Certified Information Systems Auditor (CISA) — Question 1345

An organization is disposing of a system containing sensitive data and has deleted all files from the hard disk. An IS auditor should be concerned because:

Answer options

• A. deleted data cannot easily be retrieved.
• B. backup copies of files were not deleted as well.
• C. deleting all files separately is not as efficient as formatting the hard disk.
• D. deleting the files logically does not overwrite the files' physical data.

Correct answer: D

Explanation

The correct answer is D because when files are deleted logically, the actual data remains on the hard disk until it is overwritten, making it possible for someone to recover the sensitive information. Options A and B are misleading as deleted data can sometimes be recovered, and backup issues are not the primary concern here. Option C is also incorrect since formatting the disk can be a more efficient method, but it does not address the core issue of data recovery from logical deletions.