Framework for National Data Governance

Does the Data Governance Office manage only the Data Governance Policy? The Data Governance Office manages all the requirements of the regulatory framework, including all policies issued by this framework, ensuring compliance and implementation.

Should the government unit prepare its own data governance policies, or is it sufficient to adhere to the policies issued by this regulatory framework? Government units should develop policies that align with their regulatory requirements and the nature of their work, while adhering to the provisions of the policy issued by this regulatory framework.

What is meant by metadata? Metadata, or as it is called in Arabic, البيانات الوصفية, is "data that describes data," meaning data that describes a field of data and is used to describe or provide information about other data. The primary goal of metadata is to provide details that help in understanding the main data, organising it, and managing it better. For example, data describing specific images, as images are considered data.

Who is responsible for classifying the data? Owner or creator of the data

Is the government unit the one that decides to classify the data as open data? Yes, data is classified as open data after conducting an impact assessment according to the data classification policy.

Is the data owner known and approved in the government units? The data owner is the creator of the data and is the one who classifies the data according to the level of confidentiality they deem appropriate. The data recipient must maintain the classified level of confidentiality and not alter it.

How is data classified? The data to be classified is identified, and an impact assessment is conducted on that data to determine the extent of the impact in case it is published. If the data is sensitive and cannot be published, it is classified under one of the four classification levels issued by the Document and Archives Law under the Royal Decree (Top Secret, Secret, Restricted, Confidential). Thus, these data are considered classified and cannot be published on websites. However, if the impact assessment does not indicate any sensitive data, the data is considered (Unclassified Data).

What is the importance of having a data quality automation tool, and what are the reasons that lead to poor data quality in the organisation? Automation tools, such as error detection systems and auditing systems, help improve data quality and establish clear standards to ensure data quality. As they improve the making of correct and effective decisions, they also increase data efficiency by reducing errors and redundancy, and enhance trust and reliance on the data.

What is the difference between Data Modelling and Data Architecture?

Data modelling: It focusses on defining the structure and organisation of data within the system in detail.

Data engineering: It focusses on designing the comprehensive system that manages data, including storage, processing, and data flow between different systems.

In other words:

Data modelling answers the question: What do the data look like and how are they organised?

Data engineering answers the question: How will data be managed and flow within the system?

What are the data integration patterns and what is the difference between them?

Patterns refer to the different methods that can be used to transfer data between systems:

Extraction, Transformation, and Loading (ETL): Extracting data from its source, transforming it into a suitable format for storage, and then loading it into the target system (such as a central database).

Extraction, Loading, and Transformation (ELT): Extracting data from its source, loading it first into the target system, and then transforming it within the system into a suitable format for storage.

Real-time data flow and processing: It is the transmission of data in real-time, for example, when changes occur in the data.

Application Programming Interface (API): Allows different applications to communicate with each other and exchange data.

Virtual data simulation: Presenting data visually to facilitate its understanding and analysis.

Can personal data be used in the data analysis process? Personal data must be separated from the data analysis process to ensure individual privacy and protect against privacy violations. Since personal data falls under the category of "confidential" data.

Does the government unit adhere to all ten principles when implementing the open data policy as indicators of open data, or only some of them?

Data is considered open data if all the principles outlined in the open data policy are adhered to, which are:

Unedited

Updated

Permanent

Easily accessible

Reliable

Documented

Non-discrimination

Not owned

Machine-readable

Without financial compensation

What is the difference between master data and reference data? Master data is a set of primary data sources (customer data, products, or individuals), while reference data is agreed-upon standards for representing the most common data elements, such as postal codes, countries, and currencies.

How can we leverage the value of data and generate revenue from it?

Revenue can be generated from the value of data in several ways, for example:

Using data to develop new products and services

Using data to improve internal procedures and reduce costs

Institutions can also collect and store data, and then sell it to other parties in need of that information.

You can refer to the revenue realisation policy from the data in this regard.

How can a citizen benefit from the information and what are the procedures followed? Anyone can submit a data request to the relevant authority, and the authority must decide on the request according to the established procedures within the specified timeframe. If the authority refuses to provide the data, it must explain the reasons.

Can the controller unit be the same as the processing unit?

Yes, it is possible. The control unit can process data if the necessary requirements are met, thus becoming a processing unit.

How is the commitment of the units to the established policies evaluated? Based on the Compliance Assessment Guide issued within the regulatory framework for data governance and management, the compliance team affiliated with the ministry will conduct an annual periodic assessment of the requirements according to the roadmap outlined in the guide.

What is meant by Priority 1, Priority 2, and Priority 3?

The monitoring and adherence to all 13 policy provisions issued from this framework have been distributed over 3 years to provide the opportunity and enable government entities to implement and apply them to the fullest extent, as:

Priority 1: These are the items that are monitored for compliance in the first year of evaluation.

Priority 2: These are the items that are monitored for compliance in the second year of evaluation.

Priority 3: These are the items that are monitored for compliance in the third year of the evaluation.

When is the government unit entitled to determine the fourth level (not applicable) and does this affect the overall evaluation result? The government unit has the right to provide a convincing reason to the Ministry of Transport, Communications, and Information Technology if the item does not apply to it or if it does not align with its regulatory requirements and nature of work.

Should a new department be created in government units for the Data Governance and Management Office? According to the proposed organisational structure, the Data Governance and Management Office falls under the administrative division responsible for digital transformation within the government unit, and it operates functionally separately within the division.

Should the government unit hire new employees to fill the supporting roles such as business data specialist, data technician, data architect, and personal data protection officer? It is not necessary to appoint new positions for these supporting roles, as they are supporting roles and do not need to be present permanently in the data governance and management office, as employees from various departments can be utilised.