Appendix C

Domain 2 Materials

The following sample Record Retention and Destruction and Security Approach policies are referenced in Domain 2 – Asset Security. You can download the materials from this appendix for free by going to the following link:

Record Retention and Destruction Policy

“Company X” recognizes that the firm’s engagement and administrative files are critical assets. As such, the firm has established this formal written policy for record retention and destruction in accordance with applicable state and federal laws. Compliance with this policy is mandatory for all employees. ...

Get Official (ISC)2 Guide to the CISSP CBK, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.