Recommendation : 1. Reduce the impact of data from its storage and access
Is the removal of obsolete data being managed ?
Are data lifetimes managed?
The regulations require control of the data life cycle for certain categories (for e.g.: personal data governed by the RGPD). Lack of consideration to other categories of data leads to the accumulation of data without taking into account their expiry dates, which increases the volume of data, the volume of backups and the resources consumed by accessing the data. Over time, the level of detail of the data becomes less important, which should lead to a reduction in the volume of data, preceding its eventual removal.
Impact assessment define actions and stakeholders involved in impact reduction
Rule for assessing the level of compliance of the criterion
Formalized = 100 ; Planned = 75 ; Identified = 50 ; Ignored = 0 / 100
Fin de Vie
19 other criteria related to the recommendation: Reduce the impact of data from its storage and access
Is the number of requests kept to a minimum (no looping) ?
Is an alternative to SQL queries used when possible (local storage or similar) ?
Do implemented queries use joins rather than multiple queries ?
Can data be backed up incrementally ?
Are database indexes consistent with operations ?
Is an alternative to the relational model being considered ?
Is a NoSql solution more efficient than its relational equivalent ?
Have the different data access solutions (queries, triggers, stored procedures) been tested ?
Are EXPLAIN clauses used on "Slow queries" to optimize indexes ?
Are the slow query detection thresholds set effectively ?
Are "live" and "dead" data handled differently (eg: Slow storage for "dead" data) ?
Is frequently accessed data available in RAM ?
Are data replications between multiple Database Engine (Cluster) instances appropriate for sensitivity and availability requirement ?
Does the data have an expiration date when it is deleted ?
Is sensitive data collected ?
Is the data collected really useful ?
Does the API provide limits, filters and the list of fields to return ?
Is sensitive user data secure ?
Does regulated data (personal, health, financial) comply with the recommendations for structuring these categories of data ?