From an information security perspective, information that no longer supports the main purpose of the business should be:

From an information security perspective, information that no longer supports the main purpose of
the business should be:

From an information security perspective, information that no longer supports the main purpose of
the business should be:

A.
analyzed under the retention policy.

B.
protected under the information classification policy.

C.
analyzed under the backup policy.

D.
protected under the business impact analysis (BIA).

Explanation:

Option A is the type of analysis that will determine whether the organization is required to maintain
the data for business, legal or regulatory reasons. Keeping data that are no longer required
unnecessarily consumes resources, and, in the case of sensitive personal information, can
increase the risk of data compromise. Options B. C and D are attributes that should be considered
in the destruction and retention policy. A BIA could help determine that this information does not
support the main objective of the business, but does not indicate the action to take.



Leave a Reply 0

Your email address will not be published. Required fields are marked *