Protecting the Payload Before Building the Pipes
For Data Architecture, the information the business cares about should be explicitly understood. Phase 2 defines the core data entities, security classifications, and lifecycles that justify the infrastructure’s existence. Skipping this phase risks building a highly secure, lightning-fast environment that stores uncontrolled, duplicated, or misclassified data.
Core Objectives of Phase 2
Define the Single Source of Truth:
Visually demonstrate where master data legally resides versus where it is merely consumed or copied, preventing version control chaos.
Establish Security Boundaries:
Identify the classification levels (e.g., PII, PCI, Commercially Confidential) and regulatory constraints placed on the information the system will store, process, or transmit.
Map the Data Lifecycle:
Document exactly how critical information is created, updated, archived, and securely destroyed within the target operating model.
Ensure Interoperability:
Create the structural blueprint that shows how different applications will exchange information, ensuring the vocabulary and data formats remain consistent across the entire ecosystem.
Primary Stakeholders
The artifacts generated in this phase are tailored for Data Owners, InfoSec Officers, Risk & Compliance Boards, and Data Governance Leads. The language used in these diagrams should bridge the gap between business meaning and technical reality. While avoiding vendor-specific database schemas or storage array hardware configurations, logical data entities, access rules, and governance boundaries should be clearly defined.
