Data Security Model

5 min

How to get the Data Security Model to work.

A model providing an overview of the governance, ownership and maintenance of organisation data and the business roles involved. It also provides insight into access control policies.

6oimgnzvd79i058w09vyz Image


A model which shows the assignment of a specific data management responsibility (e.g. owner, steward) for a Data Subject or Objects to one or more Business Roles. It also helps the enterprise to define how it will protect one or more resources. Captured Security Policies define how security SHOULD be applied to the specified resources.


Use this to communicate and support Data Management and Governance Initiatives.

Data Required

This view uses a number of classes such as Data Subject, Data Object, Business Role Type, Information/Data Management Policy, Security Policy

V2fqj32dp1xpxacslqfyk Datasecuritymodel

Data Security Model

Data Capture

In Open Source/Meta Model, navigate to the Report Constant Class, under EA Support, Essential Viewer, Report Configuration, Report Constant and select the Instance Data Stakeholder Role Type, add/create a stakeholder by adding/selecting a Business Role Type called **Data Stakeholder in the Associated Instances slot. Add/create the business role type in the Is Realised By Roles Slot (either an Individual or Group Business Role**).

Note: For stakeholders which are of an Individual Business Role, you need to add in the

Associated Instance

slot, a Business Role Type called “Data Stakeholder” Navigate to EA Class, Business Layer, Business Conceptual, Business Role Type and select “Data Stakeholder”

Navigate to the Info Data Management Policy Class under EA Support, Governance, Policy and define a new Info Data Management Policy by adding/creating the following: Responsible Roles/Actors, Assigned Responsibility ( *Business Role, Individual or Group Business Role*), Responsibility Aspect and the Policy for Info/Data**.

Note:- If the Assigned Responsibility slot is populated with an Individual Business Role, this will be shown on the view accordingly

Navigate to Security Policy under EA Support, Governance, Policy and Security Policy, add/create a security policy, give it a name and add its CRUD in the Policy for Action Slot (NB you will need to define a policy for each Create, Read, Update and Delete. Add/create the Policy Applies to Resources (Data Object which you previously created/selected for the Policy for Info/Data slot).

NB Link a Data Subject to the Data Object if you already have not done so, add the Policy Actor you defined against the Report Constant. Capture the Policy for Security Capability.

View Set-up

If the report is not enabled then go to EA Support > Essential Viewer > Report and find Core:Data Security Model and tick Enabled to ensure you that the Data Security Model is displayed in the Essential Viewer

Updated 22 January 2024

Contact Us