Determine the fall out from deleting user accounts after they have been suspended for more than a year

We currently never delete accounts. After speaking with the CISO, we agreed that we should delete the accounts after they have been suspended for a year.

This raises some questions:

• Can we recover documents, etc from deleted users?
• Should we transfer documents, etc to a "grandfather" user?
• Do documents, etc shared by users become inaccessible to people shared with as soon as the user is suspended or only when deleted? If the former, that's better since we get some warning about important documents in danger of deletion. If the latter we need to have to recovery plan.