Which statement describes system registration?

System registration is the formal process of documenting a system so the organization can see what exists, how it functions at a high level, and what security considerations it introduces. The statement describing a System Registration Declaration fits this idea because it explicitly captures the system’s existence, its key characteristics, and the security implications for the organization. This official record supports asset management, risk assessment, and the assignment of appropriate controls and responsibilities, ensuring the system is included in governance, authorization, and ongoing change management. Other options focus on different areas: a Decommission and Data Retention Policy deals with end-of-life handling and data preservation or disposal, not the act of registering a system. A User Access Review Schedule centers on reviewing who can access systems, which is about access control rather than documenting the system itself. A Hardware Inventory Log tracks physical assets but does not establish the formal security registration and its implications.