CERTIFIED-IN-CYBERSECURITY · Question #439
CERTIFIED-IN-CYBERSECURITY Question #439: Real Exam Question with Answer & Explanation
The correct answer is B: Applying the longest retention period to all types of information. A common records retention mistake is to apply the longest retention period to all types of information (see ISC2 Study Guide, Chapter 5, Module 1). This approach can lead to unnecessary storage costs and potential legal risks. For example, if an organization retains all of its e
Question
What is the common mistake in records retention?
Options
- AKeeping all types of information for the shortest retention period
- BApplying the longest retention period to all types of information
- CNot keeping any records at all
- DKeeping only digital records and discarding hard copies
Explanation
A common records retention mistake is to apply the longest retention period to all types of information (see ISC2 Study Guide, Chapter 5, Module 1). This approach can lead to unnecessary storage costs and potential legal risks. For example, if an organization retains all of its emails, including those that are not business-critical, for ten years (the longest retention period), it could face increased storage costs and potential legal issues if those emails are subpoenaed in a lawsuit. Retaining all types of information for the shortest retention period is generally a good practice, although it could lead to compliance issues if certain records are required to be retained for longer periods. Not retaining records at all is not a common mistake, as most organizations understand the need to retain records for legal, regulatory and business reasons. Keeping only digital records and disposing of hard copies is not necessarily a mistake either, as many organizations are moving to digital records.
Topics
Community Discussion
No community discussion yet for this question.