Statistical validity
Characteristic Name: | Statistical validity |
Dimension: | Validity |
Description: | Computed data must be statistically valid |
Granularity: | Information object |
Implementation Type: | Process-based approach |
Characteristic Type: | Usage |
Verification Metric:
The number of tasks failed or under performed due to lack of statistical validity in data |
The number of complaints received due to lack of statistical validity of data |
The implementation guidelines are guidelines to follow in regard to the characteristic. The scenarios are examples of the implementation
Guidelines: | Scenario: |
---|---|
Establish the population of interest unambiguously with appropriate justification (maintain documentation) | (1) Both credit customers and cash customers are considered for a survey on customer satisfaction. |
Establish an appropriate sampling method with appropriate justification | (1) Stratified sampling is used to investigate drug preference of the medical officers |
Establish statistical validity of samples -avoid over coverage and under coverage (maintain documentation) | (1) Samples are taken from all income levels in a survey on vaccination |
Maintain consistency of samples in case longitudinal analysis is performed. (Maintain documentation) | (1) Same population is used over the time to collect epidemic data for a longitudinal analysis |
Ensure that valid statistical methods are used to enable valid inferences about data, valid comparisons of parameters and generalise the findings. | (1) Poisson distribution is used to make inferences since data generating events are occurred in a fixed interval of time and/or space |
Ensure that the acceptable variations for estimated parameters are established with appropriate justifications | (1) 95% confidence interval is used in estimating the mean value |
Ensure that appropriate imputation measures are taken to nullify the impact of problems relating to outliers, data collection and data collection procedures and the edit rules are defined and maintained. | (1) Incomplete responses are removed from the final data sample |
Validation Metric:
How mature is the process to maintain statistical validity of data |
These are examples of how the characteristic might occur in a database.
Example: | Source: |
---|---|
if a column should contain at least one occurrence of all 50 states, but the column contains only 43 states, then the population is incomplete. | Y. Lee, et al., “Journey to Data Quality”, Massachusetts Institute of Technology, 2006. |
The Definitions are examples of the characteristic that appear in the sources provided.
Definition: | Source: |
---|---|
Coherence of data refers to the internal consistency of the data. Coherence can be evaluated by determining if there is coherence between different data items for the same point in time, coherence between the same data items for different points in time or coherence between organisations or internationally. Coherence is promoted through the use of standard data concepts, classifications and target populations. | HIQA 2011. International Review of Data Quality Health Information and Quality Authority (HIQA), Ireland. http://www.hiqa.ie/press-release/2011-04-28-international-review-data-quality. |
1) Accuracy in the general statistical sense denotes the closeness of computations or estimates to the exact or true values.
2) Coherence of statistics is their adequacy to be reliably combined in different ways and for various uses. |
LYON, M. 2008. Assessing Data Quality , Monetary and Financial Statistics. Bank of England. http://www.bankofengland.co.uk/ statistics/Documents/ms/articles/art1mar08.pdf. |
Data access control
Characteristic Name: | Data access control |
Dimension: | Availability and Accessability |
Description: | The access to the data should be controlled to ensure it is secure against damage or unauthorised access. |
Granularity: | Information object |
Implementation Type: | Process-based approach |
Characteristic Type: | Usage |
Verification Metric:
The number of tasks failed or under performed due to lack of data access control |
The number of complaints received due to lack of data access control |
The implementation guidelines are guidelines to follow in regard to the characteristic. The scenarios are examples of the implementation
Guidelines: | Scenario: |
---|---|
Periodically evaluate the security needs considering the criticality of data (Value, confidentiality, privacy needs etc.) and accessibility requirements of data and then update the information security policy consistently. | (1) Employee salary is a confidential data and hence need security against unauthorised access. (2) Master data has a high economic value to the organisation and hence need security against unauthorised access and change |
Continuously evaluate the risks threats and identify the vulnerabilities for data and update the information security policy | (1) The frequency of security assessment for data associated with online transactions was increased due to the high volume of online transactions. |
Implementation of access controls for each critical information as prescribed by the information security policy. | (1) An Employee’s salary data can be viewed only by his or her superiors. (2) Master data can be created and updated only by the authorised executives. (3) Login credentials are required for system access |
Data is stored in secured locations and appropriate backups are taken | (1) Databases are stored in a special server and backups are taken regularly (2) Documents are saved using a content management system in a file server |
Restrict the accessibility of information using software based mechanism | (1) Data encryption (2) Firewalls |
Restrict the accessibility of information using hardware based mechanism | (1) Security tokens |
Validation Metric:
How mature is the process of ensuring data access control |
These are examples of how the characteristic might occur in a database.
Example: | Source: |
---|---|
if the official version of the minutes of a meeting is filed by the records manager and thus protected from change, the unauthorised version will not form part of the official record. | K. Smith, “Public Sector Records Management: A Practical Guide”, Ashgate, 2007. |
The Definitions are examples of the characteristic that appear in the sources provided.
Definition: | Source: |
---|---|
Is the information protected against loss or unauthorized access? | EPPLER, M. J. 2006. Managing information quality: increasing the value of information in knowledge-intensive products and processes, Springer. |
Data is appropriately protected from damage or abuse (including unauthorized access, use, or distribution). | PRICE, R. J. & SHANKS, G. Empirical refinement of a semiotic information quality framework. System Sciences, 2005. HICSS'05. Proceedings of the 38th Annual Hawaii International Conference on, 2005. IEEE, 216a-216a. |
The extent to which information is protected from harm in the context of a particular activity. | STVILIA, B., GASSER, L., TWIDALE, M. B. & SMITH, L. C. 2007. A framework for information quality assessment. Journal of the American Society for Information Science and Technology, 58, 1720-1733. |
Access to data can be restricted and hence kept secure. | WANG, R. Y. & STRONG, D. M. 1996. Beyond accuracy: What data quality means to data consumers. Journal of management information systems, 5-33. |