CISSP · Question #1300
CISSP Question #1300: Real Exam Question with Answer & Explanation
The correct answer is B: Legal. The first requirement a data owner should consider before implementing a data retention policy is the legal requirement. A data retention policy is a document that defines the rules and procedures for retaining, storing, and disposing of data, based on its type, value, and purpos
Question
Which of the following is the FIRST requirement a data owner should consider before implementing a data retention policy?
Options
- ATraining
- BLegal
- CBusiness
- DStorage
Explanation
The first requirement a data owner should consider before implementing a data retention policy is the legal requirement. A data retention policy is a document that defines the rules and procedures for retaining, storing, and disposing of data, based on its type, value, and purpose. A data owner is a person or an entity that has the authority and responsibility for the creation, classification, and management of data. A data owner should consider the legal requirement before implementing a data retention policy, as there may be laws, regulations, or contracts that mandate the minimum or maximum retention periods for certain types of data, as well as the methods and standards for data preservation and destruction. A data owner should also consider the business, storage, and training requirements for implementing a data retention policy, but these are not the first or the most important factors to consider.
Topics
Community Discussion
No community discussion yet for this question.