What is audit-proof archiving?
Contact usArchive documents in a legally compliant manner
Companies are required by law to store business-related documents in accordance with defined criteria. This includes documents such as invoices, receipts and contracts. However, efficient digital archiving is also essential these days in terms of data security. Audit-proof archiving provides companies with the tools they need to meet these requirements.
What is audit-proof archiving?
Audit-proof archiving means that a document is stored in such a way that it is protected against changes. The document is available for a specified period of time in the state in which it was initially received by the company. If changes are made to the document, this is done on a copy of the document – the original remains untouched.
Audit-proof archiving is an important process in terms of legal and regulatory requirements relating to the provability and traceability of data. These criteria must be met, as certain retention periods apply to business documents, which companies must adhere to when archiving.
Examples of retention periods for tax-relevant documents*
For example, a 6-year retention period applies to tax-relevant documents such as
- Contracts,
- Order confirmations,
- Insurance policies and
- Reminders.
A retention period of 10 years applies to documents such as
- Annual financial statements,
- Inventories,
- Opening balance sheets and
- Invoices
*Note: This article does not constitute legal advice on the correct archiving of business documents. Also, exact requirements may vary by country, industry and type of business. It is important to consider applicable laws and regulations and possibly consult legal or industry experts to ensure that audit-proof archiving meets the required standards.
What does GoBD mean?
The principles for digital archivingare set out in the GoBD. The abbreviation stands for Principles for the proper keeping and storage of books, records and documents in electronic form. The GoBD applies to companies, freelancers and the self-employed.
To enable audit compliance in accordance with GoBD, the document management system (DMS) used must fulfill the following archiving principles:
- Traceability and verifiability
- Completeness
- Correctness
- Order
- Timely bookings and records
- Immutability
Why must archiving be audit-proof?
Overall, audit-proof archiving is an indispensable part of information management for companies and organizations to ensure the integrity, availability and provability of their data.
Companies must adhere to legal regulations and compliance standards that require audit-proof archiving. This includes laws such as the General Data Protection Regulation (GDPR) or industry-specific regulations.
Audit-proof archiving ensures that information cannot be changed retrospectively. This is crucial to ensure that data can be proven in the event of legal disputes or audits.
Audit-proof archiving ensures that data remains unchanged and tamper-proof throughout its entire life cycle. This helps to preserve the integrity and authenticity of the data.
A lot of information has to be stored for long periods of time, whether for legal reasons or for historical purposes. Audit-proof archiving ensures that this data remains accessible and readable for many years to come.
By ensuring that data is archived in an audit-proof manner, companies can minimize the risk of data loss, corruption or manipulation, which in turn strengthens the trust of customers, partners and regulatory authorities.
Advantages of audit-proof archiving for companies
Legal certainty
The GoBD and the GDPR (keyword “data protection”) provide clear rules for companies by regulating the handling of documents and personal data. A document management system with the option of audit-proof archiving helps those affected to adequately comply with these rules. The different deadlines that apply to the different document types can also be easily taken into account.
Customizable rights concept
Not every document should be able to be viewed or even edited by every employee. A customizable rights concept makes it possible to distribute access and editing rights so that documents are optimally protected
Simple integration into existing systems
A DMS including archiving software that enables audit compliance can usually be easily integrated into the existing IT system landscape. Interfaces to various applications allow documents to be easily integrated and archived in an audit-proof manner if required.
Tamper protection in audit-proof archiving
Documents cannot be changed or deleted as they are saved as read-only. Changes are logged as new versions and access is recorded without gaps. Strict access rights and authentication secure access, while redundant storage and regular backups protect the data from loss. This ensures the integrity of the documents.
Which documents must be archived in an audit-proof manner?
Whether a document must be archived in an audit-proof manner depends on various factors, including the industry-specific requirements and legal regulations that apply to the company.
Audit-proof archiving with a document management system
A document management system (DMS) is the foundation for the digital workplace. It contains the digital archive in which all of the company’s relevant documents are stored. Digital archiving is therefore not an isolated piece of software, but a component of a DMS.
The typical life cycle of a document in a DMS or Enterprise Content Management System (ECM) is shown below:
Contact us now