Overwriting EEPROM for Complete Data Sanitisation
Erase EEPROM data by overwriting it with random data and checking it to ensure it's properly wiped.
Plain language
This control is about making sure any data stored in EEPROM (a type of computer memory) is completely erased when it’s no longer needed. EEPROM holds onto information even when powered off, so if it's not properly wiped, sensitive data could fall into the wrong hands. By overwriting it with random patterns, we ensure that whatever was there before can't be recovered, protecting against data leaks and privacy breaches.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Nov 2021
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for mediaSection
Media sanitisationOfficial control statement
Non-volatile EEPROM media is sanitised by overwriting it at least once in its entirety with a random pattern followed by a read back for verification.
Why it matters
Failing to properly sanitise EEPROM increases the risk of sensitive data being retrieved after disposal, potentially leading to data breaches.
Operational notes
Overwrite the entire EEPROM at least once with a random pattern, then read back the full device to verify the overwrite succeeded.
Implementation tips
- The IT team should be responsible for creating a procedure to overwrite EEPROM memory. They can do this by using software designed for this purpose, which writes random patterns of data over the existing information on the EEPROM. This needs to be done routinely to prevent data recovery.
- Managers should make sure their teams understand the importance of data sanitisation. They can achieve this by organising training sessions that explain why encryption and data wiping are crucial for protecting sensitive information stored on EEPROM.
- Procurement officers must ensure that all equipment purchased has the capability to overwrite EEPROM as per the required security standards. This means checking product specifications and, if necessary, consulting with vendors about the device's ability to securely erase data.
- Systems administrators should regularly audit the data sanitisation processes for EEPROM. They can do this by scheduling periodic checks to verify that the overwrite functions are correctly implemented and documented.
- Security officers should draft a policy that mandates the sanitisation of any EEPROM-containing devices before disposal or reuse. This policy should outline the steps for ensuring data has been overwritten and specify who is responsible for verifying the process.
Audit / evidence tips
- AskThe written data sanitisation procedures for EEPROM: Request the document that details the steps taken to overwrite data on EEPROM GoodProcedure will have these elements clearly documented and assigned to specific staff roles
- AskTo see a log of past EEPROM sanitisations GoodLog will show regular intervals consistent with the policy and have entries signed off by an IT professional
- AskA demonstration of the EEPROM overwrite process: Request the team to walkthrough the overwrite procedure on a test EEPROM GoodDemonstration will result in a properly wiped test memory that is verified immediately
- AskTraining records related to EEPROM sanitisation: Request records showing that team members have been trained on this process
- AskDocumentation of any issues found during EEPROM sanitisation: Request records of any anomalies or problems encountered
Cross-framework mappings
How ISM-0836 relates to controls across ISO/IEC 27001, ISO/IEC 42001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (2) expand_less | ||
| Annex A 7.10 | ISM-0836 requires sanitising EEPROM by fully overwriting it with a random pattern and verifying the overwrite via read back | |
| Annex A 7.14 | Annex A 7.14 requires ensuring sensitive data is removed or securely overwritten from storage media before equipment disposal or re-use | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.