3-page generic information security policy on the disposal of information.
Redundant information must be disposed of in a manner that addresses the possibility of subsequent inappropriate access. For sensitive content (including personal data and proprietary information), this is achieved by secure deletion (making the information content unintelligible and/or irretrievable) and/or physical destruction of the media on which it is stored e.g. computer disks, USB memory sticks and papers.
Delivered as an editable MS Word document, easily customized for your organization's specific needs.
Information disposal policy
Template policy on information disposal
See also security policies on:
- Information retention
- Backups and archives
- Information governance
- Information ownership
- Information risk management
- Information classification