Skip Navigation

Chapter 1—The Information Life Cycle

One of the first concepts system designers and developers need to absorb is that information has a life cycle that begins with its creation and continues until its destruction. Understanding the life cycle of information is vital to evaluating the information systems policymakers have, and to designing the systems they need. Although the life cycle process can be described in many ways, the following verbs are used here to enumerate its different stages: define, create, collect, store, protect, use, share, and retire. (Note: The framework depicted in the graphic below applies to the information life cycle only. This Forum guide is not organized around this framework.)


Before collecting data, organizations identify and define the data elements they need or want in order to comply with requirements or inform decisionmaking and business processes. Definition of data is not a precursor to the cycle, nor is it a one-time process.

This stage should occur iteratively with every cycle to refine the data and their relationships so they better meet evolving needs. Only data that will be used should be defined (see chapter 9).

The Forum has more detailed information...

...about the identification and definition of data elements:

Create and collect

While some information already exists and will remain relatively constant over time (for example, student's name, birth date, race, sex), other data are the products of events or activities (tests, course enrollments, discipline incidents, health events, etc.). Existing data will need to be added or crosswalked to the LDS, and new data will need to be collected as students progress through the education system. Thoroughly understanding the nature of the various types of data to be entered into the system and the collection processes that will be used is essential for recognizing the quality—completeness, timeliness, and accuracy—of the data, and thereby determining whether or not the data will be usable. It is also important to consider the burden and costs of acquiring and entering the data and the skills required to do this critical work (see chapter 9).

Store and protect

Determine the storage requirements for the data and the levels of protection they will require. The risk of exposure will vary based on the contents of the records. Risk has two components: the amount of harm that will be done if the data are accessed by an unauthorized party and the likelihood that this might happen. If the content of the records is such that little or no harm will be done if the system is breached, then the risk can be considered low even if the likelihood of unauthorized use is high. But as the potential for harm increases, systems must provide higher levels of protection protocols to reduce the likelihood of unauthorized access to the data.


Systems are built to facilitate the use of their data to improve the organization's work and the students' educational outcomes. The users of the data in the system should be the system builder's primary "customers." How the data are to be used, presented, and refreshed are just a few of the considerations that call for extensive requirements discussions. (Note: The purposes for which the data will be used should also be a central consideration in the "define" stage of the cycle.)


How, when, under what circumstances, and with whom (individuals, organizations, other systems) the data will be shared is another set of questions to be deliberated. Sharing data often has legal and policy implications, such as freedom of information and privacy requirements. Clearly articulating all of these requirements, and the appropriate business rules to be followed, is necessary for legal and ethical compliance.


One of the last decisions in the life cycle of information comes when specific data cease to be accessed and used for the purposes for which they were originally collected and stored. When they are dormant yet still occupying valuable storage space, a decision must be made whether to archive or destroy the data. Some data by their nature are "eternal" and need to be properly and securely archived in case they are ever needed again (for example, transcript and financial data). Other records will eventually lose all of their value and should be destroyed in a manner consistent with their sensitivity.

Before the design and development experts for any information system begin their work, system owners and planners should thoughtfully review all aspects of the life cycle of the information they propose to collect, store, and use. A thorough understanding of current information handling processes will provoke insights and suggestions for improvements and uncover difficulties that might otherwise not be discovered in a timely manner. Ultimately, the value and utility of the data will be greatly compromised if policymakers, system planners, and developers do not understand the whole life cycle and fail to ensure that the information is protected, collected, stored, and used correctly.