Formulating a backup policy for data generated by terminated employees.
Compliance checklist, Data backup, data retention, Data Retention Policy, IT Compliance, Sarbanes-Oxley Act
Our company is trying to use best practices where possible to formulate a policy to cover the backup, storage, security, retrieval and retention of data from the PCs, home drives and Exchange mailboxes of employees that have terminated employment. Our company is publicly traded so the Sarbanes-Oxley (SOX) Act is relevant and we do have trade secrets to protect. Can someone suggest some places to look for best practices for this specific part of our backup strategy?
Software/Hardware used:
Software/Hardware used:
ASKED:
November 18, 2009 5:34 PM
UPDATED:
November 30, 2009 7:40 PM
Answer Wiki:
you can get relevant contents on the net, but i am sure you will not be able to find out a clear cut solution for you. the solution has to come out of your organization think tank only but sitting, discussing and deciding what and how much of your data you need to protect.
Refer to following links for further guidance:
www.sarbanes-oxley.com/
www.sarbanes-oxley-forum.com/
www.soxtoolkit.com/
www.sox-online.com/
http://thecaq.aicpa.org/Resources/
www.insidesarbanesoxley.com/
www.s-ox.com
http://knowledgehills.com/Sarbanes/sarbanes-oxley.aspx
To see all answers submitted to the Answer Wiki: View Answer History.
This would start with data classification and knowing what’s where. Here are some articles I’ve written on data classification, retention, and policies that can help you get rolling.