If it were me, I would just show them my company's written security policy that states we only keep log/journal files for X number of years. As long as you have implemented that, their beef is with the owners of the policy, not the person that implements it (i.e. you). And I'm sure your company has a written security policy and that it does address data retention. Right? :-) Patrick Botz Senior Technical Staff Member IBM Lab Services, Rochester Security Architecture & Consulting, i5/OS Security Architect (507) 253-0917, T/L 553-0917 CTC Fax # 507-253-2070 email: botz@xxxxxxxxxx For more information on CTC, visit our website at http://www.ibm.com/eserver/services http://www.ibm.com/servers/eserver/services security400-bounces@xxxxxxxxxxxx wrote on 08/23/2006 01:16:02 PM:
I have to echo John's interpretation - Auditors are simply the interpreters of SOX (especially section 404) and their interpretation is subject to debate. If an Auditor "tells you" that something must be just so, understand that their interpretation is subject to debate. If they say you must hold on to data for 7 years (as a title company this could be legitimate), you have to respond to their request. But you don't necessarily have to tow the line. If I were you, I would simply do the preliminary design of a system that could store and hold 7 years of audit journal data. You will have to be able to restore it to your systems (which would argue for saving the receivers with storage free'd rather than deleting the old receivers), process a typical request, and produce the reports in a readable fashion. Don't try and do it on the cheap, because if you say that you will be able to do it, you can expect people to hold you to that commitment. Just lay out the costs, time, resources, and other requirements and then let the business leaders make a judgment on what this level of SOX compliance is worth to them. jte -- John Earl | Chief Technology Officer The PowerTech Group 19426 68th Ave. S Seattle, WA 98032 (253) 872-7788 ext. 302 john.earl@xxxxxxxxxxxxx www.powertech.com Celebrating our 10th Anniversary Year!