What is the Sarbanes-Oxley Act?

The information in this article applies to:

• GFI MailArchiver for Exchange 2
• GFI MailArchiver for Exchange 3
• GFI MailArchiver for Exchange 4
• GFI MailArchiver for Exchange 5
• GFI MailArchiver for Exchange 6

Article ID: KBID002204

Query keywords:

The Sarbanes-Oxley Act of 2002 was passed following the numerous high-profile corporate scandals over the past few years. This legislation was designed to improve the accountability and transparency of public companies and their auditors. It requires the implementation of sound information and records management practices that ensure the trustworthiness of business records and financial statements.

The Sarbanes-Oxley Act tightened security disclosure requirements, increased regulatory oversight of auditing firms, and has created new federal crimes and increased penalties for existing federal crimes.

Although the Sarbanes-Oxley Act is targeted at public companies and their auditors, it is advisable that all organizations should institute and adhere to systematic records management, including email retention policies and practices. Companies should therefore ensure that all inbound and outbound emails particularly those pertaining to an audit or review be kept for a period of seven years, during which time these records must be non-erasable and non-rewritable.

For more information about the Sarbanes-Oxley Act please see http://www.sarbanes-oxley.com/ and http://cpcaf.aicpa.org/Resources/Sarbanes+Oxley/. See also 'What are the legal requirements for email archiving?' at KBID002205.