DCH-09.5 ยท Dual Authorization for Sensitive Data Destruction

Control Description

Mechanisms exist to enforce dual authorization for the destruction, disposal or sanitization of digital media that contains sensitive/regulated data.

Control Question
Assessment question for control validation

Does the organization enforce dual authorization for the destruction, disposal or sanitization of digital media that contains sensitive/regulated data?

Control Weighting
5
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Additional Metadata
Applicability (Process):
x