Report Requirements for Data Governance, Privacy, and Ethics

Report requirements: The report will have a strict word limit of 4,000 words (+/- 10%) as determined by Turnitin, and marking for longer reports may be reduced for excessive word length. The length includes the title, notes, and any other text you include in the report. The bibliography and the presentation (Question Four) will not be treated as part of the word limit. Use either Harvard or IEEE references where necessary but be consistent (i.e., do not use a mixture of both).

The report should address the following questions:

You have just been recruited by a rapidly growing business intelligence company. Your first job is to set out a business case for the company to design and develop a data governance program for the organisation to ensure that its business needs are met. Illustrate your response with diagrams as appropriate.

• The reasons why a data governance program might be needed.
• An overview of the relevant existing or potential roles in the organisation that should be considered as part of a data governance program.
• An identification of the key features of a data governance operating model appropriate to ensure alignment of business and technical needs.
• An identification of at least three specific projects/actions that could be implemented as part of a data governance program implementation.
• Using John Ladley’s 8-phase approach to data governance implementation, show how you would address the concerns of organisational stakeholders about the steps necessary to implement a data governance program.

You are the Data Protection Officer (DPO) for the company “SmartIT”, which provides information technology services and is headquartered in Dublin, Ireland and therefore subject to Irish and European Union (EU) legislation. You have been asked by management to write a report about the legal requirements related to data protection in Ireland and the EU. Your report should cover the following questions:

1. Provide an overview of the legal requirements related to privacy and data protection that the company SmartIT should consider in its data governance and how it might address these requirements in practice. In your response, identify the most significant legal provisions that it would need to address. [20 marks]
2. The company SmartIT is considering the need to engage the data processor. Discuss the relationship, and the roles and responsibilities of a data controller and a data processor relevant in this event. [10 marks]
3. The company SmartIT needs to transfer data to the United States and UK. Discuss what aspects the company needs to consider for a data transferring agreement and what the implications would be for the company. [10 marks]

It has been said that we are adopting new technologies and technology-driven business models at a rapid pace and that there is an urgent need to identify and address the ethical issues arising out of such trends. Outline your understanding of two broad ethical approaches that we have covered in the course (including virtue-based approaches, deontological ethics, the consequentialist/utilitarian approach and a social justice (Rawlsian) approach). If you were asked to implement an ethical audit of your information management strategy, how would these broad ethical approaches be used to address ethical choices?

Submit (in the separate link provided) the presentation made by your group on the assigned paper as part of the series of lab presentations.

• Presentations should last 20 minutes approx.
• Start with an introduction to the paper (who did it, in what context, problem addressed, relevance)
• Give an overview of the paper contents (objectives, methods, issues raised, conclusion)
• Provide a summary of each of the main sections
• Show any interesting visualisations or tables from the document
• Give the overall conclusions focussing on relevance for our course (e.g., what does this tell us about data governance and management/privacy and data protection/ethical use of AI algorithms in practice?)
• Give a short assessment as to whether you found the paper useful, interesting etc.

Your own capability for assessment is important to develop for the module. Marks will be awarded based on (1) presenting the slides in line with the scheduled sessions and guidelines above [10/20 marks] and (2) submitting the slides by the given deadline at the specified location [10/20 marks].