SharePoint Archiving

Secure Archiving with SharePoint / Microsoft 365

The AuditProof Add-on enables easy use of SharePoint as a secure and legally admissible e-archive. Simple installation without additional hardware.

  • Less costs and expenditures
  • GAAB compliance for Austria and Germany according to IDW PS880
  • Compatible with backup and BLOB-offloading solutions

Overview

Legally Compliant Document Archiving

As of version 2010, auditors generally confirm that SharePoint can be used as a legally compliant e-archive for storing documents, especially electronic invoices, under certain conditions. However, a closer look reveals that a concrete, compliant implementation requires detailed expertise, complex configuration, and extensive organizational measures. With our AuditProof Add-on, you can solve this problem easily and sustainably.

Secure Mode

Automatic Monitoring

After installation, SharePoint is put into a “secure” mode and is automatically monitored to ensure it remains so. This minimizes the necessary organizational measures. Digital signatures with timestamps on all documents additionally ensure their integrity.

Screenshots

How it Works

Benefits

Benefits of the Solution

Efficiency

You do not need additional hardware, resulting in significant cost savings. The easy-to-install add-on also does not require high organizational effort.

User-friendly

Benefit from high transparency and user-friendliness. You can start without lengthy training.

GAAB Compliance

The solution is GAAB compliant for Austria and Germany according to IDW PS880, verified by one of the Big Four auditors.

Compliance

Why is legally compliant archiving of relevant electronic documents and records so important?

On one hand, it is in the company’s own interest to store business-relevant documents in a way that protects them from unauthorized deletion or manipulation. On the other hand, in Austria and Germany, the respective corporate and tax laws have specific requirements regarding the quality and duration of the storage of certain documents.

Compliance with these requirements is typically reviewed by internal auditing (if present) and an appointed auditor during regular audits. On the other hand, from a risk perspective, the tax office’s auditor in the event of a tax audit is probably even more important.

These requirements include, for example…

FAQ

Electronic archiving is the digital storage of documents and information in electronic form. If the documents are not already available in digital form but in physical form, they are first scanned and read out. The data is then stored in an electronic archiving system, which ensures that the documents are tamper-proof, readable and retrievable in the long term.

Archiving systems are software solutions for the electronic archiving of documents and information. They enable the storage, indexing and efficient searching of documents. They also ensure that archiving as part of legally compliant document management is audit-proof and therefore protected against tampering.

Data carriers with the highest possible long-term stability and reliability are suitable. Among others:

  • Hard drives with special archiving technology
  • Optical storage media such as DVDs or Blu-Ray discs, especially M-Discs, which have a longer service life
  • Magnetic tapes that can be used for long-term archiving of large amounts of data

A document is audit-proof if it is verifiably unalterable and protected against manipulation. This means that all changes to a document can be traced at any time. In order to guarantee this revision security, documents must be archived in accordance with legal requirements that ensure their integrity and authenticity. With the right precautions, Microsoft SharePoint, for example, is audit-proof.

In our view, the records management features of SharePoint Online can fulfil the necessary requirements for compliance-compliant, audit-proof archiving of documents. As of version 2010, one of the four leading auditors has confirmed the basic suitability of SharePoint archiving (i.e. GoB conformity), although extensive expertise is still required for the correct configuration. A simple way to implement audit-proof archiving in SharePoint is to use a specific solution, such as our AuditProof add-on.

In principle, the same regulations apply to electronic invoices as to paper invoices: the invoices must be stored together with the associated release documentation (audit trail), ensuring all requirements for authenticity, integrity and legibility (see GoB = generally accepted accounting principles) by both the issuing and the receiving company for the mandatory period (7 years). A faithful reproduction of e-invoices is not required.

  • Authenticity of origin: the certainty of the identity of the supplying company or the invoice issuer.
  • Integrity of the content: the information required under Section 11 UStG has not been changed.
  • Legibility: the content is comprehensible and understandable for humans.

In the case of electronic archiving, the archiving system used must be able to fulfil these requirements and be audit-proof. The company and tax laws of the individual countries contain further specific requirements regarding the quality and duration of the (audit-proof) storage of documents.