The disposal log referenced from Records Disposal & Certificates of Destruction → Records. Every disposal action from any of the trigger sources listed in Records Disposal → Triggers is logged here.
Operational mirror: the day-to-day data-entry surface lives in a Vanta-mirrored SharePoint sheet maintained by the CISO’s office; this page is the authoritative summary referenced from the policy. The CISO performs a quarterly reconciliation between the two.
Schema
Each disposal entry captures:
| Field | Notes |
|---|
| Disposal ID | Sequential identifier (DSP-YYYY-NNNN). |
| Date | Date the disposal action completed. |
| Trigger | Retention period reached / contract termination / DSR deletion / device retirement / system decommission. |
| Item(s) destroyed | Description, classification, and serial numbers (where applicable). |
| Method | Per Records Disposal → Methods. |
| Vendor (if any) | Name of approved vendor; None for in-house actions. |
| Requestor | Name + role. |
| Asset Owner approval | Name + date. |
| CISO sign-off | Name + date. |
| Certificate of Destruction (COD) | Link to attached COD; N/A for in-house actions. |
| Notes | Cross-reference to the originating ticket (DSR, offboarding, decommission). |
Active log
| Disposal ID | Date | Trigger | Items | Method | Vendor | Requestor | Asset Owner | CISO sign-off | COD |
|---|
| No disposal actions logged yet. | | | | | | | | | |
Quarterly review
The CISO performs a quarterly review of this log to confirm:
- Every triggered disposal in the quarter is logged.
- Every entry has Asset Owner approval and CISO sign-off.
- Every vendor-handled entry has an attached COD.
- Methods used align with the data classification.
Findings are recorded in the General Counsel’s quarterly compliance summary.
Cross-references
Version history
| Version | Date | Description | Author | Approved by |
|---|
| 1.0 | May 8, 2026 | Initial version | Cameron Wolfe | Ishan Jadhwani |
