A universally valid approach for the IT
Companies nowadays are confronted with an immense amount of legal regulations and requirements. The huge number of requirements is almost unmanageable even for smaller companies. The question is now: How should the corporate IT departments handle this challenge?
A vast number of laws and legal guidelines defines the requirements in terms of the usage and storage of information. These regulations have their origin in the areas of taxation laws, data protection, product liability and many other sources.
In addition to regulations on a national level, e.g. the German Commercial Code (HGB), the German Principles of Data Access and Auditability of Digital Documents (GDPdU) and the Princiles of Standard Accounting Practices (GoB) aus Deutschland there are more national laws from the target market like the Austrian Federal Fiscal Code (BOA) or the US American Sarbane-Oxley-Act (SOX).
Morever, there are even more function-specific regulations related with the handling of information like the Securities Trading Act and industry-specific regulations such as Basel II or HIPPA. In addition to that, further internal rules and Codes of Conduct exist within companies as well.
The corporate IT must fail if it tries to meet all these requirements on an individual basis. Moreover, a universal approach is needed that fulfills the core requirements.
Identify those files relevant for compliance with dg classification.