Completeness of records
| Characteristic Name: | Completeness of records |
| Dimension: | Completeness |
| Description: | Every real world entity instance, that is relevant for the organization can be found in the data |
| Granularity: | Record |
| Implementation Type: | Process-based approach |
| Characteristic Type: | Usage |
Verification Metric:
| The number of tasks failed or under performed due to missing records |
| The number of complaints received due to missing records |
GuidelinesExamplesDefinitons
The implementation guidelines are guidelines to follow in regard to the characteristic. The scenarios are examples of the implementation
| Guidelines: | Scenario: |
|---|---|
| Implement a process level validation mechanism to avoid occurrence of missing records | (1) A buyer must record/verify an expense or asset in accordance with accepting/receiving any purchased items. (2)New application are stored in a temporary cabinet after entering into the system and they will be transferred to the file cabinet at the end of every week after the property manager cross check them with the system |
| Execute database commits upon transaction sequences in application programs and make sure all the transactions in the sequence successfully commit and generate the required records at the end of the sequence. | (1) In generating the MRP, the database operations will not be committed unless all materials in BOM is successfully executed for MRP |
| When distributed databases are used or online data collection devices are used, ensure the synchronisation/replication of records happen successfully without distortions and omissions. | (1) EFTPOS transactions are replicated with bank database and create the new balance B/F in the account |
| Implement periodic audit process for critical tangible objects that are recorded as data in database | (1) Annual audit for tangible assets in the organisation |
| Implement a validation mechanism in data transfers considering the business rules to monitor and ensure all records relevant to a event/transaction is transferred successfully. | (1) Rules to verify the number of records in the source file and destination file (2) All records relevant to a customer trip is transferred to the central database from online data stores |
| Maintain error logs for system transactions and regularly monitor them and perform relevant forensic activities to find missing records. | (1) A failed sales order creation |
Validation Metric:
| How mature is the process to prevent missing records |
These are examples of how the characteristic might occur in a database.
| Example: | Source: |
|---|---|
| if Dept is a relation representing the employees of a given department, and one specific employee of the department is not represented as a tuple of Dept, then the tuple corresponding to the missing employee is in ref(Dept),and ref(Dept) differs from Dept in exactly that tuple. | C. Batini and M, Scannapieco, “Data Quality: Concepts, Methodologies, and Techniques”, Springer, 2006. |
| if a column should contain at least one occurrence of all 50 states, but the column contains only 43 states, then the population is incomplete. | Y. Lee, et al., “Journey to Data Quality”, Massachusetts Institute of Technology, 2006. |
| the database should contain all customers in North and South America, but it is known that the database reflects only a portion of the company’s customers. Coverage in this example is the percent- age of customers actually captured in the database compared to the population of all customers that should be in it. | D. McGilvray, “Executing Data Quality Projects: Ten Steps to Quality Data and Trusted Information”, Morgan Kaufmann Publishers, 2008. |
The Definitions are examples of the characteristic that appear in the sources provided.
| Definition: | Source: |
|---|---|
| A record exists for every Real-World Object or Event the Enterprise needs to know about. | ENGLISH, L. P. 2009. Information quality applied: Best practices for improving business information, processes and systems, Wiley Publishing. |
| Completeness of data refers to the extent to which the data collected matches the data set that was developed to describe a specific entity. Monitoring for incomplete lists of eligible records or missing data items will identify data quality problems. | HIQA 2011. International Review of Data Quality Health Information and Quality Authority (HIQA), Ireland. http://www.hiqa.ie/press-release/2011-04-28-international-review-data-quality. |
| Quality of having all data that existed in the possession of the sender at time the data message was created. | ISO 2012. ISO 8000-2 Data Quality-Part 2-Vocabulary. ISO. |
| Data is complete if no piece of information is missing – anti-example: "The Beatles were John Lennon, George Harrison and Ringo Starr" | KIMBALL, R. & CASERTA, J. 2004. The data warehouse ETL toolkit: practical techniques for extracting. Cleaning, Conforming, and Delivering, Digitized Format, originally published. |
| Every real-world phenomenon is represented. | PRICE, R. J. & SHANKS, G. Empirical refinement of a semiotic information quality framework. System Sciences, 2005. HICSS'05. Proceedings of the 38th Annual Hawaii International Conference on, 2005. IEEE, 216a-216a. |
Data access control
| Characteristic Name: | Data access control |
| Dimension: | Availability and Accessability |
| Description: | The access to the data should be controlled to ensure it is secure against damage or unauthorised access. |
| Granularity: | Information object |
| Implementation Type: | Process-based approach |
| Characteristic Type: | Usage |
Verification Metric:
| The number of tasks failed or under performed due to lack of data access control |
| The number of complaints received due to lack of data access control |
GuidelinesExamplesDefinitons
The implementation guidelines are guidelines to follow in regard to the characteristic. The scenarios are examples of the implementation
| Guidelines: | Scenario: |
|---|---|
| Periodically evaluate the security needs considering the criticality of data (Value, confidentiality, privacy needs etc.) and accessibility requirements of data and then update the information security policy consistently. | (1) Employee salary is a confidential data and hence need security against unauthorised access. (2) Master data has a high economic value to the organisation and hence need security against unauthorised access and change |
| Continuously evaluate the risks threats and identify the vulnerabilities for data and update the information security policy | (1) The frequency of security assessment for data associated with online transactions was increased due to the high volume of online transactions. |
| Implementation of access controls for each critical information as prescribed by the information security policy. | (1) An Employee’s salary data can be viewed only by his or her superiors. (2) Master data can be created and updated only by the authorised executives. (3) Login credentials are required for system access |
| Data is stored in secured locations and appropriate backups are taken | (1) Databases are stored in a special server and backups are taken regularly (2) Documents are saved using a content management system in a file server |
| Restrict the accessibility of information using software based mechanism | (1) Data encryption (2) Firewalls |
| Restrict the accessibility of information using hardware based mechanism | (1) Security tokens |
Validation Metric:
| How mature is the process of ensuring data access control |
These are examples of how the characteristic might occur in a database.
| Example: | Source: |
|---|---|
| if the official version of the minutes of a meeting is filed by the records manager and thus protected from change, the unauthorised version will not form part of the official record. | K. Smith, “Public Sector Records Management: A Practical Guide”, Ashgate, 2007. |
The Definitions are examples of the characteristic that appear in the sources provided.
| Definition: | Source: |
|---|---|
| Is the information protected against loss or unauthorized access? | EPPLER, M. J. 2006. Managing information quality: increasing the value of information in knowledge-intensive products and processes, Springer. |
| Data is appropriately protected from damage or abuse (including unauthorized access, use, or distribution). | PRICE, R. J. & SHANKS, G. Empirical refinement of a semiotic information quality framework. System Sciences, 2005. HICSS'05. Proceedings of the 38th Annual Hawaii International Conference on, 2005. IEEE, 216a-216a. |
| The extent to which information is protected from harm in the context of a particular activity. | STVILIA, B., GASSER, L., TWIDALE, M. B. & SMITH, L. C. 2007. A framework for information quality assessment. Journal of the American Society for Information Science and Technology, 58, 1720-1733. |
| Access to data can be restricted and hence kept secure. | WANG, R. Y. & STRONG, D. M. 1996. Beyond accuracy: What data quality means to data consumers. Journal of management information systems, 5-33. |