Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook

Limiting hard copy creation of material displaying personal data

Critical
High
Normal
Low

Hard copy means a permanent reproduction in the form of a physical object (e.g. paper) of displayed or transmitted data.

Organization has guidelines for employees that restrict creation of hard copies of material displaying personal data. This includes material created by printing.

Connected other frameworks and requirements:
A.11.2: Restriction of the creation of hardcopy material
ISO 27018

Minimization of information outside data systems

Critical
High
Normal
Low

A large amount of valuable information in an organization has often accumulated over time into hard-to-find and manageable unstructured data — excels, text documents, intranet pages, or emails.

Once this information has been identified, a determined effort can be made to minimize its amount.Important data outside data systems is subject to one of the following decisions:

  • move into a data system
  • get rid of (when the information is old, no longer necessary or otherwise irrelevant)
  • is kept in use and a responsible person is appointed to manage the risks
Connected other frameworks and requirements:
32. Security of processing
GDPR
8.1.3: Acceptable use of assets
ISO 27001
8.3.1: Management of removable media
ISO 27001
9.4.4: Use of privileged utility programs
ISO 27001
A.11.2: Restriction of the creation of hardcopy material
ISO 27018
No items found.