Search
Updated on January 24, 2024

PDP-4 Backup Retention

Estimated reading: 1 minute 1260 views

What is this control about?

Backup retention is a strategy that determines what data the organization keeps, where it keeps it, and for how long it keeps the data. The retention strategy must be documented in the policy.

Available tools in the marketplace

Tools
No tool recommendation is made for this section

Available templates

TrustCloud has a curated list of templates, internally or externally sourced, to help you get started. Click on the link for a downloadable version:

Control implementation

NOTE: This control is 100% automated by TrustCloud. Connect your system to enjoy the benefits of automation.

To manually implement this control: 

  1. Define the backup retention strategy in the backup policy using NIST best practices.
  2. Enable the retention strategy for the backed-up data.

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action:

  1. Provide a screenshot of the backup retention schedule.

Evidence example

For the suggested action, an example is provided below:

  1. Provide a screenshot of the backup retention schedule.
    The following screenshot shows an example of the retention schedule.
    Google search
    PDP 4 Backup Retention

Join the conversation

ON THIS PAGE
SHARE THIS PAGE

SUBSCRIBE
FlightSchool
Trusty

Want to see how to turn GRC into a profit center?

Ready to save time and money on audits, pass security reviews faster, and manage enterprise-wide risk? Let’s talk! 

Learn More
TrustCommunity

The #1 Community for Security, Privacy, and GRC Professionals.

© 2024 TrustCloud Corporation. All rights reserved.
TrustCloud® and TrustOps® are registered trademarks of TrustCloud Corporation.

Facebook Linkedin Youtube Rss

Resources

Platform

TOPICS

ABOUT US

AICPA
Monitored by TrustCloud

💛 Joyfully Crafted to Elevate GRC Leaders into Trust Champions.

OR