---
title: "Business Requirements \u0026 Resiliency Mapping"
url: https://ott.earth/business-requirements/
author: "Pavel Ott"
source: https://ott.earth/
license: CC BY 4.0
---

# Business Requirements & Resiliency Mapping

> Capture critical availability, lifecycle, redundancy, and performance requirements for every CDO so deliberate data duplication can be applied where needed for resilience, performance, and compliance.


## Activities

1. **Define availability & SLA requirements.**
   - Specify required uptime (e.g., 99.9% for core CDOs).
   - Document failover expectations and disaster recovery objectives (RPO/RTO).
   - Identify which CDOs are mission-critical and require higher availability.
2. **Map CDO lifecycle & retention.**
   - Define each CDO’s lifecycle stages: Creation → Validation → Production → Archival → Deletion.
   - Assign retention policies based on business, legal, and compliance needs.
   - Document triggers for archival and deletion.
3. **Redundancy & replication strategy.**
   - Decide on redundancy model per CDO: active-active, active-passive, geo-replication, or backup-only.
   - Justify intentional duplication for resilience, performance, or regulatory reasons.
   - Document how redundancy is monitored and tested.
4. **Performance benchmarks.**
   - Set targets for query latency, throughput, and batch-processing windows.
   - Forecast data volume growth and plan for scalability.
   - Identify CDOs that require real-time vs batch access.
5. **Risk & compliance alignment.**
   - Map each requirement to relevant regulatory mandates (e.g., GDPR, SOX).
   - Assess risks (e.g., single points of failure, data loss) and mitigation strategies.
   - Ensure alignment with the organisation’s risk appetite and compliance framework.

## Objective

Capture critical availability, lifecycle, redundancy, and performance requirements for every CDO.

## Outcome

A documented set of requirements and resilience plans that support business continuity, compliance, and performance targets.

## Key Stakeholders

- **Data Owner** — Approves requirements and resilience plans.
- **Data Steward** — Validates resilience strategies and monitors compliance.
- **Enterprise Architecture Team** — Documents requirements and ensures technical alignment.
- **Risk & Compliance Officers** — Assess regulatory risks and map requirements.
- **IT Security** — Advises on disaster recovery and data protection.