>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

DM-18Personal Information Retention and Deletion

>Control Description

Organization retains and deletes personal information from Organization and service provider systems in accordance with Organization policy.

Theme

Process

Type

Preventive

Policy/Standard

Data Management Policy

>Implementation Guidance

1. Ensure that a process is defined and documented for retention and deletion of personal information. 2. Ensure that the personal information is retained and deleted as per the process from organization and service provider systems.

>Testing Procedure

1. Inspect and validate that a process is defined and documented for retention and deletion of personal information. 2. Validate whether the personal information was retained and deleted as per the process.

>Audit Artifacts

E-DM-01
E-DM-19

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

CIS Controls
2

3.4
15.7

Ask AI

Configure your API key to use AI features.