Clean Up Temporary Files Post-Installation
Delete temporary files and logs after server applications are installed to maintain security.
Plain language
After installing new software on your servers, it's important to delete any temporary files left over. These files can contain sensitive information that hackers could exploit. By cleaning them up, you reduce the risk of unwanted access to your system.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2023
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for system hardeningSection
Server application hardeningOfficial control statement
All temporary installation files and logs created during server application installation processes are removed after server applications have been installed.
Why it matters
Failure to remove temporary installation files and logs can expose credentials or configuration details, enabling unauthorised access or system compromise.
Operational notes
After each server app install/upgrade, run a scripted clean-up to delete installer temp files and installation logs, and verify no sensitive artefacts remain.
Implementation tips
- The IT team should compile a list of all temporary files created during the software installation process. This can be done by documenting the installation steps and noting which files are marked as temporary by the installer.
- The IT team should set up a script or use existing tools to automatically delete these temporary files after the installation is complete. This ensures the files are removed without the need for manual intervention every time.
- System owners should verify that the script or tool is correctly configured to remove the temporary files. This can be checked by reviewing the script's configuration and conducting a test run after a software installation.
- Managers should ensure that there is a policy in place requiring the removal of temporary files post-installation. This policy should be communicated and enforced to maintain a secure and tidy system environment.
- The IT team should frequently audit installed applications to ensure no lingering temporary files exist. They can do this by checking directories commonly used for temporary storage and confirming these are empty post-installation.
Audit / evidence tips
-
Askdocumentation of the installation process: Request records that detail how the application was installed and what temporary files were generated
GoodDetailed records showing every temporary file identified during installation
-
Askthe script or tool configuration: Request to see the configuration of the tool or script used to clean up temporary files
GoodA script with detailed, accurate entries linking to the documented temporary files
-
Askpost-installation logs: Request logs that verify temporary files have been deleted following installation
GoodLogs that clearly show the timing and confirmation of file deletions
-
Askpolicy documentation: Request a copy of the organisation's policy on managing temporary files
GoodA documented policy outlining procedures and responsibilities for removing temporary files
-
Askevidence of regular audits: Request records of regular audits of installed applications to ensure compliance
GoodRegular, signed-off audit reports confirming no temporary files remain on the system
Cross-framework mappings
How ISM-1245 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 8.19 | ISM-1245 requires all temporary installation files and logs created during server application installation to be removed after installation | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.