What is Digg?Sponsored by The Fourth Kind
What does 3:33 AM mean to you? view!
facebook.com - People have reported alien encounters taking place at 3:33AM. Do you believe? The Fourth Kind - Now Playing.
1 Comments
- bdognet, on 10/12/2007, -0/+0Executive Summary:
By far, the most important issues facing Information Technology (IT) managers this year are compliance and business continuity/disaster recovery. Public companies are subject to a variety of compliance and regulatory issues, such as Sarbanes-Oxley (SOX). IT must develop processes and solutions to support their company’s overall compliance strategy. E-Mail retention is a specific subset of the total compliance obligations a typical public company faces, but the risks involved with non-compliance are not well understood by most. Historically, businesses have considered document retention to be a liability.
The general rule of thumb was to keep documents the least amount of time possible.
Current compliance obligations are requiring companies to re-think this approach. SOX section 802 imposes criminal liabilities on the improper destruction of business documents. This change in attitude presents a unique problem for IT with regard to e-mail. Other documents, such as paper documents and documents on file shares, can be controlled by policy. File shares can be backed up and archived. Delete rights for individual files can be controlled. E-mail is different. Users typically have complete autonomy over message retention. Some messages are deleted immediately, thus they bypass scheduled backups. Other messages are kept too long, going beyond the business need and the compliance requirement for retention. IT must design e-mail systems that enforce company archive and retention policies regardless of user actions.
This paper contains a generic design of a compliance-focused e-mail system, supported by analysis of the users of the system and their compliance-related requirements. The conclusion of this paper includes a 30-point checklist that can be used to measure existing mail systems and evaluate new products. Compliance is a process, not an event. While this paper is a useful guide, it is a snapshot in time. IT managers must stay abreast of changing regulatory requirements, update the compliance checklist, and re-evaluate their systems on at least an annual basis.
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is