

  1. Violation of confidentiality laws

   Not everyone on campus can fully understand the use or ramifications of Open Record requests or FERPA laws. On most campuses Open Records requests are handled through one point of contact. This ensures that standardized procedures are followed which adhere to the law. Campuses have different policies on the release of directory information. The ability to drill through data cubes and reports may give access to personal information that can or cannot be released.

Controlling the Use of Information – UT Austin’s Approach

      At the outset of UT Austin’s Project IQ, the incorporating statement (charter document) for the project established guiding principles for use and security (see excerpts entitled “UT Austin’s Guiding Principles for Project IQ Security and Access” in Appendix A). These principles clearly state that Project IQ is intended to provide “key operational and strategic information” for use by “University leaders.” Furthermore, the charter states that the information contained in IQ will be “accessible only to those with appropriate authority.” 

      While Project IQ information is not intended for general use by faculty and staff, a Dean may want to extend access to department chairmen or program directors based on the climate of empowerment and accountability in his/her college. To enable truly efficient and effective use of these management tools, and to ensure that the tool is in the hands of those with the ability to affect academic change, access must be left to the Deans’ discretion. However, a strict “code of ethics” must be in place and reinforced so that the organizational climate of each college is honored.

      The solution, posed by our Provost, was a “Statement of Appropriate Use of Information Available in Project IQ.” The statement is now in final draft form and will be presented to the Deans’ Council in February for adoption. An acknowledgement of the document is to be signed by every user when access is granted, and the points of the document are to be reviewed and emphasized as part of the training curriculum for each subject area. This document is not intended to be punitive in nature, but is presented as a tool to raise awareness among administrators so that due consideration is given to the sensitive nature of the data they are accessing.

DRAFT Statement of Appropriate Use of Academic Management Information

Provided by Information Quest (Project IQ)

  1. The purpose of Project IQ is to provide academic management information to university administrators and to assist academic deans in making data-driven decisions for their schools/colleges. It is not intended for general use by faculty or staff.
  1. Project IQ information is made available to support the internal management of the school/college and should only be accessed, transmitted or disseminated on a need-to-know basis by and for those individuals with a legitimate management interest in the data. Under no circumstances should Project IQ information be displayed, copied or emailed to individuals for personal knowledge (unrelated to one’s administrative duties) or gain.
  1. The authority for granting access to personnel within a school/college rests with the dean. The dean may name delegates – such as associate or assistant deans, department chairs, program coordinators, or principal investigators – to access Project IQ for the purpose of carrying out their management responsibilities within the school/college. Deans should understand that approval provides access to university-wide Project IQ data, not just information relevant to the delegate’s specific portfolio.
  1. All delegates are required to attend training (administered by Project IQ personnel), and to acknowledge this Statement of Appropriate Use, in order to be given access to Project IQ information.
  1. While Project IQ provides information to assist university leaders in the discharge of their day-to-day management responsibilities, the Office of Institutional Research (OIR) remains the “official” source of academic management information (data, statistics) for the University. OIR will continue to handle official requests for information, such as those from the legislature or other governing or accrediting bodies, and will continue to fulfill all reporting requirements to the Texas Higher Education Coordinating Board. Likewise, the “official” source of financial management information is the Office of the Vice President and Chief Financial Officer.
  1. All requests for information, particularly those made by individuals not affiliated with the University, should be handled in accordance with the Texas Public Information Act, FERPA, and University policies for responding to such requests. Information requests from external sources must be referred to the Office of the Vice President and Chief Financial Officer (Custodian of Record).
  1. Project IQ may be used to support internal requests for data within the college’s existing guidelines for supplying information. Responses to internal requests for information, such as those from faculty or students, are made at the college’s discretion. While the requested information may be readily available in Project IQ, the dean and his delegates are under no obligation to provide the information and may, instead, provide related or more limited data than that requested, or direct the requestor to file an open records request with the Office of the Vice President and Chief Financial Officer. 
  2. Although Project IQ information is public, every consideration should be given to the sensitive nature of individually identifiable data as well as the potential for using data biased by selective inclusion or omission. If appropriate, Project IQ data forwarded in response to a report request should include a statement indicating that discretion should be used in further forwarding the information to other parties [e.g., “The following report contains potentially sensitive data provided in response to a specific ‘need to know’ request. Discretion should be used in forwarding this information to additional parties.”].

By signing this Statement I acknowledge my understanding of, and agreement to follow, the above stated principles.

___________________________________________  ______________________________

Signature       Date

Summary and Further Thoughts

      Access to data and information about an institution allows for more efficient decision-making by those held accountable for the results of academic operations and activities. In the past there were designated offices (IR, Registrar’s Office, etc.) that served as gatekeepers for the data. These offices helped to ensure that a “single version of the truth” was shared by all. However, there was a downside in that these gatekeepers could also pose bottlenecks. When a programmer was needed to access the data, the units needing the data had to either rely on predetermined reports, make requests to the IR office (and hopefully get the data in a timely manner), or make requests to the IR office and be told that their request was “put in the queue.” Data warehouses and other enterprise-wide business intelligence initiatives allow for a decentralized management approach that pushes accountability for performance and resource allocation out to Deans and department chairmen through easy access to data needed for decision making. However, the ensuing proliferation of institutional data warehouses (accessible to an ever-widening base of academic administrators) is raising new concerns about access and security for the academic community. This, in turn, is changing the role that Institutional Research offices have traditionally played in higher education administration. The Institutional Researcher must be more than a gatekeeper, they must be educators, facilitators, and stewards of the data.

      The major issue discussed in this paper involves control over data. The two aspects of control are use and access. Control over misuse is needed to prevent misinterpretation of the data, improper distribution of the data, and possible violations of confidentiality laws. Control also becomes an issue when there are differing management philosophies, such as “open” versus “closed” climates, which determine who has access to the data. In many cases misuse of the data can be controlled through FERPA laws, Open Records request policies, and predefined reports, but even in these cases the open access to data may lead to distribution problems. Controlling access to data with technology (limiting who can access the data through passwords) or by policy (you have to go through training before you can access the data) have only limited effectiveness. UT Austin has chosen a more collegial approach based on acknowledgment of a “code of ethics” for use of the data. This is more an appeal to professionalism than a possible actionable, legalistic document. The document lays out the principles supporting the creation of the data warehouse, the actions (being designated a delegate, taking training, etc.) that must be taken to access the data, and the guidelines for use of the data gathered through the data warehouse. This approach gives Deans discretion over awarding access based on the management culture in their college, while honoring the differing cultures of other units.

      Since this “Statement of Appropriate Use” has not been approved by the Deans (although that is expected shortly since it has the support of the Provost) UT Austin does not know if this will serve as an adequate control over the data that will soon be available to many on campus. There is a lot of excitement on campus about the possibilities that come with Project IQ – access to current and trend data for decisions about which courses and how many need to be offered in a particular semester; tracking of workload requirements; determining if grade inflation is an issue for the institution, a particular college or a particular department, etc. There is also concern about control over the data, from misinterpretation to legal ramifications. Discussions have been held where people put forth the notion that since UT Austin is a public institution, that these are “public” data. But while one person may have the ability to obtain “public” data about a faculty member’s salary or teaching load, do they have the right to share this information with others on campus or with the press? Have we foreseen every possible scenario of data use? Is there a difference between personal use and job-related use of the data? There are a myriad of questions concerning control of data that we probably have not even thought of. But this paper hopefully lays out some of the issues and concerns over the role of institutional climate and access and security in an institutional data warehouse.

  

REFERENCES

Birnbaum, Robert. How Colleges Work: The Cybernetics of Academic Organization and Leadership. San Francisco: Jossey-Bass Publishers, 1988.

Schein, Edgar H. Organizational Culture and Leadership. San Francisco: Jossey-Bass Publishers, 1987.

Appendix A

UT Austin’s Guiding Principles for Security/Access

“Project IQ will provide University leaders, especially Deans, Vice Presidents, and other academic and research administrators, key operational and strategic information….”

“The long-term goal of the project is to provide: …Appropriate security to ensure that data is [sic] accessible to those that need it….”

“The information contained in the IQ data warehouse…will be developed based on the following objectives:…Data that is [sic] accessible only to those with appropriate authority….”

“The Steering Committee will be…involved in policy decisions affecting who has access to what information.”

“The purpose of Data Stewards is to review all aspects of data that is being put into the central repository. This includes:…handling authorizations for who can access data and reports.”

 

    FAQ | Sitemap
© 2006 texas-air.org. All rights reserved.