800-53|SI-12

Title

INFORMATION HANDLING AND RETENTION

Description

The organization handles and retains information within the information system and information output from the system in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and operational requirements.

Supplemental

Information handling and retention requirements cover the full life cycle of information, in some cases extending beyond the disposal of information systems. The National Archives and Records Administration provides guidance on records retention.

Reference Item Details

Related: AC-16,AU-11,AU-5,MP-2,MP-4

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Priority: P2

Baseline Impact: LOW,MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.5.5 (L1) Ensure 'Locked' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.15.3.1 (L1) Ensure 'Block new requests asking to access location' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.28 (L1) Ensure 'Disable Firefox Accounts' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.29 (L1) Ensure 'Disable Firefox Studies' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.31 (L2) Ensure 'Disable Form History' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L2
1.1.40 (L2) Ensure 'New Tab Page' is set to 'Disabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L2
1.1.41 (L1) Ensure 'Offer to save logins' is set to 'Disabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.19 Ensure that all the expired SSL/TLS certificates stored in AWS IAM are removedamazon_awsCIS Amazon Web Services Foundations L1 3.0.0
2.1.2 Ensure 'Retain deleted items for the specified number of days' is set to '14'WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.1.3 Ensure all data in Amazon S3 has been discovered, classified and secured when required.amazon_awsCIS Amazon Web Services Foundations L2 3.0.0
2.1.5 Ensure 'Keep deleted mailboxes for the specified number of days' is set to '30'WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.1.6 Ensure 'Do not permanently delete items until the database has been backed up' is set to 'True'WindowsCIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0
2.4 Set 'Keep deleted mailboxes for the specified number of days' to '30'WindowsCIS Microsoft Exchange Server 2016 Mailbox v1.0.0
2.4 Set 'Keep deleted mailboxes for the specified number of days' to '30'WindowsCIS Microsoft Exchange Server 2013 Mailbox v1.1.0
3.1.21 Establish retention set size for backupsUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 2
3.1.21 Establish retention set size for backupsUnixCIS IBM DB2 v10 v1.1.0 Linux OS Level 1
3.2.1 Ensure DLP policies are enabledmicrosoft_azureCIS Microsoft 365 Foundations E3 L1 v3.1.0
3.11.36.4.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 10 v3.0.1 L1
3.11.36.4.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Intune for Windows 11 v3.0.1 L1
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 v3.0.1 L1 DC
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Stand-alone v3.0.0 L1
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v3.0.0 L1
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 11 Stand-alone v3.0.0 L1
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 v3.0.1 L1 MS
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 EMS Gateway v3.0.0 L1
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 v3.0.0 L1 DC
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 v3.0.0 L1 MS
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG
18.10.56.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows 10 Enterprise v3.0.0 L1
18.10.56.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller
18.10.56.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS
18.10.56.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 v3.0.1 L1 DC
18.10.56.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server
18.10.56.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 v3.0.0 L1 MS
18.10.56.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 v3.0.1 L1 MS
18.10.56.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller
18.10.56.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 v3.0.0 L1 DC
18.10.56.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS
18.10.56.3.11.2 Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS
18.10.56.3.11.2 Ensure 'Do not use temporary folders per session' is set to 'Disabled'WindowsCIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller