A universally valid approach for the IT
Companies nowadays are confronted with an immense amount of legal regulations and requirements. The huge number of requirements is almost unmanageable even for smaller companies. The question is now: How should the corporate IT departments handle this challenge?
A vast number of laws and legal guidelines defines the requirements in terms of the usage and storage of information. These regulations have their origin in the areas of taxation laws, data protection, product liability and many other sources.
In addition to regulations on a national level, e.g. the German Commercial Code (HGB), the German Principles of Data Access and Auditability of Digital Documents (GDPdU) and the Princiles of Standard Accounting Practices (GoB) aus Deutschland there are more national laws from the target market like the Austrian Federal Fiscal Code (BOA) or the US American Sarbane-Oxley-Act (SOX).
Morever, there are even more function-specific regulations related with the handling of information like the Securities Trading Act and industry-specific regulations such as Basel II or HIPPA. In addition to that, further internal rules and Codes of Conduct exist within companies as well.
The corporate IT must fail if it tries to meet all these requirements on an individual basis. Moreover, a universal approach is needed that fulfills the core requirements.
Compliance requirements as well as legal regulations can be fulfilled through the implementation of a company-wide archiving and Compliance infrastructure. From an IT perspective, the Compliance requirements can summarized in three points:
- The possibilty to archive selected pieces of information such as documents,
files, data and e-mails in a revision-proof and long-term way.
- The creation of powerful search and research functionalites.
- The opportunity to record access times to these data.
The archiving methods can be introduced step by step in departments or business areas in addition to the fundamental company-wide archiving process right after the corresponding requirements have been clearly defined by the business departments. Apart from the storage of the information, the archiving method has another advantage: relevant information can be found quickly, securely and entirely thanks to the powerful research functionalities.
Identify those files relevant for compliance with dg classification.