ID.AM-08.146

Does your organization provide secure methods for destroying paper documents, storage media, and other physical forms of data storage?

Explanation

Proper data destruction methods prevent unauthorized access to sensitive information that may remain on physical media after disposal. Organizations should have documented procedures for securely destroying different types of media including paper shredding, hard drive degaussing or physical destruction, and secure disposal of removable media like USB drives or backup tapes. Evidence could include a data destruction policy document, contracts with certified data destruction vendors, photographs of on-site destruction equipment (such as cross-cut shredders or hard drive destroyers), or certificates of destruction from third-party services.

Implementation Example

Offer methods for destroying paper, storage media, and other physical forms of data storage

ID: ID.AM-08.146

Context

Function
ID: IDENTIFY
Category
ID.AM: Asset Management
Sub-Category
Systems, hardware, software, services, and data are managed throughout their life cycles

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron