Creation refers to the stage when data, regardless of their forms, is collected, captured, generated, or imported; followed by necessary validation or processing for subsequent uses. Data owners normally consider data quality, privacy, and auditability issues during the creation phase. It is imperative for data owners to deliberate on whether a piece of data is necessary, considering the operational needs and liabilities it may bring to the University.

Storage refers to keeping and protecting created data and making it easily accessible to those who are authorized, for the appropriate period of justifiable retention. Regardless of whether data is stored within or outside the University campus, appropriate level of security must be applied. A robust backup and recovery process should be in place to ensure data is available for use when needed. Data owners normally consider data security and availability issues related to storage of data.

Use refers to the access, update as well as sharing of stored data to support operational or analytical activities. Use of data must comply with relevant regulations and justifiable. For sensitive data, audit trail should be maintained to ensure that activities are traceable. Data owners need to consider data privacy, security, and auditability pertaining to the use of data.

Destruction refers to the eradication of stored or archived data. This is sometimes prompted by practical constraints of limited storage or archival space. More often, eradication of data is required by regulations. Depending on the sensitivity of the data in concern, the challenge is to ensure that the data has been properly or securely destroyed, in a timely manner.