SharePoint Archiving

Secure Archiving with SharePoint / Microsoft 365

The AuditProof Add-on enables easy use of SharePoint as a secure and legally admissible e-archive. Simple installation without additional hardware.

  • Less costs and expenditures
  • GAAB compliance for Austria and Germany according to IDW PS880

  • Compatible with backup and BLOB-offloading solutions

Overview

Legally Compliant Document Archiving

As of version 2010, auditors generally confirm that SharePoint can be used as a legally compliant e-archive for storing documents, especially electronic invoices, under certain conditions. However, a closer look reveals that a concrete, compliant implementation requires detailed expertise, complex configuration, and extensive organizational measures. With our AuditProof Add-on, you can solve this problem easily and sustainably.

Secure Mode

Automatic Monitoring

After installation, SharePoint is put into a “secure” mode and is automatically monitored to ensure it remains so. This minimizes the necessary organizational measures. Digital signatures with timestamps on all documents additionally ensure their integrity.

Screenshots

How it Works

1. AuditProof eArchive homepage
2. Clear dashboard
3. Invoice overview in the AuditProof eArchive
4. AuditProof report for each document
Benefits

Benefits of the Solution

Efficiency

You do not need additional hardware, resulting in significant cost savings. The easy-to-install add-on also does not require high organizational effort.

User-friendly

Benefit from high transparency and user-friendliness. You can start without lengthy training.

GAAB Compliance

The solution is GAAB compliant for Austria and Germany according to IDW PS880, verified by one of the Big Four auditors.

Compliance

Why is legally compliant archiving of relevant electronic documents and records so important?

On one hand, it is in the company’s own interest to store business-relevant documents in a way that protects them from unauthorized deletion or manipulation. On the other hand, in Austria and Germany, the respective corporate and tax laws have specific requirements regarding the quality and duration of the storage of certain documents.

Compliance with these requirements is typically reviewed by internal auditing (if present) and an appointed auditor during regular audits. On the other hand, from a risk perspective, the tax office’s auditor in the event of a tax audit is probably even more important.

These requirements include, for example…

• The Austrian Commercial Code (UGB), especially §§ 190 and 216,
• The Federal Fiscal Code (BAO), especially §§ 131 and 132,
• The principles of proper accounting (GoB),
• The Data Protection Act (DSG), especially § 14, and
• The expert opinions “The Properness of EDP-Based Accounting” (KFS/DV1) and “Audit of Financial Statements with the Use of Information Technology” (KFS/DV2) of the Expert Committee for Data Processing of the Institute for Business Management, Tax Law, and Organization of the Chamber of Certified Public Accountants.

• The legal provisions of German commercial and tax law (especially §§ 238 ff. HGB and §§ 140-148 AO),
• The principles of proper accounting (GoB),
• The BMF letter regarding the “Principles of Proper DV-Supported Accounting Systems (GoBS)” dated November 7, 1995,
• The BMF letter on the “Principles for Data Access and Auditability of Digital Documents” (GDPdU) dated July 16, 2001, taking into account the amendment of the BMF letter dated September 14, 2012,
• The statement of the Committee on Information Technology (FAIT) of the Institute of Public Auditors in Germany e.V. (IDW) “Principles of Proper Accounting with the Use of Information Technology” (IDW RS FAIT 1),
• The statement of the Committee on Information Technology (FAIT) of the Institute of Public Auditors in Germany e.V. (IDW) “Principles of Proper Accounting with the Use of Electronic Archiving Systems” (IDW RS FAIT 3),
• IDW Audit Standard 330 of the Main Committee of the Institute of Public Auditors in Germany e.V. (IDW) “Audit of Financial Statements with the Use of Information Technology” (IDW PS 330), and
• IDW Audit Standard 880 of the Main Committee of the Institute of Public Auditors in Germany e.V. (IDW) “Audit of Software Products” (IDW PS 880) in the version dated March 11, 2010.

FAQ

Electronic archiving is the digital storage of documents and information in electronic form. If the documents are not already available in digital form but in physical form, they are first scanned and read out. The data is then stored in an electronic archiving system, which ensures that the documents are tamper-proof, readable and retrievable in the long term.

Archiving systems are software solutions for the electronic archiving of documents and information. They enable the storage, indexing and efficient searching of documents. They also ensure that archiving as part of legally compliant document management is audit-proof and therefore protected against tampering.

Data carriers with the highest possible long-term stability and reliability are suitable. Among others:

  • Hard drives with special archiving technology
  • Optical storage media such as DVDs or Blu-Ray discs, especially M-Discs, which have a longer service life
  • Magnetic tapes that can be used for long-term archiving of large amounts of data

A document is audit-proof if it is verifiably unalterable and protected against manipulation. This means that all changes to a document can be traced at any time. In order to guarantee this revision security, documents must be archived in accordance with legal requirements that ensure their integrity and authenticity. With the right precautions, Microsoft SharePoint, for example, is audit-proof.

In our view, the records management features of SharePoint Online can fulfil the necessary requirements for compliance-compliant, audit-proof archiving of documents. As of version 2010, one of the four leading auditors has confirmed the basic suitability of SharePoint archiving (i.e. GoB conformity), although extensive expertise is still required for the correct configuration. A simple way to implement audit-proof archiving in SharePoint is to use a specific solution, such as our AuditProof add-on.

In principle, the same regulations apply to electronic invoices as to paper invoices: the invoices must be stored together with the associated release documentation (audit trail), ensuring all requirements for authenticity, integrity and legibility (see GoB = generally accepted accounting principles) by both the issuing and the receiving company for the mandatory period (7 years). A faithful reproduction of e-invoices is not required.

  • Authenticity of origin: the certainty of the identity of the supplying company or the invoice issuer.
  • Integrity of the content: the information required under Section 11 UStG has not been changed.
  • Legibility: the content is comprehensible and understandable for humans.

In the case of electronic archiving, the archiving system used must be able to fulfil these requirements and be audit-proof. The company and tax laws of the individual countries contain further specific requirements regarding the quality and duration of the (audit-proof) storage of documents.

Blog

More Information

April 3, 2025

Automated Invoice Processing: 5 Important Functions

March 10, 2025

Automatic Account Assignment & Invoice Assignment Explained Simply

January 30, 2025

E-Invoicing in Austria – the Most Important Information Summarized

January 9, 2025

Requirements for a DMS: What You Should Consider When Choosing a Document Management System

December 18, 2024

Travel Expense Report for Business Trips: Working Time, Daily Allowance, Mileage Allowance & Co

November 21, 2024

AI in Document Management: How Artificial Intelligence is Changing Document Processing

October 23, 2024

Creating an Electronic Invoice: Requirements and a Comprehensive Guide

September 19, 2024

Expenses in Germany: Everything you Need to Know About the Legal Situation, Digital Expense Reports & Important Tips

August 21, 2024

Expense Report in Austria: Everything You Need to Know

August 7, 2024

Digitisation Funding in Austria: Overview of Funding for Digitisation