Skip to Content
TS-TDT-02 Trust & Stewardship Technology & Digital Transformation CORE Excellence v2.9.7

Core Systems Management (e.g., CRM)

Assesses the effective management of core information systems (e.g., CRM, Case Management, Student Information System) including product ownership, change control, and configuration management. It focuses on securing stakeholder data through privacy-by-design, integrated governance, and strict adherence to data protection laws (lawful basis, minimisation, retention, rights). This reflects the Islamic principle of Amanah (trust), treating digital records as a sacred responsibility. Furthermore, it upholds Hifz al-Huquq (preservation of rights) by ensuring robust systems safeguard individual privacy.

Compliance 5
  • Lawful basis mapped per purpose (Art.6); Special Category data (Art.9) identified with Appropriate Policy Document
    Privacy Essential
  • Processing activities recorded in RoPA (Art.30) linked to the system
    Privacy Essential
  • Data Processing Agreements (Art.28) signed with vendors; International transfers assessed (IDTA/SCCs)
    Privacy Essential
  • Defined retention schedule implemented via automated deletion/archiving rules
    Privacy Essential
  • Backup and disaster recovery (RTO/RPO defined) tested annually (Art.32)
    Security Essential
Basic 1
  • A central system (e.g., CRM) is in use for managing key stakeholder data with clear product ownership
    Operations Essential
Good 2
  • Change control process exists for configurations/integrations (ticketed approvals, DPIA trigger, testing)
    Operations Essential
  • Role-based access (RBAC) and MFA enforced; Quarterly access recertification conducted
    Security Essential
Better 3
  • The system is integrated with other key platforms (e.g., website, accounting) to ensure a single source of truth
    Technology High
  • Privacy by design/default baked into configurations (ICO Art.25 guidance)
    Compliance High
  • Anonymisation/pseudonymisation applied for analytics to preserve 'satr' (concealment)
    Privacy Medium
Best 1
  • Data ethics charter (Islamic values + Charity Digital Code) and review board established
    Ethics High

Related Criteria

TS-TDT-01 Digital Transformation Roadmap
Version
2.9.7 2025-11-05

Discussion (1)

Administrator 2026-03-07 12:01:06.909987

📋 **Version updated: 1.0.0 → 2.9.7** **Changes:** Full import from mizan-297.json

Sign in to post a comment.

Back to Criteria