Data Quality Component 3: Internal Data Control and Governance

Internal Data Control and Governance wedge

Internal data control and governance affects many aspects of the data-quality system, including operations, reporting, and compliance. A common framework for internal data control and governance consists of five main components—control environment, risk assessment, control activities, information and communication, and monitoring—as outlined in the latest U.S. Government Accountability Office Standards for Internal Control in the Federal Government (2014, known as the Green Book). This framework of processes and standards allows the SEA to ensure data are managed effectively and appropriately over time. The following considerations outline how SEA staff may consider how new or revised internal data control and governance play a role in the larger data-quality system.

  • Establishing internal data controls: Once SEA staff have established how to collect and clean data, they will then need to integrate the new data element(s) into all relevant data systems. SEA staff will also need to ensure that data definitions, option sets, privacy policies, and business rules for the new data element are in place and consistent with the previously established requirements. SEAs may also need to hire new staff, train existing staff, or inform data-system partners about processes and protocols for new data element(s). It may be most helpful to have these trainings after a pilot or test run of the new data collection or the resolution of any early challenges.
  • Establishing data-governance guidance: There may be more than one owner of the data. These owners could be varying partners internal and external to the SEA. Therefore, it will be important for the group to meet regularly. Implementing a group structure that governs the data, especially when new or expanded data are required, is an essential strategy for ensuring data quality. The data-governance group determines objectives for the data system, new data elements, and how issues related to the data system will be resolved. The group will need to develop a data-governance policy manual, preferably available online and easily accessible to all internal and external stakeholders. When the data system is revised or expanded, the data-governance group will need to update the data-governance policy manual, including new data elements. Data-governance policies should include a risk assessment (e.g., data security, interactivity of data elements), especially for new data elements included in the data system. This assessment will evaluate the credibility of the data, threats to the accuracy of the data, expectations for internal and external management of the data, consistency in data measures, and more to ensure confidence in the data and proper data use.

Internal data control and governance affects many aspects of the data-quality system, including operations, reporting, and compliance. Managing internal data control and governance requires putting in place a governance structure to make certain that data can be traced as to its origin and value, and that the data are able to be audited.

SEAs can use the Data Systems Self-Reflection Checklist to consider how their current actions promote quality data systems. To download the Data Systems Self-Reflection Checklist, click here.

For more information on how Montana is currently approaching internal data control and governance, please see the vignette below.

Internal Data Control and Governance Vignette: Montana Task Force for Education Data Governance
Montana state seal Montana Office of Public Instruction logo

The state of Montana has taken a novel approach to addressing internal data control and governance. In 2013, the Montana State Legislature adopted 20-7-104, Montana Codes Annotated (MCA), which established the K–12 Data Task Force. The task force was created to advise the Montana Office of Public Instruction (OPI) on data collection policies and practices, the use of data in schools, and best options for the statewide education data system. The group is tasked with streamlining data collected by the state and supporting local control in the use of data to improve student performance. Members review and monitor data practices in the state and provide input and guidance to enhance the statewide education data system. Specifically, the task force collaborates with OPI to monitor and problem-solve issues related to the:

  • Needs of school districts in using data to improve instruction and student performance
  • Collection of school data through a process that provides for automated conversion of data from systems already in use—whether school districts or OPI—and resolves the repetition of data entry and redundancy of data for reporting
  • Diversion of district staff time away from instruction and supervision needed to correct data issues
  • Increased use of data from the centralized system by various functions within OPI
  • Transparency in reporting to schools, school districts, communities, and the public

(2016, Senate Joint Resolution 10: School Data Collection Systems and Processes)

The Montana law mandates the task force to include a variety of stakeholders. Member categories include the following: school-board trustee, school administrator, teacher, technology staff, parent of elementary pupil, parent of high-school pupil, and district clerk. Individuals can apply to become members of the task force. In the beginning, a state audit found that the task force struggled to understand its purpose and that many in the state education system were not aware of the task force. Since then, the task force has begun to meet regularly and OPI is leveraging the group more effectively to address concerns and frustrations regarding data collection and practices in the state. The online and publicly available documentation of task force meetings is a valuable asset for keeping the task force accountable. This documentation includes agendas, presentations, and notes as well as recordings of task force conference calls. To gain more insight into the focus and the work of the task force you can review meeting materials, click here.

Internal Control and Data Governance Resources:

Privacy Technology Assistance Center (PTAC):

Privacy Technology Assistance Center. Data Governance and Stewardship. Washington, DC: U.S. Department of Education, Institute of Education Sciences, National Center for Education Statistics, 2015.

State Educational Agencies

State of Hawaii. Department of Education Internal Audit: Data Access Controls Review. Honolulu, HI: Hawaii State Department of Education, 2014.

Dorn, Randy I., Ken Kanikeberg, Gil Mendoza, Robin Munson, Peter Tamayo, and Tim Stensager. Data Governance System for K–12 Data: Policies and Procedures. Olympia, WA: Washington Superintendent of Public Instruction, 2015.

State Longitudinal Data Systems (SLDS) Grant Program:

State Longitudinal Data Systems. Data Governance Toolkit. Washington, DC: U.S. Department of Education, Institute of Education Sciences, National Center for Education Statistics, 2017.

U.S. Comptroller General Office:

Comptroller General of the United States. Standards for Internal Data Control in the Federal Government. Washington, DC: Government Accountability Office, 2014.