Governed data view
Selecting Governed data in the Data Governance navigation view displays the Governed data view in the right pane. The Governed data view provides a quick view of the resources (folders and shares) within your organization that have been placed under governance. The Governed data view can also be displayed by selecting Governed data in the tasks view or right-click menu from the following views:
- Managed hosts view
- Resource browser
- Accounts view
Note: The Governed data view displayed when using the Governed data node in the navigation view shows governed data for all managed hosts. Whereas, the Governed data view displayed when using the Governed data task from these other views shows the governed data for the selected managed host only.
The following table describes the default information displayed for each resource placed under governance.
Table 15: Governed data view: Default columns
| Host Name |
The name of the host computer where the governed data resides.
NOTE: By default, the view is grouped by the Host Name. Click the expansion box to the left of a host name to display all of the governed resources grouped under each grouping. |
| Resource |
The network path and name of the governed resource. |
| Domain Name |
The fully qualified domain name of the domain where the Data Governance agent resides. |
| Display Name |
The display name of the governed resource as specified on the confirmation dialog when the resource was placed under governance.
NOTE: You can change the display name using the Change governed resource master data task. |
| Resource Type |
The type of resource. For example:
- NFS\Folder
- NTFS\Folder
- Windows Computer\Share
- SharePoint\Folder
|
| Ownership Set By |
The user who set the ownership to its current owner. |
| Placed Under Governance By |
The user who placed the resource under governance. |
| Published to IT Shop |
Indicates whether the resource is available for requests through the IT Shop. |
| Business Owner |
The business owner assigned to the governed resource.
NOTE: You can change the business owner using the Change governed resource master data or Set Business Ownership task. |
| Published to IT Shop Date |
The date and time (UTC) when the resource was published to the IT Shop. |
| Requires Ownership |
Indicates whether the business ownership requirement was set for the governed resource.
NOTE: You can change this requirement using the Change governed resource master data or Set Business Ownership task. |
| Date Ownership Set |
The date and time (UTC) the current owner was set. |
| Last Security Collection Date |
The date and time (UTC) when the governed resource's Points Of Interest (POI) security information was last collected. |
| Last Security Synchronization Date |
The date and time (UTC) when the governed resource's Points Of Interest (POI) security information was last synchronized. |
| Is Stale |
Indicates whether the resource is in a "stale" state.
A resource is deemed stale if it has not been scanned by any of the Data Governance agents or if the resource has been moved or renamed. |
| Classification Level |
The classification level assigned to the resource. |
In addition to the default columns, you can add the following columns to the view using the Column Chooser command.
NOTE: Right-click the column header and select Column Chooser to add hidden columns to the display. In the Customization dialog, double-click the required column or drag and drop it onto the column header bar.
To hide a column, right-click the column header and select Remove This Column. The column is now listed in the Customization dialog and can be re-added to the view as explained above.
Table 16: Governed data view: Additional columns available
| Description |
The comments entered on the governed resource's General properties page. |
| Justification |
The reason for assigning the ownership to the current owner as entered on the governed resource's Business Owner properties page or the Set Business Ownership page in the Business Ownership wizard. |
Governed data view tasks
The Governed data view displays all of the resources (folders and shares) on the selected host that have been placed under governance. From this view you can manage the governed data, establish business ownership for the resource, remove resources from governance, publish and unpublish the resource to the IT Shop, and run resource access and activity reports.
When a resource is selected, you can perform the following tasks.
Table 17: Governed data view: Tasks
| Calculate perceived owners |
Calculates and provides a list of the perceived owners for the selected resource using the resource activity history or security information. |
Calculating perceived owner |
| Change governed resource master data |
Allows you to view or modify the master data for the selected governed resource, including assigning a business owner to the resource. |
Managing resources under governance
Managing business ownership for a resource |
| Publish to IT Shop |
Publishes the selected resources to the IT Shop, making it available for employees and business owners to request and grant access to it.
NOTE: Not available for resources on NFS managed hosts.
NOTE: Not available for resources on Cloud managed hosts. |
Publishing resources to the IT Shop |
| Refresh |
Retrieves and displays the latest data about governed resources. |
|
| Remove resources from governance |
Removes a resource from governance and from the IT Shop. |
Removing resources from governance |
| Resource access report |
Generates a report that identifies the accounts that have access to specific resources within your environment. Selecting this task, displays the Resource access dialog allowing you to specify the report parameters. |
Resource access report
Viewing selected reports within the Manager |
| Resource activity report |
Generates a report that provides a list of activities recorded over a period of time to verify proper resource usage and decide whether to remove access for particular accounts. Selecting this task, displays the Resource activity dialog allowing you to specify the report parameters.
NOTE: Not available for resources on Cloud managed hosts. |
Resource activity report
Viewing selected reports within the Manager |
| Set business ownership |
Assigns a business owner for the selected resource. Selecting this task, displays the Business Ownership wizard where you can assign ownership to an individual employee or a group of employees belonging to an existing application role. |
Managing business ownership for a resource |
|
Toggle layout options |
Shows or hides the Layout controls at the top of the view, allowing you to change the layout displayed. |
Toggle layout options |
| Unpublish from IT Shop |
Removes a previously published resource from the IT Shop.
NOTE: Not available for resources on NFS managed hosts.
NOTE: Not available for resources on Cloud managed hosts. |
Publishing resources to the IT Shop |
In addition, when viewing governed data for a selected managed host (using the Governed data task or right-click command), you can open the following views.
Table 18: Governed data view: Views
| Accounts view |
Displays the security index information returned by Data Governance agents for the selected managed host.
NOTE: This task is only available when the Governed data view is opened for a selected managed host. That is, when you selected the Governed data task from the Managed hosts view, Accounts view or the Resource browser.
NOTE: Not available for NFS managed hosts. |
Accounts view |
| Resource browser |
Launches the Resource browser which contains a live view of the data on the selected managed host. You can browse through the supported file systems and see all applied permissions and make changes where required. You can also see where the access on a resource differs from its parent and manage that access.
NOTE: This task is only available when the Governed data view is opened for a selected managed host. That is, when you selected the Governed data task from the Managed hosts view, Accounts view or the Resource browser. |
Browsing your environment
Resource browser |
Related Topics
Business ownership wizard
Business ownership wizard
Use the Business ownership wizard to assign a business owner to the selected resources. This wizard appears when you select the Set business ownership task from the Governed data view.
Keep in mind, the business owner should understand the nature of the data and those authorized to access it. Requiring a business owner ensures that the employee with the best knowledge of the data and its intended use will be first in line to grant access requests and perform attestation reviews.
This wizard contains the following controls.
Table 19: Business ownership wizard: Set Business Owner page
| Use the Set Business Owner page to assign a business owner. |
|
Owner |
Select one of the following options to assign a business owner:
- Employee: Select this option to assign ownership to an individual employee.
- Application role: Select this option to assign ownership to all employees belonging to an application role.
Use the drop-down menu to select the employee or application role.
NOTE: If the resource already has a business owner assigned, the owner's employee name or the application role appears in the appropriate Owner field. |
| Justification |
(Optional) Enter the justification for applying the ownership. |
Use the buttons at the bottom of the wizard to navigate through the wizard and save your selections.
Table 20: Business ownership wizard: Buttons
|
Next |
Click the Next button to navigate to the next page. |
|
Back |
Select the Back button to navigate to the previous page. |
|
Finish |
Click the Finish button to save your selections and close the wizard. |
|
Cancel |
Click the Cancel button to close the wizard without saving your selections. |
Related Topics
Managing business ownership for a resource
Classification view
Selecting Classification in the Data Governance navigation view displays the Classification view in the right pane which lists all of classification levels defined. From this view, you can add, edit or remove classification levels. In addition, you can define the display order for the classification levels defined in your Data Governance Edition deployment.
Table 21: Classification view: Tasks
| New |
Adds a new classification level. Clicking the New task displays the Classification Level dialog allowing you to specify the following details:
- Name: Name to be associated with the new classification level.
- Description: Descriptive text to be associated with the new classification level.
|
Adding a classification level |
| Delete |
Removes the selected classification level. Selecting Yes on the confirmation dialog will remove the classification assignment on any governed resource that is currently assigned to the classification level being deleted.
TIP: Prior to removing a classification level, run the Get-QGovernedDataByClassificationLevel PowerShell cmdlet to retrieve a list of governed resources assigned to a specified classification level. |
Removing a classification level |
| Edit |
Launches the Classification Level dialog allowing you to modify the name or description associated with the selected classification level. |
Editing a classification level |
| Move up |
Moves the selected classification level up in the display list. |
|
| Move down |
Moves the selected classification level down in the display list. |
|
| Toggle layout options |
Shows or hides the Layout controls at the top of the view, allowing you to change the layout displayed. |
Toggle layout options |
