Clean Up Temporary Files Post-Installation
Delete temporary files and logs after server applications are installed to maintain security.
🏛️ Framework
ASD Information Security Manual (ISM)
🧭 Control effect
Preventative
🔐 Classifications
NC, OS, P, S, TS
🗓️ ISM last updated
Feb 2023
✏️ Control Stack last updated
22 Feb 2026
🎯 E8 maturity levels
N/A
Guideline
Guidelines for system hardeningSection
Server application hardeningAll temporary installation files and logs created during server application installation processes are removed after server applications have been installed.
Source: ASD Information Security Manual (ISM)
Plain language
After installing new software on your servers, it's important to delete any temporary files left over. These files can contain sensitive information that hackers could exploit. By cleaning them up, you reduce the risk of unwanted access to your system.
Why it matters
Failure to remove temporary installation files and logs can expose credentials or configuration details, enabling unauthorised access or system compromise.
Operational notes
After each server app install/upgrade, run a scripted clean-up to delete installer temp files and installation logs, and verify no sensitive artefacts remain.
Implementation tips
- The IT team should compile a list of all temporary files created during the software installation process. This can be done by documenting the installation steps and noting which files are marked as temporary by the installer.
- The IT team should set up a script or use existing tools to automatically delete these temporary files after the installation is complete. This ensures the files are removed without the need for manual intervention every time.
- System owners should verify that the script or tool is correctly configured to remove the temporary files. This can be checked by reviewing the script's configuration and conducting a test run after a software installation.
- Managers should ensure that there is a policy in place requiring the removal of temporary files post-installation. This policy should be communicated and enforced to maintain a secure and tidy system environment.
- The IT team should frequently audit installed applications to ensure no lingering temporary files exist. They can do this by checking directories commonly used for temporary storage and confirming these are empty post-installation.
Audit / evidence tips
-
Ask: documentation of the installation process: Request records that detail how the application was installed and what temporary files were generated
Good: Detailed records showing every temporary file identified during installation
-
Ask: the script or tool configuration: Request to see the configuration of the tool or script used to clean up temporary files
Good: A script with detailed, accurate entries linking to the documented temporary files
-
Ask: post-installation logs: Request logs that verify temporary files have been deleted following installation
Good: Logs that clearly show the timing and confirmation of file deletions
-
Ask: policy documentation: Request a copy of the organisation's policy on managing temporary files
Good: A documented policy outlining procedures and responsibilities for removing temporary files
-
Ask: evidence of regular audits: Request records of regular audits of installed applications to ensure compliance
Good: Regular, signed-off audit reports confirming no temporary files remain on the system
Cross-framework mappings
How ISM-1245 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| Partially meets (1) | ||
| Annex A 8.19 | ISM-1245 requires all temporary installation files and logs created during server application installation to be removed after installation | |