Q

Does SOX (under Section 404) mandate that we archive e-mail?

As a publicly traded company does SOX (under Section 404) mandate that we archive e-mail? I know Section 802 requires it for public accounting firms. Also, the SEC rules require it of securities brokers and traders, but do we face the same regulations? Section 404 of the Sarbanes-Oxley Act, and the regulations there under, do not specifically speak of retaining e-mail records. They call for internal controls over financial reporting....

Those controls include the idea that records will be maintained to show such things as how assets were disposed of. Thus, the records contemplated under 404 can include certain e-mail records. (Read the regulations at http://www.sec.gov/rules/final/33-8238.htm). But neither Section 404 nor the regulations, say something like 'all e-mail must be retained for seven years.'

None of Mr. Wright's statements on SearchSecurity.com are legal advice for any particular situation. If you need legal advice, you should consult a lawyer.

This was first published in June 2004

Dig deeper on Sarbanes-Oxley Act

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close