# AW Organization
{% hint style="info" %}
#### Overview
Adventure Works Cycles has just acquired a new manufacturing facility and needs to integrate their data systems while ensuring compliance with global data protection regulations. As the newly appointed Data Governance team, participants must establish secure connections to critical business systems, implement proper access controls, and create a comprehensive data inventory that supports both operational needs and regulatory requirements.
{% endhint %}
Adventure Works Organization
***
{% hint style="info" %}
#### Challenge & Solution
**Business Challenge:** The company operates across multiple jurisdictions (US, EU, Brazil) and must comply with GDPR, CCPA, and LGPD simultaneously. Different business units need access to different data domains while maintaining strict security and compliance controls.
**Solution:** PDC has a number of default Roles that meet Regulatory & Compliance requirements.
**Best Practice:** Map to Existing PDC Default Roles with Communities for Fine-Grained Control.
**Decision:** Map Adventure Works Keycloak groups to existing Pentaho Data Catalog default roles, then use Communities to implement business-specific access controls and data segregation.
{% endhint %}
WHO & WHAT
Why This Approach is Critical for Regulatory & Compliance Requirements
1. Leveraging PDC's Built-in Compliance Framework
**Why This Matters for Compliance:** Pentaho Data Catalog provides default user roles with role-based permissions that enable administrators to control access as necessary across Data Catalog, and administrators can fine-tune access by creating Communities of users with specific permissions. This approach leverages PDC's tested and proven permission structure while adding business-specific controls.
**Regulatory Impact:**
* GDPR Article 25 (Data Protection by Design): Uses PDC's built-in privacy controls with Community-based enhancements
* SOX Section 404: Leverages established internal controls with documented permission matrices
* CCPA Section 1798.100(e): Implements "reasonable security procedures" through tested PDC role framework
2\. Simplified Audit Trail with Business Context
**Why This Matters for Compliance:** At least one role or community must be assigned to a user when created, and multiple roles or Communities can be assigned if permissions are mutually exclusive. This creates clear audit trails showing both technical permissions (via PDC roles) and business justification (via community membership).
Regulatory Impact:
* GDPR Article 30 (Records of Processing Activities): Clear documentation of who processes what data and why
* CCPA Section 1798.145: Precise tracking of consumer data access through role + community combination
* SOC 2 Type II: Demonstrates systematic access control with business justification
3\. Scalable Data Segregation
**Why This Matters for Compliance:** A Community is a custom role used to fine-tune access to specific actions or Data Catalog assets, such as restricting access for a group of users to a subset of glossaries and data sources. This enables precise data domain segregation required for cross-jurisdictional compliance.
***
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://academy.pentaho.com/pentaho-data-catalog-en/data-catalog/aw-organization.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.