Just as real world garbagemen have restrictions on what can be thrown into the municipal waste dump there are rules on what the IT Garbagemen will accept into the corporate archive.
Our basic rules:
- The owner of the application or data asset must have been identified.
- The owner must have sufficiently identified the purpose of the application or data asset to enable it to be cataloged (typically age of data, business document type, financial entity or country) and a retention period assigned.
- The owner must have agreed to transfer stewardship of the application or data asset to the records management organization.
- The application or data asset must be in a readable format and sufficient information provided that it can be accessed in future.
- The owner agrees that they will no longer be able to directly access the application or data asset, and that data retrieval will be through a service request model to the records management organization.
Ownership vs. Stewardship
To understand the responsibilities associated with archived assets it is important to differentiate between the roles of the data owner and the data steward. For a production asset it is common for one person or group to play both roles but for archived assets they should be distinct groups.
When a Product Owner agrees to transfer data into the archive then they are also agreeing to transfer stewardship to the records management organization. For digital assets as with physical assets the ownership of the asset remains the responsibility of the Product Owner until its destruction but the stewardship transfers at the time the archive is completed.
| Activity | Data Owner | Data Steward |
| Business, audit, legal and regulatory requests for data. | Accountable for fulfilling the request. | Responds to the request and provides the data in a consumable format. |
| Access to the data asset. | Defines who can access the data asset. | Manages access to the data asset. |
| Destruction or permanent obfuscation of data asset or a portion of the data asset. | Requests and/or authorizes the destruction or permanent obfuscation. | Performs the destruction or permanent obfuscation. |
| Cataloging of the data asset. | Assigns the records retention period. | Ensures sufficient knowledge of data asset exists to allow it to be located and consumed upon request. |
| Sustainment of the data asset. | Accountable for the cost of sustaining the data asset. | Performs periodic reviews of the data asset to ensure it is still accessible. |
“But I Still Need to Access My Data”
There have been many occasions when the Product Owner has approached the IT Garbagemen to retire and archive an application but insist that they still need to access the data regularly. This is the zombie application scenario – simply put the answer is no. The archive is not a library designed for easy browsing, it is a cost-effective long term data storage process for ensuring that assets are secure, locatable and consumable for their entire retention period.
If the Product Owner want to access their data regularly then they need to either transfer the data to their new application, create a new reporting application and house the data there or keep the old application in production.
IT Toxic Waste
Just as people cannot dump hazardous material and toxic waste into a municipal dump the certain types of data assets cannot be accepted into an archive. These are generally one of two types:
- Unclaimed data assets – either an application that no-one remembers or a large collection of unclaimed unstructured data files.
- Unreadable or inaccessible databases and files.
As in the real world there have to be defined processes for dealing with these types of assets.
Unclaimed data must either be destroyed according to rules approved by your Legal department (based on age, data type), manually processed to determine who the owner is and what the data represents or it must be stored in purgatory (i.e. AWS) until a later time.
Applications and data assets that cannot be accessed have to be managed in the same manner as orphaned applications – disposed of according to a predefined process that has been approved by your Legal department.
Conclusion
The intention of a data archive is to provide a cost-effective long term storage medium that ensures that data is secure, locatable and consumable. It isn’t to give Product Owners a easy get out for poor data governance practices.
Define a high bar for entry into the data archive and stick to your guns.
