Q. We use a data sanitization software to sanitize handsets. For data validation, another department reviews the report that is generated for each handset. The reports indicate that the data wipe has been completed and the phone has passed testing. Does this meet the requirement for validation of the data sanitization process?