Data Migration & Integrity
From fragmented Excel to a governed pipeline of record
The single biggest risk to 30 September is not the platform; it is the migration. Ten years of pipeline data sits in Excel workbooks in fourteen countries. This section is the plan to get it out, clean it up, and land it in a governed system without losing anything of commercial value.
Ten principles
Rules the migration will hold to
- One pipeline of record, no shadow spreadsheets
- Deduplicate on client + opportunity, not on filename
- Fields typed and validated at import, not at report
- Ownership assigned to a named person for every record
- Retention rules applied: closed bids archived after 24 months
- Access role-based, not shared logins
- Audit trail on every field, from day one
- GDPR: no personal data beyond named contacts, lawful basis logged
- Country-specific data residency respected
- Data quality scored monthly, published to country leads
Migration confidence model
Six things leadership can rely on
Data inventory
Every bid workbook found, catalogued and assigned an owner before migration.
Cleanse rules
Standard rules for duplicates, blanks, currency, dates and stages agreed with country leads.
Reference data
Clients, currencies, stages, roles standardised centrally before any load.
Load & validate
Automated import with validation reports; failures fixed at source, not overridden.
Sign-off
Country lead signs off migrated pipeline vs their own Excel baseline before switch.
Freeze the past
Excel workbooks moved to read-only archive on switch day. No dual running.
Migration flow
Six stages from Excel to platform
Discover
Every Excel bid workbook found across shared drives, SharePoint and inboxes. Owner assigned.
Map
Column-by-column mapping to platform fields. Ambiguity resolved with the country lead, not guessed.
Cleanse
Standardised clients, currencies, stages, dates. Duplicates merged with an audit note.
Load
Automated import in test tenant first, then production. Every load produces a validation report.
Reconcile
Country lead compares migrated pipeline to their own baseline. Discrepancies logged and cleared.
Cut over
Excel workbooks locked read-only. Platform becomes the sole source of truth from that hour.
GDPR / DPIA checklist
Eleven items completed before Bulgaria go-live
- Data categories: opportunity, client, contact, pricing, internal roles
- Personal data limited to named business contacts (name, email, role)
- Lawful basis: legitimate interest, documented
- No special category or sensitive personal data in scope
- International transfer: data hosted in EU region by default; country-specific residency configured where required
- Access controls: role-based, MFA, quarterly access review
- Retention: closed bids archived after 24 months, deleted after 6 years
- Sub-processors: vendor DPA in place before go-live
- Data subject rights: standard SAR / erasure process routed via DPO
- Breach response: aligned to group incident procedure with 72-hour reporting
- DPO review scheduled annually and on material change
Data retention
What we keep, for how long, and why
| Data category | Retention period | Basis / rationale |
|---|---|---|
| Live opportunity data | Duration of bid + 24 months | Legitimate interest, commercial audit |
| Won bid / contract link | 6 years | Legal, tax, contractual |
| Lost bid record | 24 months | Lessons learned, competitive analysis |
| Content library assets | Rolling, reviewed annually | Legitimate interest |
| Named business contacts | Duration of relationship + 24 months | Legitimate interest |
| Audit / access logs | 24 months | Security & assurance |
Data & migration RACI
Who owns what
| Area | Responsible | Accountable | Consulted | Informed |
|---|---|---|---|---|
| Migration plan & sequencing | Project Manager | Executive Sponsor | Country leads, Vendor | Steer group |
| Data cleansing rules | Data Lead | Project Manager | Country leads | Vendor |
| Reference data (clients, stages) | Data Lead | Commercial Lead | Country leads | Steer group |
| Country reconciliation & sign-off | Country Lead | Executive Sponsor | Project Manager, Data Lead | Steer group |
| GDPR / DPIA sign-off | DPO | Executive Sponsor | Legal, Project Manager | Steer group |
| Access controls & review | IT Lead | DPO | Country leads | Audit |
| Archive & lock of Excel workbooks | IT Lead | Project Manager | Country leads | Vendor |