Security Awareness Training

120 - Information Retention and Destruction

In business today, it's critical that key information is kept for as long as it's needed - especially when regulatory compliance is involved. It's also important that information is destroyed when no longer needed to reduce the cost of retention, and that the destruction ensures that the information doesn't get into the wrong hands. But, as recent events have shown, having a retention and destruction policy is of limited value if you don't educate your staff about what that means and what their responsibilities are.

This course discusses the reasons why information should be kept and destroyed, how the retention period is affected by the nature of the information and the storage media, and examines some key factors in secure destruction of information.

Retaining Information:

• Why we retain information?
• What information should we worry about?
• The retention period.
• The effect of the form of media.
• Where do we retain information?

Destroying Information:

• Why do we destroy information?
• Reasons to extend retention.
• Destruction methods.
• Impact of incorrect destruction.
• Securing the destruction process.