Are you ready for new compliance rules?


This article can also be found in the Premium Editorial Download "Storage magazine: Using file virtualization to improve network-attached storage."

Download it now to read this article plus other related content.

Most compliance regulations stress that organizations have well-documented processes for storing and retrieving company records. Technology can help, but it's only part of the solution.

Selecting a storage product to improve your organization's compliance is like putting the cart before the horse. Before you evaluate products, you need to understand the business requirements and objectives of managing your data; the types of data your compliance program must address; and the legal, regulatory and business requirements for storing, retrieving and deleting data.

Legal and regulatory compliance requirements are changing electronic data retention and storage rules. New and revised laws dictate how securely certain records must be stored, how long they must be kept and even how quickly they must be retrieved. Your company's in-house legal team or outside counsel will play an important role in crafting a storage compliance policy that will be defensible and workable.

Financial reporting laws: Many laws and regulations require companies to retain financial records and report them to agencies such as tax authorities and securities regulators. The Sarbanes-Oxley Act (SOX) reinforces those requirements with additional controls and stronger penalties for noncompliance. Contrary to some vendor claims, SOX doesn't directly require longer retention of most financial records. However, it does require outside auditors to keep their work papers

Requires Free Membership to View

for seven years, which may require a public company's internal records to meet that standard. These retention requirements can apply to enterprise resource planning (ERP) database records; scanned documents such as invoices and contracts; spreadsheets and document files in file shares or document management systems; and even relevant email messages if they haven't been captured in some other form. Some of these records may also be subject to different retention periods set by additional laws or internal policies.

This was first published in March 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: