The organization must have measures and operating methods for the safe storage of incoming information, information being processed and outgoing information. Storage should take into account:
All stored information must be protected against theft, modification and destruction or any other event that affects their confidentiality, integrity or availability.