The organization should implement guidelines for preventing changing records and requiring alignment with the organization’s requirements for managing records. A retention schedule should be created to define the length of time records should be kept, taking into account relevant laws and regulations and societal expectations. The system of storage and handling should permit the suitable deletion of records after their retention period. The organization should also consider the security classifications of specific records and categorize them into types with a specified retention time and storage media.
Conformance1
Tools for conforming to standards, goals and processes
