Skip to content
arrow_back
E8-RB-ML3.3
search
E8-RB-ML3.3 bolt ASD Essential Eight

Backup administrators cannot modify or delete backups during retention

Ensure backup admins can't change or remove backups until retention ends.

Preventative ML3 Essential EightRegular backupsbackupadmin accounts
record_voice_over

Plain language

This control is all about making sure that backup administrators can't change or delete important backup data until it's no longer needed. This is crucial because if backup copies are altered or lost too soon, it could leave us with no way to recover key information if something goes wrong, like a data breach or system failure.

Framework

ASD Essential Eight

Control effect

Preventative

E8 mitigation strategy

Regular backups

Classifications

N/A

Official last update

N/A

Control Stack last updated

19 Mar 2026

E8 maturity levels

ML3

Official control statement

Backup administrator accounts are prevented from modifying and deleting backups during their retention period.
bolt ASD Essential Eight E8-RB-ML3.3
priority_high

Why it matters

If backups can be altered or deleted prematurely, critical data recovery following incidents like cyber attacks or system failures may be impossible.

settings

Operational notes

Regularly verify backup access controls so admin accounts cannot modify or delete backups during the retention period.

build

Implementation tips

  • IT team should ensure backup software settings are configured to prevent administrators from modifying or deleting backups during the retention period. This can be done by setting strict permissions and roles within the software.
  • Security officer should review and update access control lists regularly to ensure they reflect current staff roles and responsibilities. This means checking who has access to backup systems and adjusting permissions as needed.
  • System administrator should implement logging on backup systems to monitor and record any attempts to modify or delete backups during their retention period. Enable detailed logging features available in the backup software.
  • IT manager should establish a policy that clearly defines retention periods for different types of data. This involves collaborating with business units to understand the importance and required retention times of various datasets.
  • Compliance officer should provide training to backup administrators on security protocols and the importance of retaining backups without alteration. Offer workshops or e-learning sessions on data protection and security responsibilities.
fact_check

Audit / evidence tips

  • AskCan you describe the process for preventing backup modification or deletion during the retention period?
  • GoodBackup software settings restrict all modification and deletion actions for backup administrators during the retention period, and this is enforced by structured access control policies
  • AskHow do you ensure that the correct retention policies are being followed for all data backups?
  • GoodRetention policies are clearly documented, regularly reviewed, and the system configurations enforce these policies effectively
  • AskWhat methods are used to detect and log unauthorised access or changes to backups?
  • GoodSecurity logs are actively monitored, and alerts are set up to notify administrators of any attempts to modify or delete backups during retention
link

Cross-framework mappings

How E8-RB-ML3.3 relates to controls across ISO/IEC 27001, ISO/IEC 42001, Essential Eight, and ASD ISM.

ISO 27001

Control Notes Details
handshake Supports (1) expand_less
Annex A 8.13 Annex A 8.13 requires organisations to maintain backups and regularly test them so they are usable for recovery

ASD ISM

Control Notes Details
sync_alt Partially overlaps (3) expand_less
ISM-1707 ISM-1707 focuses on preventing non-backup administrators from modifying/deleting backups, whereas E8-RB-ML3.3 constrains backup administr...
ISM-1814 E8-RB-ML3.3 requires that backup administrator accounts cannot modify or delete backups during their retention period
ISM-1928 ISM-1928 requires backups of specific identity services (AD DS, AD CS, AD FS and Entra Connect) to be encrypted, stored securely, and onl...
link Related (2) expand_less
ISM-1708 ISM-1708 requires that backup administrator accounts are prevented from modifying or deleting backups during their retention period
ISM-1811 ISM-1811 requires backups to be retained securely and resiliently, which includes protecting them from tampering and deletion during the ...

These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.

Mapping detail

Mapping

Direction

Controls