CISA Certified Information Systems Auditor – Question2643

Which of the following is the MOST effective control to ensure electronic records beyond their retention periods are deleted from IT systems?

A.
Review the record retention register regularly to initiate data deletion.
B. Build in system logic to trigger data deletion at predefined times.
C. Perform a sample check of current data against the retention schedule.
D. Execute all data deletions at a predefined month during the year.

Correct Answer: B