nerdexam
(ISC)2

CISSP · Question #698

How should the retention period for an organization's social media content be defined?

The correct answer is B. By the records retention policy of the organization. The retention period for an organization's social media content should be determined by the organization's records retention policy, which outlines how long various types of records (including digital content like social media posts) should be kept before being disposed of. This

Submitted by fatima_kr· Mar 5, 2026Security and Risk Management

Question

How should the retention period for an organization's social media content be defined?

Options

  • ABy the retention policies of each social media service
  • BBy the records retention policy of the organization
  • CBy the Chief Information Officer (CIO)
  • DBy the amount of available storage space

How the community answered

(50 responses)
  • A
    6% (3)
  • B
    88% (44)
  • C
    4% (2)
  • D
    2% (1)

Explanation

The retention period for an organization's social media content should be determined by the organization's records retention policy, which outlines how long various types of records (including digital content like social media posts) should be kept before being disposed of. This policy is usually based on factors such as: Legal and regulatory requirements: There may be laws that specify how long certain types of records must be retained (e.g., financial records, contracts, communications). Business needs: Content might be kept for operational purposes, such as marketing analysis, customer engagement, or historical record-keeping. Security and privacy considerations: The organization may choose to delete content after a certain period to minimize the risk of data exposure. By aligning the retention period for social media content with the organization’s records retention policy, the organization ensures that content is managed consistently across all channels and in accordance with relevant laws and best practices.

Topics

#data retention policy#information governance#records management

Community Discussion

No community discussion yet for this question.

Full CISSP Practice