DM-15—Customer Data Retention and Deletion

>Control Description

Organization purges or archives data according to customer requests or legal and regulatory mandates.

Theme

Process

Type

Preventive

Policy/Standard

>Implementation Guidance

1. Ensure that a process is defined, documented, and communicated for requesting deletion or archival of personal information. 2. Ensure that on customer's request or as per legal/regulatory mandates, personal information is deleted/archived as per the policy.

>Testing Procedure

1. Inspect and validate whether a documented process is defined & communicated for requesting deletion/archival of personal information. 2. Validate whether on customer's request or as per legal/regulatory mandates personal information is deleted/archived as per the policy.

>Audit Artifacts

E-PRIV-01

E-DM-08

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

CIS Controls1

PCI DSS3

SOC 22

BSI C51

Ask AI

CIS Controls
1

PCI DSS
3

SOC 2
2

BSI C5
1