[finnthehuman]

Business requirements (usually tracing to contracts or law) to have real stewardship over your data.

Not every product domain can operate where they only rent access to the authoritative copy of their records. Or don't have control to acceptance test / rollback the specific versions of the software involved in displaying/modifying those records.

In the past I've worked on safety critical software. As a first order approximation: either the local IT department's disaster recovery plan can ensure continuity of all the quality systems' digital records, artifacts and tools, or you don't actually have a quality system.