ATA Secure Erase is a firmware command that triggers a complete wipe of all data on an SSD or HDD. The command is executed directly by the drive’s firmware and reaches areas that are not visible to the operating system.
In an ISMS, ATA Secure Erase is relevant to ISO 27001 Annex A controls A.7.14 (Secure Disposal or Re-Use of Equipment) and A.8.10 (Information Deletion). Before transferring, selling, or disposing of storage media, you must ensure that no confidential data can be reconstructed. For SSDs, simple overwriting is unreliable due to wear leveling and overprovisioning — ATA Secure Erase is the manufacturer-intended method. Document the erasure process as audit evidence.