Hi Jan, Ever since these 'financial accountability' laws were passed in many countries, companies have been trying to comply. In the US this law was the Sarbanes-Oxley Act with other countries having their own version of this law. And shortly thereafter companies began having 'SOX' audits as they became known, by major financial accounting firms such as PWC and others. Part of the audits involved certain social, operational and technical tests to see whether there were ways to change any data on the legal business transaction documents stored in the company's systems. I think every company initially failed these tests. In reviewing the failures it became clear that part of the problem was that there was a different set of requirements regarding the running application and it's operational and security needs and the SOX requirements for preserving the legal historical record for the business transactons of the business and its operational and security needs. This is why these companies almost universally decided to utilize a system whereby the legal historical business documents would be stored in a separate PDF+metatdata system that had it's own operational and security restrictions that was far tighter than the security of the running application systems. And this also was the only way that they were able to successfully pass the US SOX audits and comply with the law.
Regards, Gerry -------------------- m2f -------------------- -- http://www.openobject.com/forum/viewtopic.php?p=31498#31498 -------------------- m2f -------------------- _______________________________________________ Tinyerp-users mailing list http://tiny.be/mailman/listinfo/tinyerp-users
