Data Governance
Data Mapping
The process of mapping fields from one database to another.
Access Requirements
Access requirements are provided by Business teams. They describe WHO needs to be granted WHICH type of access to WHAT data assets, under WHICH conditions and in WHICH contexts, and WHY. Likewise, Compliance teams describe access constraints that limit or deny access.
Personal Data
Any information relating to an identified or identifiable individual. An identifiable individual is one who can be identified by reasonable means, directly or indirectly, by reference to an attribute or combination of attributes within the data, or combination of the data with other available information
Self-service Analytics
Capability that allows all users to independently access, integrate, and analyze data without heavily relying on CIT teams, while preserving data governance.
Data Anonymization
Method of information sanitization whose intent is privacy protection by removing personally identifiable information from data sets, so that the people whom the data describe cannot be identified.
Metadata
Metadata is defined as the information that describes and explains data. It provides context with details such as the source, type, owner, and relationships to other data sets.
Access Rules
Once access requirements are developed, a technical team then translates them into a series of computer readable statements.
Privacy by Design
Framework based on proactively embedding privacy into the design and operation of IT systems, networked infrastructure, and business practices.
Data Integration
Process of bringing together data from multiple sources across an organization to provide a complete, accurate, and up-to-date dataset for BI, data analysis and other applications and business processes
Data Integrity
Assuring information will not be accidentally or maliciously altered or destroyed
Data Catalog
It is an active data asset repository that acts as the context, control, and collaboration plane for your data estate
Access Requests
After a user successfully logs into a system, they select the thing (project, partner, transaction, etc.) that they want information about, and navigate to the information’s location (screen, report, etc.) The system sends a message to the access decision engine requesting access.
Data Subject
The natural living person whose Personal Data is Processed.
Machine Learning
Practical application of AI, where a system uses data and information to learn and improve over time by identifying trends, patterns, relationships, and optimizations.
Data Availability
The ability to ensure timely and reliable access to, and use of, information
Data Steward
Data Stewards are IFC staff who are appointed and overseen by the Data Owner [in their respective department] to perform critical tasks related to protecting, accessing, and using IFC data in their respective business areas or “domains.”
Access Decision
Based on the total set of access rules, the access engine makes a decision and notifies the system, which provides access.
Privacy Threshold Assessments (PTA)
A short assessment completed by an IO, a Project Leader, or Staff and designed to screen for privacy risks.
Data Fabric
An architecture that facilitates the end-to-end integration of various data pipelines and cloud environments through the use of intelligent and automated systems.
Data Lineage
Data Lineage refers to the life cycle of data, including its origins, movements, characteristics, and quality changes over time
Data Mesh
A data mesh is a decentralized data architecture that organizes data by a specific business domain—for example, Operations, HR and more—providing more ownership to the producers of a given dataset
Access Provisioning
Individuals are given HR assignments and are routinely assigned to project roles, functional roles, and groups. They can also request additional assignments at any time. These assignments matter, because most Access Requirements specify roles rather than named individuals.
Privacy Impact Assessment (PIA)
A detailed privacy risk assessment completed by an IO, a Project Leader, or Staff on the instruction of the IFC DPO and designed to allow the IFC DPO to recommend privacy controls and other risk mitigation measures.
Data Lake
Central data repository that accepts relational, structured, semi-structured, and non-structured data types in a low-to-no modeling framework, used for tasks such as reporting, visualization, advanced analytics, and machine learning. A data lake can be established on premises (within an organization’s data centers) or in the cloud.
Redaction
Method of removing selected information in as secure manner such as, but not limited to, removal or blacking out.