(ISC)2 Certified in Cybersecurity Practice Exam

What practice ensures the destruction of records after a designated time period?

• A. Records Retention
• B. Data Archiving
• C. Record Keeping
• D. Data Privacy

The correct answer is: Records Retention

The practice that ensures the destruction of records after a designated time period is commonly referred to as Records Retention. This involves policies and procedures that dictate how long different types of records should be kept, ensuring compliance with legal and regulatory requirements. Once the designated retention period has elapsed, records are systematically destroyed to minimize the risk of data breaches, the potential for misuse of sensitive information, and to comply with privacy laws. Implementing a Records Retention policy helps organizations efficiently manage their information lifecycle, providing a framework not only for keeping necessary information accessible as long as required but also for the secure destruction of records that are no longer needed. This practice is essential for maintaining both operational efficiency and legal compliance. In contrast, data archiving refers to the process of moving data that is not actively used to a separate storage environment for long-term retention, rather than destruction. Record keeping involves maintaining detailed and accurate records for various transactions and activities but does not specifically address the destruction of records after a certain time. Data privacy relates to the protection of personal information and the principles governing the collection and use of that data, rather than the specific practice of record destruction.