Saudi Agency Implements Regulatory Compliance and Strategic Governance with OvalEdge 

CLIENT’S PROFILE

The client is a government entity in Saudi Arabia. As part of Saudi Arabia's Vision 2030 initiative, the company's data must align with the compliance requirements determined by the National Data Management Office (NDMO) of Saudi Arabia. 

PARTNER PROFILE

The OvalEdge partner is a dedicated regional integrated digital solutions provider that offers a unique value proposition of comprehensive digital solutions and services under one roof. The company is positioned to drive the transformation of enterprise and government customers in the MENA region by providing a center of excellence and managed solutions across cloud, cybersecurity, big data, drones and robotics, modern infrastructure, and digital solutions in collaboration with world-class partners.

CONTEXT

As part of the Kingdom's Vision 2030, the government focuses on data governance and compliance standards. A significant policy under Vision 2030 mandates that data within the Kingdom remains within national borders, with strict governance around access and usage. 

The client needed to meet over 191 compliance specifications across fifteen knowledge areas, as defined by the National Data Management Office (NDMO), focusing on curating and managing their data catalog and ensuring compliance with comprehensive Data Management and Personal Data Protection Standards. Achieving compliance required addressing these complex and stringent standards.

The KSA Data Management and Personal Protection Framework organizes the fifteen domains, also defined as knowledge areas, into five sections. At the top is data governance, and under the data governance umbrella is data assetization (making your data an asset and commodifying it), data usage, data classification and availability, and data protection.

Data Management and Personal Protection Standards

The client engaged with the partner’s consulting services, recognizing its extensive experience in implementing data management frameworks. This expertise has been demonstrated through successful delivery of data management and governance projects for both government and private sector organizations in the Gulf region.

After thoroughly assessing the client’s needs, the partner recommended OvalEdge as the data governance platform. This decision was based on OvalEdge’s robust technical capabilities, which effectively address NDMO compliance requirements while aligning with the client’s budgetary constraints and delivering significant added value to their data management practices.

WHY OVALEDGE

The client and partner selected OvalEdge after thoroughly evaluating several solutions to meet their NDMO compliance requirements. Their chosen application must meet as many requirements across the knowledge areas as possible, all while remaining in their budget.

OvalEdge stood out due to its ability to address 85% of the compliance specifications across eleven knowledge areas, leveraging the universal data cataloging, data management, and reporting capabilities.

Through OvalEdge’s end-to-end data governance suite, the knowledge areas addressed are:

• Data Governance

• Data Catalog and Metadata

• Data Quality

• Data Operations

• Document and Content Management

• Data Architecture and Modeling

• Reference and Master Data Management

• Business Intelligence and Analytics

• Freedom of Information

• Data Sharing and Interoperability

• Data Classification

This comprehensive coverage made it the most suitable solution for their needs as OvalEdge’s capabilities within these knowledge areas were deployed to satisfy the NDMO compliance specifications.

One of the significant factors in the client’s decision was OvalEdge's support for Arabic language requirements, a critical need for the client in Saudi Arabia. Additionally, the platform’s specialized features, such as intuitive access management and easy collaboration tools, played a crucial role in simplifying governance processes.

Cost efficiency was another primary consideration. OvalEdge offered a solution that provided all the required functionalities at a significantly lower cost than other well-established tools. Many competitors required expensive licensing fees and specialized certified manpower to operate, but OvalEdge allowed the client to manage the solution in-house without needing specialized certifications. This affordability made OvalEdge the ideal choice for a government entity with budget constraints while still delivering robust governance capabilities.

The consulting expertise provided by OvalEdge further reinforced the decision. The company’s ability to support the client throughout the implementation process, ensuring smooth adoption and compliance, was an added advantage. Additionally, OvalEdge’s unique features, such as metadata change alerts, customizable watchlists, and enhanced access management, strengthened the client’s compliance processes, making it a comprehensive and highly effective solution.

SOLUTION

The implementation of OvalEdge was carried out over a 75-day period.

Week 1-3: Onboarding & Integration

• The client onboarded various business units and identified source systems for cataloging. 

• OvalEdge training commenced.

• Access management configurations, such as service request templates and workflows for access controls, were created.

Week 4-6: Curation

• Metadata management was fleshed out by assigning governance roles throughout the OvalEdge data catalog and business glossary. 

• The built-in collaboration area throughout the OvalEdge application fulfilled metadata annotation requirements. 

• The client implemented their policies for data certifications (badges for trusted sources, cautions, and do not use) within the application.

• Data quality rules and workflows were set up for monitoring. 

• Data catalog security controls via data classification and business glossary term configuration worked in conjunction to classify and protect sensitive data.

Week 7-8: Configuring Tools

• In conjunction with curation activities within the OvalEdge data catalog and business glossary, notifications and watchlist items were configured to ensure specified metadata changes alerted the correct individuals. 

• Data quality service request templates and workflows were refined.

• Data stories, OvalEdge’s in-platform area that allows users to publish information in a free-form editor, were leveraged to document data processes such as content metadata approval policies. Well-curated data stories provide users with a wealth of information and allow direct hyperlinks to other application areas for easy reference.

Week 9-10: Auditing & Maintenance

• Audit trails enabled the team to track actions performed within the application. 

• Reporting frameworks for data quality, data classification, and data catalog were configured. 

By week eleven, the system was fully operational, and KPIs were established for ongoing auditing and monitoring.

OvalEdge Implementation Timeline 

Following this rapid implementation timeline, OvalEdge applied its core capabilities to address the organization's needs in four key areas:

The platform's data catalog and metadata management feature enabled domain-specific searches, improving data discovery and classification. The system's tagging functionality provided a clear differentiation between technical and business assets, establishing a structured data governance framework.

To address NDMO compliance and reporting, 17 regulatory reports were generated through the platform, including data access adherence tracking, metadata change logs, and open data classification summaries. OvalEdge's native capabilities supported comprehensive data tagging and classification for both open and restricted datasets, ensuring regulatory compliance. 

The platform's access management module streamlined data request workflows and approvals. OvalEdge's watch list feature kept users informed about changes to critical data objects, enhancing visibility across the organization.  

The implementation leveraged OvalEdge's standard approval workflows and tagging capabilities to establish robust data governance processes that met regional compliance requirements. Working alongside OvalEdge’s partner, the solution was implemented, enabling the client to comply with NDMO regulations.

OUTCOMES

In all, OvalEdge implementation enabled the client to address 84 of the 191 specifications in the NDMO's Data Management and Personal Data Protection Standards, covering eleven of the fifteen knowledge areas.

However, while they chose OvalEdge for compliance purposes, the client quickly discovered other use cases for the tool. 

OvalEdge enabled the client to streamline collaboration between IT and business teams, reducing delays in report generation and ushering in a new approach to data access management. Beyond this, the client enhanced operational efficiency by leveraging OvalEdge’s data governance tools to bridge gaps between strategy and execution. 

The collaboration between the partner and OvalEdge underscored the value of efficient, scalable solutions in a region where certifications and strategic partnerships are essential for success. With the partner’s on-the-ground and regional expertise, which is also certified and continuously updated with regular training, the project not only achieved regulatory compliance but also set a precedent for future market expansion and adoption.