About audit

Is there a recommendation for the audit task periodicity?

The ideal periodicity for carrying out the audit jobs is something that depends on several factors. That includes the risk that can be undertaken for the stored information, the quality of the storage devices, the circumstantial risk suffered by the storage devices, the system’s global process capacity, etc...

It can be considered that audit times from 3 to 12 months for material with ‘normal’ relevance and a limited risk, should be more than enough. If any of the preserved repositories was of critical importance, and had not a size that could overload the system, higher frequencies could be considered. Audits programmed with periods greater than one year are not recommended, as the risk undertaken may be too high.