Sarbanes-Oxley, Gramm-Leach-Bliley, HIPPAA and many other U.S.A. based legal-regulatory requirements require demonstration of compliance and the necessary paper trail of records. Then what are we to do with all the records that are stored (small, medium or large office)?
Brian Hettrick,GOB Secretariat indicates that SOx and similar regulations may well propitiate the next generation of auditing, as long as the law remains on the books.
The International Organization for Standardization publishes another of its management schemes, ISO 23081 as guidance for storage of records while concurrent use on-line. Another standard that relates to ISO 23081 is ISO 15489 (Information and Documentation - Record Management"). ISO 15489 address relevance of records-management that derive from business processes, as well address metadata.
ISO 23081 intent is to provide a basis for an effective management of records protocol but also to enhance record management. ISO 23081 provides to seek opportunities to reduce risks, manage cost effectively, et al hopefully better corporate governance while addressing applicable laws.