|
Corporate Compliance and the IT Department |
|
|
Compliance programs directly affect IT operations, policies and prcedures and IT budgets.
Organizations often leave their back-up and recovery policies and procedures up to their IT departments. What organizations forget to realize is that these programs must be aligned with their compliance initiatives. If an organization keeps a 30 day rotation of e-mail backups but they are required by law to archive e-mails longer they are putting their business at risk.
The converse is also true. IF an IT department retains their backups longer than their compliance requirements they are putting their business at risk also. In the event there is litigation against the organization the documents on these backups are now included in discovery and may be used as evidence.
CIO's need to carefully consider all options and consult with their corporate finance departments as well as their legal council to imstitute the proper programs for their organization.
Only registered users can write comments.
Please login or register. |
