CISA Certified Information Systems Auditor – Question2742
A comprehensive and effective e-mail policy should address the issues of e-mail structure, policy enforcement, monitoring and: A. recovery. B. retention. C. rebuilding. D. reuse.
Correct Answer: B
Explanation:
Explanation:
Besides being a good practice, laws and regulations may require that an organization keep information that has an impact on the financial statements. The prevalence of lawsuits in which e- mail communication is held in the same regard as the official form of classic ‘paper* makes the retention of corporate e-mail a necessity. All e-mail generated on an organization’s hardware is the property of the organization, and an e-mail policy should address the retention of messages, considering both known and unforeseen litigation. The policy should also address the destruction of e-mails after a specified time to protect the nature and confidentiality of the messages themselves. Addressing the retention issue in the e-mail policy would facilitate recovery, rebuilding and reuse.
Please disable your adblocker or whitelist this site!