Inspect and Destroy Retained Images on Printer Platens
Check printer surfaces, and destroy them if they have any leftover text or images.
Plain language
This control is about inspecting the glass surface of your office printer or multifunction device for any leftover copies of documents. If documents or images are left on the printer, it poses a privacy risk—imagine sensitive information accidentally being copied or seen by someone who shouldn't have access.
Framework
ASD Information Security Manual (ISM)
Control effect
Detective
Classifications
NC, OS, P, S, TS
ISM last updated
Nov 2021
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Official control statement
Printer and MFD platens are inspected and destroyed if any text or images are retained on the platen.
Why it matters
Retained images on printer/MFD platens can expose sensitive documents to unauthorised personnel, causing data leakage and privacy breaches.
Operational notes
Inspect printer/MFD platens routinely; if any ghosted text/images are present, securely destroy the retained image and clean the platen.
Implementation tips
- The office manager should schedule regular inspections of printer platens. Train staff to check for visible text or images after jobs to prevent data exposure.
- Assign an IT team member to lead a monthly sanitisation check. They need to clean the printer platens, ensuring no residue images remain, using soft cloths and approved cleaners.
- Office staff should be reminded to clear any documents immediately after copying. Notice prompts can be placed near machines to help enforce this habit.
- Plan for immediate removal if sensitive data is found. The IT team should have a protocol for erasing any retained data and preventing future issues.
- Managers should oversee the formation of a quick response team. Their task is to ensure data that might be retained is properly cleared or destroyed, possibly by consulting the printer’s manual or technical support.
Audit / evidence tips
-
Aska record of inspection schedules: Request to see documents scheduling regular printer checks
Goodrecord will show regular checks were performed as planned
-
Askto see the IT team’s cleaning procedures
-
Askemails or notices sent to remind staff about platen checks. Verify the frequency and content match policy. Good evidence shows regular reminders with detailed instructions
-
Askto see staff training materials: Request copies of guides or materials used in teaching staff about this process. Good evidence would have detailed steps with who is responsible for actions
Cross-framework mappings
How ISM-1220 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 7.14 | ISM-1220 requires organisations to inspect printer and MFD platens and destroy them if any text or images are retained | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.