Maintain disposal or redeployment records.

UCF ID: 01644

Control Type: Process or Activity

Status: Live

Supporting and supported controls

This control directly supports:

Establish and maintain a systems redeployment or disposal policy. [UCF Control ID 00901]

There are no supporting controls.

Authority documents complied with:

US Department of Energy Cyber Security Program Media Clearing, Purging, and Destruction Guidance: DOE CIO Guidance CS-11, January 2007, § 6.a(6), § 6.b(3)(a)iv, § 6.b(3)(c)ii, § 6.b(4)(a)iv, § 6.b(4)(b)iv, § 6.b(5)(a)vi, § 6.b(5)(b)v; North American Electric Reliability Corporation Critical Infrastructure Protection Cyber Security Standards, CIP-007-1 R7.3; Army Regulation 380-19: Information Systems Security, February 27, 1998, App E 4.8; The Standard of Good Practice for Information Security, CI3.1.6(b); ISO/IEC 17799 Code of Practice for Information Security Management, 2005, § 10.7.1; ISO/IEC 27002 Code of practice for information security management, 2005, § 10.7.1; Australian Government ICT Security Manual (ACSI 33), § 3.4.47, § 3.4.48; Guidelines for Media Sanitization, NIST SP 800-88, September, 2006, § 4.8, App F

Energy Guidance

Records should be maintained on the destruction of media. Records for the clearing and purging of unclassified and classified storage media and purging partially contaminated storage media should include the serial number, make, and model of the storage media; the most restrictive classification of information on the media; the purpose of clearing or purging the media; the procedure used to clear or purge the media; and the date, name, and signature of the person performing the task. For clearing and purging classified storage media and purging unclassified storage media, a label should be affixed to the media with this information and a statement that the media does not contain classified information. [§ 6.a(6), § 6.b(3)(a)iv, § 6.b(3)(c)ii, § 6.b(4)(a)iv, § 6.b(4)(b)iv, § 6.b(5)(a)vi, § 6.b(5)(b)v, US Department of Energy Cyber Security Program Media Clearing, Purging, and Destruction Guidance: DOE CIO Guidance CS-11, January 2007]

The Responsible Entity shall maintain records that such assets were disposed of or redeployed in accordance with documented procedures. [CIP-007-1 R7.3, North American Electric Reliability Corporation Critical Infrastructure Protection Cyber Security Standards]

US Federal Security Guidance

Records should be created of all equipment releases; the records should include who the equipment was released to and what methods were used to sanitize it. The disposal or release of equipment should be documented using National Security Agency/Central Security Service (NSA/CSS) Form G6522. [App E 4.8, Army Regulation 380-19: Information Systems Security, February 27, 1998]

NIST Guidance

The organization should maintain a sanitization record that contains what was sanitized, when it was sanitized, how it was sanitized, and what method(s) was used for its final disposition.
App F contains a sample form. [§ 4.8, App F, Guidelines for Media Sanitization, NIST SP 800-88, September, 2006]

ISO Guidance

Records should be kept of all media that has been destroyed or removed from the organization for auditing purposes. [§ 10.7.1, ISO/IEC 17799 Code of Practice for Information Security Management, 2005]

Records should be kept of all media that has been destroyed or removed from the organization for auditing purposes. [§ 10.7.1, ISO/IEC 27002 Code of practice for information security management, 2005]

General Guidance

When sensitive material is disposed, the event should be recorded in a log. [CI3.1.6(b), The Standard of Good Practice for Information Security]

Asia and Pacific Rim Guidance

The destruction of classified material should be done under the supervision of an individual with a clearance at least as high as the material being destroyed. The individual should supervise the material until it is destroyed and ensure the material is completely destroyed. For accountable material, two individuals should supervise the destruction and sign a destruction certificate. [§ 3.4.47, § 3.4.48, Australian Government ICT Security Manual (ACSI 33)]