Governance refers specifically to data governance in MDM, and that governance is exercised via Data Governance in MDM and it:
- describes the act of managing data access (i.e. who accesses certain data sets based on role, application, etc.)
- defines where the Master Data is stored
- provides visibility to data between zones and adaptors
- has policies that get applied by the Data Governance Steward (DGS), as regards to the data taxonomy of the tenant (Note that the DGS does not control the content (data) in MDM)
- has data content managed by the Zone Data Steward, who is designated by the DGS to:
...
- and zone access
- works with adaptor developers and implementors
- manages error notifications from MDM, and,
- resolves duplicate data detected by MDM
Governance: InboundAclEntries and OutboundAclEntries
Governance is what provide As mentioned above, governance provides visibility to data between zones and adaptors. It This is typically managed by the zone's data steward and is ZDS, implemented with Access Control Lists or (ACLs).ACLs are ACLs are a key component of YOUnite. ACLs are different from permissions in that they control access to data. Permissions on the other hand control who can manage zones, users, groups, permissions. and roles.
ACLs are a key component of YOUnite.ACLs control both:
- Permissions on outbound data
- Controls on what inbound data a zone or adaptor should receive
ACLs can be thought of as a series of filters that get applied to a data operation.
For example, if an update (PUT or PATCH) operation is performed on data under YOUnite control, ACLs would control:
...
Operation ACLs are not part of zone data governance but should be mentioned briefly here. By default, the DGS has permission to modify ACLs to data records (DRs) to zone users and adaptors to create new DRs. Operational ACLs control operations to the underlying DRs are granted by the DGS to Zone Users and Adaptors; typically the ZDSs.