CRUD – Defining Information Ownership
One easy way to determine information ownership is to think of CRUD—create, read, update, and delete. If you cannot only read but also create, update, and/or delete information, then in some way you own that information because you are responsible for its quality.
Here again, let’s consider your school as an example and focus on your personal and transcript information. That information includes your student ID, name, address, phone number, GPA, declared major, declared minor (if you have one), and courses completed (your transcript).
Part 1: Identify Create, Update, and Delete Privileges
For each piece of information, first identify who has create, update, and delete privileges. Include any individuals or departments that have these sorts of information privileges. There may be several. If so, who is ultimately responsible for your personal and transcript information? Second, identify all the groups of people at your school who can only view (read) your information.
Part 2: Develop a CRUD Matrix
Develop a CRUD matrix that outlines the relationships among the pieces of information and user privileges (example: http://ocean.otr.usm.edu/~w300778/is-doctor/pubpdf/sc2008.pdf).
Part 3: Write a Detail Document
Write a detail document about the various business rules that define how the scenario described in Part 1 works with respect to information ownership and their relationships. Identify the appropriate relationships among the information, and define the minimum and maximum privileges associated with each relationship.
Your paper must be a minimum of two pages, double-spaced and comply with APA requirements.