Research on Quantitative Assessment and Detection Methods for Residual Risks of Outdated Static Confidential Data

Abstract

Aiming at the historical static confidential data archived due to business system upgrades, project conclusion and other reasons, this paper proposes a quantitative assessment framework based on "Residual Risk Value (RRV)". This framework is designed to address the challenges of risk assessment caused by the passage of time, standard iteration and loss of business context. By constructing a three-dimensional model integrating "information sensitivity, current identifiability, and potential impact consequences", subjective empirical judgments are converted into objective quantitative analysis, providing a scientific decision-making basis for security governance and compliant disposal at the end of the data lifecycle. This paper elaborates on the constituent factors and calculation methods of the RRV model, as well as the systematic detection and hierarchical disposal process based on the model, and discusses the application value of the framework in the broader field of data governance