Schedule a call

Securing and Auditing Metadata Updates Using Data Relationship Governance

Updates to metadata in Data Relationship Governance (DRG) are made through workflows. Workflows contain two required stages and two optional stages. The two required stages are ‘Submit’ and ‘Commit’, while the two optional stages are ‘Enrich’ and ‘Approve’. The two required stages in a DRG workflow ensure that any update made to the metadata meets the established requirements, of which there are numerous possibilities. The two optional stages in Data Relationship Governance are supplementary to the ‘Submit’ and ‘Commit’ stages in securing metadata, but are not necessary. The ‘Enrich’ stage is used to update an already existing workflow and the ‘Approve’ stage acts as a pre-approval stage to the ‘Commit’ stage.

Securing Metadata

In order to secure the metadata, there are a few options to limit the updates that can be made. Security can be established to grant access to only the users that need permission to make the updates. Restrictions can be put in place to limit who can make updates to the metadata. These restrictions can also determine which users can see which metadata. For example, an organization may have a manager, approver, and/or requestor roles.

The manager could be assigned a ‘Data Manager’ user-role, which grants full access. They would be able to see all of the metadata, see which changes are made, and have the authority to approve or reject any of the updates. The manager also has auditing capabilities. They could see any request that is made and see which decision the approver made.

An approver could be given the ‘Governance User’ user-role. This role would allow the approver to approve or reject updates made to the metadata. The requestor could be assigned the ‘Workflow User’ user-role, which allows them to create a request and submit that request for approval. However, that is all that the requestor is allowed to do.

Another way to secure metadata is through validations. Validations establish a security check system. They can be assigned to different stages of the workflow and force the user making the request to pass the validation before the request can move on to the next stage of the workflow. Through validations, managers and upper-level users can be certain that updates made or that have been made to the metadata have passed the minimum set of requirements that the organization has established. Validations can range from anything like checking the number of characters a node name has in a request, to making sure that the request falls under a specific hierarchy within the metadata.

WEBINAR

Building to the ‘Top’ with OneStream: HFM Replacement Story

Watch the webinar now

Auditing Metadata

There are three main tools in Data Relationship Governance that can be used to enhance metadata auditing capabilities. The purpose of these tools is to monitor and track metadata changes to let users know exactly what has taken place within the application. These tools are located within the workflow model setup page and can be adjusted at any time. In order to adjust any of the following tools, open up the ‘Administer’ tab on the left-hand side of the screen, right-click on the workflow model that you want to update, and click ‘Edit’.

The first of these tools is the ‘Request Duration’ option. This tool allows a user to set a date of when the request needs to be approved or rejected. If a certain amount of days go by, and the request has not been evaluated, it becomes ‘Overdue’.

The second tool is the ‘Claim Duration’ option. The ‘Claim Duration’ tool works in the same way as ‘Request Duration’, except a request becomes open for anyone to claim after the determined number of days have passed.  A manager with the Data Manager user-role would be able to see that the request has gone into the ‘Overdue’ state or that the request is ‘Unclaimed’ and could take the necessary action to resolve the issue.

The third auditing tool offered in Data Relationship Governance is the ‘Notify’ option. This tool sends out alerts when requests move to certain stages to whoever is set up to receive the notifications. The ‘Notify’ option can be set up for the assignees, the participants, or both. This feature also allows upper-level management to be kept in the loop and know the status of every request.

There are many different ways metadata can be secured and monitored through a combination of security, validations, and auditing tools within Data Relationship Governance. The user roles control who can see and/or do what in DRG, while validations act as requirements that must be met in order to carry out an update. By creating different levels of security and adding one or more validations to each stage of the workflow, Data Relationship Governance can guarantee that the metadata is safe and secure. Management can also supervise the workflow processes with the use of the auditing tools, allowing them to take more of a back-seat approach, but also keep their foot in the door.

 

References

  1. “Oracle Data Relationship Management Administrator’s Guide,” last modified August, 2013, http://docs.oracle.com/cd/E40248_01/epm.1112/drm_admin.pdf

Share this

About the author

Philip Parker

The Pre-Transformation Checklist for Finance

An 11-Step Risk Reduction Tool for CFOs and CAOs Who Aren’t Sure Where to Start

By following this checklist, organizations can systematically approach their finance technology transformation, ensuring that all critical aspects are addressed and that the transition is smooth and successful.

Download Now

Related posts you might like

Transformation program leaders guide

THE TRANSFORMATION PROGRAM LEADER’S GUIDE TO FINANCE ROADMAPS

View Post
BUILDING A SCALABLE FINANCE STACK: WHAT HIGH-GROWTH CFOS NEED TO KNOW

BUILDING A SCALABLE FINANCE STACK: WHAT HIGH-GROWTH CFOS NEED TO KNOW

View Post
Why CFOs Should Lead the Finance Transformation Agenda

Why CFOs Must Lead the Finance Transformation Agenda

View Post

CFOs can’t transform finance if they’re not sure where to start. HollandParker gives CFOs the power to see where they should prioritize technology investments so they can transform finance with confidence. 

Who designed this website?

Schedule a call

Privacy Policy

Introduction

Welcome to Holland Parker. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy or our practices with regard to your personal information, please contact us at [email protected].

Information We Collect

We collect personal information that you provide to us when expressing an interest in obtaining information about us or our products and services, when participating in activities on the website, or otherwise contacting us.

The personal information that we collect depends on the context of your interactions with us and the website, the choices you make, and the products and features you use. The personal information we collect can include the following:

  • Name and Contact Data: We collect your first and last name, email address, postal address, phone number, and other similar contact data.
  • Payment Data: We collect data necessary to process your payment if you make purchases, such as your payment instrument number (e.g., a credit card number), and the security code associated with your payment instrument.
  • Login Credentials: We collect passwords, password hints, and similar security information used for authentication and account access.
  • Other Information: We collect any other information you directly provide to us through our website.

How We Use Your Information

We use personal information collected via our website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations.

We use the information we collect or receive:

  • To send administrative information to you.
  • To fulfill and manage your orders.
  • To post testimonials.
  • To request feedback.
  • To send you marketing and promotional communications.
  • To deliver targeted advertising to you.
  • For other business purposes.

Sharing Your Information

We may process or share your data that we hold based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, and illegal activities.

Cookies and Other Tracking Technologies

We may use cookies and similar tracking technologies to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

Data Security

We aim to protect your personal information through a system of organizational and technical security measures. We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process.

Retention of Data

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy unless a longer retention period is required or permitted by law.

Your Privacy Rights

In some regions, such as the European Economic Area (EEA), you have certain rights under applicable data protection laws. These may include the right to (i) request access and obtain a copy of your personal information, (ii) request rectification or erasure; (iii) restrict the processing of your personal information; and (iv) if applicable, to data portability.

Updates to This Policy

We may update this privacy policy from time to time in order to reflect changes to our practices or for other operational, legal, or regulatory reasons.

Contact Us

If you have questions or comments about this policy, you may contact us by email at [email protected].

The Pre-Transformation Checklist for Finance

Tap into wisdom gained through 300+ finance transformations to uncover answers to questions you have and those you should.

This field is for validation purposes and should be left unchanged.

Privacy Policy