Governance Apps

Governance Apps enables an enterprise to monitor data for personal and sensitive content across the enterprise and to handle end-user access requests for the General Data Protection Regulation (GDPR).

How Does It Work?

Governance Apps can help you perform the following operations:

  • Identify Sensitive Content In Your Data

    Governance Apps uses a content indexing engine, called the Index Server, and a data analysis engine, called the Content Analyzer, to crawl sources of data in your enterprise and identify sensitive content. You can then use the features of Governance Apps to perform tasks for risk monitoring and fulfilling end-user access requests.

  • Monitor and Assess Risk Across Your Enterprise

    Administrators and compliance stakeholders in your organization can use the reports and dashboards from your analyzed data to assess the levels of risk across your enterprise. For example, you can use Governance Apps to discover which documents contain content that should be encrypted and identify where those files are located.

  • Process End-User Access Requests for GDPR

    If your organization is subject to the General Data Protection Regulation (GDPR), compliance stakeholders can create and manage the workflow for collecting end-user personal data, reviewing and approving documents, and deleting or exporting the data to the end-user.

Key Features

Governance Apps allow you to crawl data sources in your environment and perform the following tasks:

  • Identify sensitive content - such as personal identification numbers, email addresses, and other customizable entity types - in the data.
  • Monitor data sources for potential risks using Governance Apps dashboards.
  • Analyze and mitigate risks in your environment before end-user access requests.
  • Handle end-user access requests with a managed workflow that supports export and delete requests.

Governance Apps Components

The Governance Apps feature is comprised of the following components.

Inventory Manager

The Inventory Manager component connects Governance Apps to computers and domains in your environment, called inventories. Inventories are the starting points for crawling and analyzing data for sensitive content.

Sensitive Data Analysis

The Sensitive Data Analysis component enables you to define sets of data sources from your inventories. These sets of data sources, called projects, are used to specify data sources to fulfill end-user access request.

Request Manager

The Request Manager component enables you to handle end-user access requests to export or delete personal data from your enterprise. Request Manager also enables you to define the individuals who are responsible for reviewing documents collected in the request.

Entity Manager

The Entity Manager component enables you to manage the different types of personally identifiable information (PII) that Governance Apps can identify while analyzing content. There are many types of PII, also called entities, that are built-in to the software. You can also create more specific entities from existing ones, or create completely custom entities with regular expressions.

Getting Started with Governance Apps

If you are setting up Governance Apps for the first time, see Getting Started with Governance Apps.

Using Governance Apps

If Governance Apps is already setup for you, and you want more information about how to use Governance Apps, see the following topics:


The following terms are used with Governance Apps:

  • Inventory

    A logical group of one or more servers or domains from your CommCell environment to use with Compliance Apps. Inventories are containers for different sources of end-user data based on your business needs.

  • Assets

    The servers from your CommCell environment that are the sources for discovering end-user data with Compliance Apps. You can add individual servers as assets, or add all of the servers from a domain as assets to an inventory.

  • Project

    A subset of assets from an inventory that you can use to monitor or process end-user requests.

  • Data Source

    A specific location on an asset that you want to include for discovery and compliance tasks. For example, file system data sources can be an entire server, a directory on the server, or even an individual file.

  • Request

    An end-user request for PII in your data sources. The request can either be for an export of the data you controll that includes PII for the end-user, or deletion of the data with PII from your data sources.

  • Reviewer

    A user in your organization who can view and approve each document that is identified as having PII as part of a data request.

  • Approver

    A user in your organization who can approve the entire request. The request operation (either export or delete end-user data) is only performed after all approvers approve the request.

  • Entity

    Entities are categories of PII that you can discover in your data sources with Governance Apps. Many common types of PII, such as social security numbers, phone numbers, and email addresses, are built-in to Governance Apps. You can also define new entity types using custom regular expressions.

  • Keywords

    Keywords are words that must be in close proximity to a matched entity for the match to be considered legitimate. Keywords are helpful to create specific entity types for custom entities, or entities that inherit from the built-in entity types.

  • Sensitivity

    Sensitivity is a rating that indicates how important or sensitive the type of information is. Sensitivity levels range from Moderate to Critical.

Last modified: 4/10/2018 6:38:45 PM