Microsoft Logo
Choose your Role
 
Skip navigation links
Home
Get ReadyExpand Get Ready
EngineerExpand Engineer
AdoptExpand Adopt
ReleaseExpand Release
All Topics
Find Resources
 

Planning for Compliance

Ask most executives about their most pressing business issue and they may bring up compliance. Organizations today face more regulation than ever before. And the penalties for failing to protect data are steep.

Microsoft Office SharePoint Server 2007, however, can help ease the regulatory burden. It includes a number of features that can help you make data more secure. It also makes it easier to manage security policies, a requirement for many businesses.

While the data protection laws vary from country to country, there are several common pillars:

  • Confidentiality. Confidential, personal, and sensitive information cannot be exposed to unauthorized organizations or individuals.


  • Integrity. Data cannot be modified by unauthorized organizations or individuals, and the completeness and accuracy are critical.

  • Availability. Information must be available to the right people at the right time to support timely and accurate financial reporting and to fulfill demands for information by regulators, investigators, and court subpoenas.

  • Procedural rigor. An organization must also be able to prove that it performed compliance procedures when needed and that its technology controls were active and they performed throughout the period in question.

  • Auditing and Logging. Auditing and logging trace how individuals access and use resources and the execute business procedures. Systems that process sensitive data must securely log, maintain, and provide critical event information to ensure a clear audit trail.

Complying with all that regulation can be incredibly time consuming and burden employees with bureaucratic documentation. Microsoft Office SharePoint Server 2007, however, provides features that can help protect data, document your security efforts, and make it easier to audit your policies.

Doing nothing, however, is not an option. If you do not provide a means for employees to share information, they will do so on an ad hoc basis. That will make it exponentially more difficult to secure data and to track information needed in an audit.

Early in your deployment, you should consult with your organization’s legal resources to determine your requirements. Once you know what your responsibilities are, you can design a solution using the features in Office SharePoint Server 2007.

A little planning now can help spare you from the pain of an embarrassing security breach, combing various servers looking for information needed in a lawsuit, or having to track down individual employees to audit changes made to a particular file.
     

Resource Links
Plan Information Management Policies
An information management policy is a set of rules for a type of content. Each rule in a policy is a policy feature. For example, an Information Management policy feature could specify how long a type of content should be retained, or it could provide document auditing. Information management policies enable you to control who can access your organizational information, what they can do with it, and how long the information should be retained.
Advanced lectures and white papers
Watch lectures delivered by experts in Microsoft Office SharePoint Server 2007, and download and read supporting white papers. Has information about governance and compliance.
Addressing Sarbanes-Oxley Challenges
The Sarbanes-Oxley (SOX) Act of 2002 affects all public companies with stock traded on United States exchanges. SOX solutions based on the 2007 Microsoft Office system facilitate regulatory compliance by simplifying planning and enhancing visibility of financial processes and internal controls. New process automation and workflow features reduce errors while detailed audit trails and executive dashboards help maintain system integrity—all using familiar Microsoft technologies.
SharePoint Security by ARB Security Solutions
This is a comprehensive resource to help create more secure deployments with Microsoft Office SharePoint Server 2007.  It includes sample templates, issues to consider, and software.
Governance Information for SharePoint Server 2007
Webcasts, case studies, and technical materials that help you plan your deployment with governance and compliance in mind.
Compliance Features in the 2007 Office System
This whitepaper provides a good overview of compliance requirements and features in the 2007 Office System that help you meet them. It includes step-by-step instructions for using some Office SharePoint Server 2007 features that can help with compliance issues.
© 2008 Microsoft Corporation. All rights reserved. Legal | Privacy Statement