A responsibility is the assignment of one or more users and/or user groups to a resource role for a resource. An example of a responsibility would be user John Fisher assigned the Business Steward resource role for a Process Register domain.
After assigning users or user groups to a resource role for a resource, the users can act on the permissions conveyed to them via the resource role.
Before creating responsibilities, it is essential to:
- Decide which resource roles are needed to effectively govern your communities, domains, and assets.
For example, you decide to assign a Data Protection Officer for each community. - Identify the people in your organization best suited to perform the tasks expected of the various resource roles.
The following image shows the responsibility where the resource role Business Steward has been assigned to user John Fisher for the Human Resources community.
Inherited responsibilities
Child resources inherit responsibilities from their parent resources.
- If the resource is a community, the responsibilities are inherited by subcommunities, domains, and assets in the community. If you are a Business Steward for a certain community, you are a Business Steward for all the domains and assets inside that community.
- If the resource is a domain, the responsibilities are inherited by the assets in the domain.
- If the resource is an asset, the responsibilities apply only to the asset itself because assets never have children.
Note Inherited responsibilities do not show up in a table or preview and they are not exported.
Consider the following community-domain structure:
In this case, you could perform the following steps:
- Create responsibilities for the Human Resources community, knowing that the Benefits subcommunity, the Benefits Process Register domain, and the assets within will inherit the responsibilities.
- If necessary, create any additional responsibilities at the subcommunity and/or domain levels.
As Samir Jackon is the subject matter expert for benefits-related data, he has been added as a Business Steward for the Benefits community.
Note The gray background behind "John Fisher" indicates that the responsibility was inherited from the Human Resources community. The white background behind "Samir Jackson" indicates that the responsibility was directly created for the Benefits community.
As Anika Johannson is the person most closely tracking the Benefits department's business processes, she has been added as a Business Steward for the Benefits Process Register domain.
- If necessary, create any addition responsibilities at the asset level.
The following table shows the resource roles that have to be present as responsibilities, for specific domains, for the Data Privacy workflows to work, where:
- M: Mandatory
- O: Optional
| Domain type / Resource role | Owner | Business Steward | Privacy Steward | Data Steward | Business User | Community Manager |
|---|---|---|---|---|---|---|
| Process Register | M | M | M | M | M |
O |
| Assessment Register | M | M | O | O | O |
O |
| Remediation Register | M | M | O | O | O |
O |
| Risk and Controls Register | M | M | O | O | O |
O |
| Data Usage Registry | M | M | O | O | O |
O |
| Application Inventory | M | M | O | O | O | O |
| Data Governance Council | O | O | O | O | O | X |
- Identify which resource roles you need to effectively govern your communities, domains, and assets.
- Identify the people in your organization who will take on these roles, for example, Data Protection Officer, Business Steward, Privacy Steward, Issue Manager, Owner, and so on, for your various resources.
- Create the following responsibilities for each of your domains:
- Owner
- Business Steward
- Data Steward
- Privacy Steward
- Stakeholder
- Business User
- Create the Community Manager and Privacy Steward responsibilities for the New Data Issues domain. These responsibilities are required for the Log Potential Security Breach and Security Breach Management workflows. Note The New Data Issues domain is in the Data Governance Council community. It is hidden in the community-domain browser to avoid it being inadvertently deleted. You can find the domain by searching for it via the Search field