3.5: Securely Dispose of Data

CSF v1.1 References:

CSF v2.0 References:

PF v1.0 References:

Threats Addressed:


Info icon.

Control is new to this version of the control set and incorporates the following item from the previous version: 13.2: Remove Sensitive Data or Systems Not Regularly Accessed by Organization.

Control Statement

Securely dispose of data as outlined in the enterprise’s data management process. Ensure the disposal process and method are commensurate with the data sensitivity.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]