What is a best practice for data retention and disposal?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the DSAC-11 Annex C Test with real-time quizzes and multiple-choice questions. Each question offers hints and explanations to enhance your preparedness. Boost your confidence and ensure success in your DSAC-11 Annex C exam!

Multiple Choice

What is a best practice for data retention and disposal?

Explanation:
Data retention and disposal is about managing information for the right amount of time and then removing it securely when it’s no longer needed. The best practice is to keep data only as long as policy and law require, securely dispose of it when it’s no longer needed, and verify that the disposal actually removed the data. This approach protects privacy, reduces the risk of data breaches, and lowers storage and compliance costs. Think of retention as a defined schedule based on data type, legal obligations, and business needs. Once that window closes, disposal isn’t optional—it should be done securely using appropriate methods for the media (erasure, shredding, degaussing, etc.). Verification matters because it confirms the data is truly gone and can’t be recovered, which is essential for auditability and trust. Backups complicate the picture: you need to account for copies in backups so that data isn’t recoverable from those sources as well, or ensure those backups are governed by the same retention and disposal rules. Keeping data indefinitely or delaying disposal beyond policy increases risk and cost, while disposing too early or inconsistently can lead to loss of needed information or noncompliance.

Data retention and disposal is about managing information for the right amount of time and then removing it securely when it’s no longer needed. The best practice is to keep data only as long as policy and law require, securely dispose of it when it’s no longer needed, and verify that the disposal actually removed the data. This approach protects privacy, reduces the risk of data breaches, and lowers storage and compliance costs.

Think of retention as a defined schedule based on data type, legal obligations, and business needs. Once that window closes, disposal isn’t optional—it should be done securely using appropriate methods for the media (erasure, shredding, degaussing, etc.). Verification matters because it confirms the data is truly gone and can’t be recovered, which is essential for auditability and trust.

Backups complicate the picture: you need to account for copies in backups so that data isn’t recoverable from those sources as well, or ensure those backups are governed by the same retention and disposal rules. Keeping data indefinitely or delaying disposal beyond policy increases risk and cost, while disposing too early or inconsistently can lead to loss of needed information or noncompliance.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy