cdpse-d3-data-persistence-data-migration

Data Migration

isaca-cdpse · framework · Gold standard

Drawn fromCDPSE Review Manual · ISACA peer-reviewed case sets·Reviewed May 5, 2026

How this was built ▾

Every cubelet runs through five agent passes before publishing. Each stage's output is recorded so we can trace how a claim got here.

01 · RESEARCHSource synthesisClaude Haiku
02 · WRITERSix-face draftingClaude Sonnet
03 · EDITORCoherence + clarity passClaude Sonnet
04 · QAQuality gate scoringClaude Opus
05 · PUBLISHERCatalog + graph commitClaude Haiku

This runcourse-factory-pipeline-v1

1

Face 1 of 6 · WHAT

What is Data Migration

Data migration is the governed process of moving data from one or more source systems to one or more destination systems while preserving integrity, enforcing security controls, maintaining regulatory compliance, and sustaining availability. Within ISACA's CDPSE framework, data migration sits inside the Data Persistence domain of the Data Lifecycle knowledge area — the focus is not merely transporting bytes, but ensuring data remains trustworthy, protected, and governed throughout its transition between persistence states. A migration is complete only when: (1) destination data matches the source per agreed quality rules, (2) security and privacy controls are demonstrably applied, (3) audit trails are intact, and (4) downstream systems and stakeholders operate without degradation.

Where it stops · what it isn't

—IS: Moving structured, semi-structured, or unstructured data between databases, storage platforms, cloud environments, or application systems under defined governance controls
—IS: Includes schema transformation, data cleansing, format conversion, encryption in transit and at rest, and post-migration validation as integral activities
—IS: Encompasses compliance activities — data mapping, classification, residency verification, consent documentation, and audit trail maintenance
—IS NOT: Generic IT infrastructure migration (server moves without data governance focus) or network and hardware upgrades not involving data assets
—IS NOT: Data replication for high-availability or disaster recovery — a continuous operational process rather than a lifecycle transition
—IS NOT: Steady-state ETL pipelines — migration implies a defined start state, end state, and completion criteria
—IS NOT: Data archiving (moving data to cold storage without changing its operational context) unless the archive constitutes a governed system change

Connected concepts in the graph

Every cubelet sits in a knowledge graph. Here's what this one connects to.

PART OF

Data Persistence (CDPSE Data Lifecycle Domain)Data Lifecycle Management

REQUIRES

Data Classification and InventoryData Governance FrameworkData Quality Assessment

ENABLES

Cloud Adoption and Digital TransformationSystem Modernization and DecommissioningM&A Data Integration

RELATED TO

Data Retention and DisposalData Backup and Recovery

CONSTRAINS

Data Residency and Sovereignty ComplianceRegulatory Compliance (GDPR, CCPA, HIPAA)

Practice this judgment ↗

Adaptive, ~8 min

Sit in the practitioner's chair ↗

Live simulator

06 · APPLYSign up to enter the judgment simulator →

Watch your judgment grow on this concept

Create a free account to unlock all 6 faces, the judgment simulator, and a mastery score that updates with every attempt.