DataFutureproofingCooperationInputProcessingOutputData lifecycle questionnaireThoughts for data-centric IT projects, with a special focus on (1) Blockchain criteria and (2) requirements for trustworthy,reproducible, or traceable IT processes.Marcel Waldvogel, CC-BY-SA 4.0 • Version of 2022-04-01 • Current version available from https://marcel-waldvogel.ch• Will format, structure, or dependencies between the data eventually change?• When parts of the data itself changes: Should historic data continue to refer to the historic values referenced,or should they be updated (i.e., what should happen to recorded names/addresses on name/address change)?• How should these changes be implemented (for both legacy and future data)?• Do data have an expiry/deletion data? Is that date determined statically or dynamically? What should happen then?• What should be done to wrong entries (whether accidentaly or malevolent)?Which effect does this have on traceability?• How is the right for correction and deletion of personal data to be implemented?• Even if no personal identifiable data is processed: How will court orders for correction/deletion be implemented?• Which groups may read, write, perform administrative operations on the data? Who can change program code?• Which risks might arise from authorized people abusing their access permissions(or, by unauthorized programs or third parties abusing the permissions of authorized people)?• Is prolonged or persistent mistrust to be expected between actors? Can this mistrust be managed throughhierarchies, assignment of responsibilities or (work) contracts?• What are the data sources?• Where do the data come from?• How do they enter the system?• What about existing (legacy) data?• How is quality assured?(currectness, uniformity,consistency, authenticity,completeness, …)• Which processing steps willthe data be processed throughwhile in the system?• How is correctness of these stepsand results asserted? Can this beperformed automatically? Always?• What should happen to these dataafterward?• Which actions should be triggeredby the results from these data andtheir processing? Automatically?• How is the execution of theseresulting actions verified and/orenforced?• What is size, format, and structure of the data in question?• What are the dependencies between fields (within and amont) data records?• For which parts or aspects do you require (1) integrity, (2) traceability, (3) immutability, (4) confidentiality,(5) availability, or (6) global consensus?• For which of them should the current state be public?• For which of them should their history be public (traceability)?• Are there further records, fields, or relations requiring special treatment?• What are the licenses and otherconditions attached to the data?