« Compliance for Oil & Gas
IT governance models and approaches »

Email archiving and retention management

The need for compliance is driven by various governmental and regulatory demands. The high profile acts of today include SEC, Sarbanes-Oxley and Basel II which were primarily driven by experiences of email mismanagement. The UK and US Freedom of Information Act laws have increased the visibility of email retention and accessibility during 2005. Legislation commonly calls for retention periods but may demand deletion following expiration of the retention period.

C2C system in his paper said that the requirement is usually to copy away all emails relating to subjects, departments or individuals before a user has a chance to manipulate or delete the information, providing a fully secure and audited record of email activity. System performance and selective retention have nothing to do with compliance; a solution to aid compliance is generally working behind the scenes, invisible to the end-user and with the archived copies accessible only by certain permitted Officers. Regulations are requiring various industries to store electronic information for a period of time. These new standards are pushing the need to archive.

Non-compliance with regulations is serious. In December 2002, The Securities and Exchange Commission, the New York Stock Exchange and NASD fined five firms a total of $8.25 million for failure to preserve email communications. Each of the firms - Deutsche Bank Securities Inc.; Goldman, Sachs & Co.; Morgan Stanley & Co. Incorporated; Salomon Smith Barney Inc.; and U.S. Bancorp Piper Jaffray Inc. - consented (without admitting or denying the allegations) to findings that each failed to preserve for a period of three years, and/or preserve in an accessible place for two years, electronic communications relating to the business of the firm, including interoffice memoranda and communications.

Drivers to Archive
Three basic requirements are commonly expressed when email administrators are asked about their needs
for archiving. These being:

  • To aid the organization in meeting legal requirements (Compliance)
  • To improve system performance (Capacity)
  • To manage the retention of corporate information (e-Policy)

When we ask administrators for their key requirements within each of these areas, their answers generally cover the following. Your organization is probably no exception.

Compliance

  • Assist compliance with regulatory requirements
  • Reduce the legal risks associated with emails
  • Improve the awareness to the organization of legal exposure
  • Ability to store, search and retrieve emails
  • Enable secure and audited trails of email activity

Capacity

  • Improve the email system performance
  • Reduce mailbox and information store size
  • Meet and improve Service Level Agreements (SLAs)
  • Reduce back-up/restore times
  • Integrate with storage and Information Lifecycle Management (ILM) strategy

e-Policy

  • Enforce company e-Policy to retain and / or delete email
  • Reduce legal exposure
  • Tailor retention policies to organizational needs
  • Analyze email and take centralized decisions and actions

Popularity: 73% [?]

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • StumbleUpon
  • Digg
  • del.icio.us
  • Technorati
  • Sphinn
  • Facebook
  • Mixx
  • Google
  • blinkbits
  • BlinkList
  • NewsVine

This entry was posted on Thursday, April 17th, 2008 at 8:11 pm and is filed under article. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply