Have the legal constraints related to data preservation been analyzed and the rules and deadlines for "forgetting it" been specified ?

Tests

Are there mechanisms in place for data lifecycle management (expiration)? Have mechanisms been put in place for archiving data with a low manipulation rate? Has an end of life for the data been planned (implementation of a validity date for each piece of data, implementation of a validity date by type of technical data, implementation of a validation date by type of functional data)? Have users been consulted to consider the necessary lifespan of key data?

Precisions

The regulations impose control of the data life cycle for certain categories (personal data governed by the GDPR), however, the other categories of data are not taken into account, which leads to the accumulation of data without taking into account their expiration dates. This introduces a permanent increase in the volume of data, the volume of backups, and the resources consumed to access the data. As time goes by, the level of accuracy of the data loses its importance, which should lead to a reduction in the volume of data in the phase preceding their removal.

Use Case

Risks assessment