In the current issue
of infoSecurity Magazine it states that only 34.5% of employers have a document
retention and deletion policy in place. In light of recent events it appears to
me that this should be a risk area that internal audit departments should
consider in preparing the next annual audit plan. These policies should include
email.
I am curious as to
what others are doing about this and whether anyone is planning or has performed
an audit in this area.
Jim Kaplan MSA, CIA,
CFE, CSM
Fairfax County Public
Schools
Superintendent's OfficeDirector - Internal Audit
(703) 591-2590 Phone
(703) 591-4113 FAX
