diff --git a/README.md b/README.md
index 572502d..5cb1e44 100644
--- a/README.md
+++ b/README.md
@@ -158,6 +158,8 @@ In order to generate a new master key after you've changed your user key as ment
 
 ## Finishing touches
 
+### Confirm master key change
+
 Just to confirm that the master key has changed run this command. It takes a moment to output data:
 
 ```
@@ -166,6 +168,29 @@ zfs send --raw zpool/root/archlinux-frn@rekey | zstream dump | sed -n -e '/crypt
 
 Repeat for source dataset `zpool/root/archlinux-sxu@rekey`. You're particularly interested in parameters `DSL_CRYPTO_MASTER_KEY_1` and the initialization vector `DSL_CRYPTO_IV`. Notice that they differ between old and new dataset confirming that your new dataset has a new master key.
 
+### Unmap/TRIM
+
+Next up unmap/TRIM unallocated disk areas. If your zpool runs on an entire disk and not just on a partition, and if your disk supports TRIM you're going to want to do:
+```
+zpool trim --secure zpool
+```
+
+The next best alternative is to instead do:
+```
+zpool initialize zpool
+```
+
+View status with either one of:
+```
+# With TRIM status
+zpool status -t zpool
+
+# Without TRIM status
+zpool status zpool
+```
+
+### Clean-up
+
 Optionally you may want to clean up:
 
 1. In newly keyed/reencrypted system dataset destroy its snapshot