• 05/29/2007
    11:05 PM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Audit Pins & Needles

What storage needs is a broad, precedent-setting enforcement action on compliance to set some boundaries
"SOX will be expanded to include private companies within five years," predicted a storage user at last week's Interop conference.

Vegas delusions or insider wisdom?

Either way, the prediction underscored an aspect of data management and compliance: There's no real roadmap for what regulators are looking for today, much less five years from now.

When I asked a couple of users if they build audit logs a certain way or follow any sort of template, they essentially shrugged. Unlike with tax returns or quarterly filings, there are no "generally accepted accounting principles" where Sarbanes-Oxley, HIPAA, or SB 1386 are concerned.

Efforts are underway to streamline SOX reporting and help companies focus more on ledger fraud and accounting irregularities than backup issues. (See New Rules May Ease SOX Audits.) But this is unlikely to mute the complaints about the additional expense SOX and other compliance reporting imposes on companies, public or private.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments