Referential integrity
| Characteristic Name: | Referential integrity |
| Dimension: | Consistency |
| Description: | Data relationships are represented through referential integrity rules |
| Granularity: | Record |
| Implementation Type: | Rule-based approach |
| Characteristic Type: | Declarative |
Verification Metric:
| The number of referential integrity violations per thousand records |
GuidelinesExamplesDefinitons
The implementation guidelines are guidelines to follow in regard to the characteristic. The scenarios are examples of the implementation
| Guidelines: | Scenario: |
|---|---|
| Implement and maintain foreign keys across tables (Data sets) | (1) Implementation of foreign keys |
| Implement proper validation rules/Automated suggestions of values based on popular value combinations, to prevent incorrect references of foreign keys | (1) The attribute Customer_Zip_Code of the Customer relation contains the value 4415, instead of 4445; both zip codes exist in the Zip_Code relation |
| Implement validation rules for foreign keys of relevant tables in case of data migrations | (1) Error logs are generated for foreign key violations. |
| Implement proper synchronising mechanisms to handle data updates when there are concurrent operations or distributed databases. | (1) Locking mechanisms to data objects while being updated |
| Ensure the consistency of the data model when changes are done to process model (software) | (1) Data dictionary provides the FDs and CFDs |
Validation Metric:
| How mature is the creation and implementation of the DQ rules to maintain referential integrity |
These are examples of how the characteristic might occur in a database.
| Example: | Source: |
|---|---|
| the name of the city and the postal code should be consistent. This can be enabled by entering just the postal code and filling in the name of the city systematically through the use of referential integrity with a postal code table | Y. Lee, et al., “Journey to Data Quality”, Massachusetts Institute of Technology, 2006. |
| A company has a color field that only records red, blue, and yellow. A new requirement makes them decide to break each of these colors down to multiple shadings and thus institute a scheme of recording up to 30 different colors, all of which are variations of red, blue, and yellow. None of the old records are updated to the new scheme, as only new records use it. This data- base will have inconsistency of representation of color that crosses a point in time. | J. E. Olson, “Data Quality: The Accuracy Dimension”, Morgan Kaufmann Publishers, 9 January 2003. |
The Definitions are examples of the characteristic that appear in the sources provided.
| Definition: | Source: |
|---|---|
| The Information Float or Lag Time is acceptable between (a) when data is knowable (create or changed) in one data store to (b) when it is also knowable in a redundant or distributed data store, and concurrent queries to each data store produce the same result. | ENGLISH, L. P. 2009. Information quality applied: Best practices for improving business information, processes and systems, Wiley Publishing. |
| Assigning unique identifiers to objects (customers, products, etc.) within your environment simplifies the management of your data, but introduces new expectations that any time an object identifier is used as foreign keys within a data set to refer to the core representation, that core representation actually exists. | LOSHIN, D. 2006. Monitoring Data quality Performance using Data Quality Metrics. Informatica Corporation. |
| i.e. integrity rules. Data follows specified database integrity rules. | PRICE, R. J. & SHANKS, G. Empirical refinement of a semiotic information quality framework. System Sciences, 2005. HICSS'05. Proceedings of the 38th Annual Hawaii International Conference on, 2005. IEEE, 216a-216a. |
Data access control
| Characteristic Name: | Data access control |
| Dimension: | Availability and Accessability |
| Description: | The access to the data should be controlled to ensure it is secure against damage or unauthorised access. |
| Granularity: | Information object |
| Implementation Type: | Process-based approach |
| Characteristic Type: | Usage |
Verification Metric:
| The number of tasks failed or under performed due to lack of data access control |
| The number of complaints received due to lack of data access control |
GuidelinesExamplesDefinitons
The implementation guidelines are guidelines to follow in regard to the characteristic. The scenarios are examples of the implementation
| Guidelines: | Scenario: |
|---|---|
| Periodically evaluate the security needs considering the criticality of data (Value, confidentiality, privacy needs etc.) and accessibility requirements of data and then update the information security policy consistently. | (1) Employee salary is a confidential data and hence need security against unauthorised access. (2) Master data has a high economic value to the organisation and hence need security against unauthorised access and change |
| Continuously evaluate the risks threats and identify the vulnerabilities for data and update the information security policy | (1) The frequency of security assessment for data associated with online transactions was increased due to the high volume of online transactions. |
| Implementation of access controls for each critical information as prescribed by the information security policy. | (1) An Employee’s salary data can be viewed only by his or her superiors. (2) Master data can be created and updated only by the authorised executives. (3) Login credentials are required for system access |
| Data is stored in secured locations and appropriate backups are taken | (1) Databases are stored in a special server and backups are taken regularly (2) Documents are saved using a content management system in a file server |
| Restrict the accessibility of information using software based mechanism | (1) Data encryption (2) Firewalls |
| Restrict the accessibility of information using hardware based mechanism | (1) Security tokens |
Validation Metric:
| How mature is the process of ensuring data access control |
These are examples of how the characteristic might occur in a database.
| Example: | Source: |
|---|---|
| if the official version of the minutes of a meeting is filed by the records manager and thus protected from change, the unauthorised version will not form part of the official record. | K. Smith, “Public Sector Records Management: A Practical Guide”, Ashgate, 2007. |
The Definitions are examples of the characteristic that appear in the sources provided.
| Definition: | Source: |
|---|---|
| Is the information protected against loss or unauthorized access? | EPPLER, M. J. 2006. Managing information quality: increasing the value of information in knowledge-intensive products and processes, Springer. |
| Data is appropriately protected from damage or abuse (including unauthorized access, use, or distribution). | PRICE, R. J. & SHANKS, G. Empirical refinement of a semiotic information quality framework. System Sciences, 2005. HICSS'05. Proceedings of the 38th Annual Hawaii International Conference on, 2005. IEEE, 216a-216a. |
| The extent to which information is protected from harm in the context of a particular activity. | STVILIA, B., GASSER, L., TWIDALE, M. B. & SMITH, L. C. 2007. A framework for information quality assessment. Journal of the American Society for Information Science and Technology, 58, 1720-1733. |
| Access to data can be restricted and hence kept secure. | WANG, R. Y. & STRONG, D. M. 1996. Beyond accuracy: What data quality means to data consumers. Journal of management information systems, 5-33. |