Data Policy Methodology

Data Policy Definition and Verification for Systems of Systems Governance

Published on: 12/12/2014
Last update: 29/04/2021

The listed articles introduce a methodology for the governance aspects related to the data distribution and use policies ‐ shortly data policies for data-intensive enterprises and Systems of Systems (SoS).

The methodology, named Data Policy Methodology, was introduced in 2010 in support to the preparatory activities for the ESA's Space Situational Awareness programme. The methodology provides the model-based means to specify data policy requirements and to integrate these requirements in model-based enterprise architectures (e.g. UAF, MODAF, DoDAF, etc.) and Systems of Systems (SoS). The methodology consists of:

  • Data policy concept identification
  • Data policy digitalization
  • Definition and integration of a new viewpoint (data policy) with existing enterprise architecture frameworks
  • Definition of supporting processes for the architecture governance, specifically on architecture compliance and evolution

A data policy, identified as “an agreed set of rules that regulates the production, use and dissemination of data”, must accurately define the details of the actors involved in the respective scenarios, the data types, the purpose, the modalities with which the purpose can be achieved, and the data provisioning modalities. The concept identification provides a number of questions that should be answered by a data policy.

The digitalized data policy provides a conceptual, unambiguous, and verbalized digital version. The digital version achieve both machine readability and human readability, by means of a controlled natural language.

A new viewpoint on data policy bring together standard enterprise architecture (e.g. UAF, MODAF, TOGAF, etc.) with the digitalized data policy. This new viewpoint provides the means to establish traceability among the data items and the enterprise architecture elements.   

The processes for enterprise governance, compliance, and evolution are finally defined by leveraging all the above introduced concepts and structures, from the data policy definition to the integration with standard enterprise architecture.

In conclusion, the Data Policy Methodology introduces the means to establish human readable unambiguous data policies that can be seemingly integrated into the enterprise governance and management processes to ensure the alignment between the stakeholders needs, the organizational data needs, and the enterprise architecture.

Finally, the methodology can become a key asset to support the development of the organizational capability of gaining stakeholder's trust in the acquisition, storing, processing, and disseminating data assets. As identified in the EC's 2020 Data Strategy, trust is a key enabler in sharing and using data, and the Data Policy Methodology can support the achievement of this enabler, by supporting the assurance on the unambiguous definition of the data providers' needs and on their fulfillment on the data receivers' side. 


Type of document