Few things strike fear in the hearts of business owners like seeing the word “audit” come across your desk.

Audit fees can average over $100,000¹ for small businesses by some estimates. It’s a nerve-wracking and time-consuming process even if your accounting practices are all above board and you keep immaculate records.

However, auditing doesn’t need to induce panic. Any small business owner knows how difficult it can be to keep track of all the documents and information that your company creates. The common lack of understanding about how, when and by whom documents and other information are being edited, duplicated, moved or deleted can make proper oversight a challenge. This is where the concept of information audit trails comes in.

The common lack of understanding about how, when and by whom documents and other information are being edited, duplicated, moved or deleted can make proper oversight a challenge.

The need for a (digital) paper trail

Consider this hypothetical situation: your company has lost a major customer and is forced to lay off a portion of your sales staff. Before everyone has left, one disgruntled employee casually prints a number of sensitive documents (e.g., customer contacts, financial records, sales data, etc.) and slips them into his briefcase. Would you have any way of identifying who had taken these records? Would you even know that anything was stolen in the first place?

For most businesses, the answer is most likely no. Information flows in and out with little to no visibility on the part of IT administrators or business leaders. The issue extends beyond willful wrongdoing as well. Increased insight into the path a document takes can go a long way towards curbing accidental misplacement of documents and version control issues.

An information audit offers an effective and straightforward solution by providing step-by-step documentation of a given file’s history. This level of insight is critical for organizations that face stringent compliance regulation, but can also be incredibly valuable for companies in less-regulated industries.

The necessary ingredients

Implementing the right document and content management solution can ensure that each employee has an appropriate level of access to sensitive information. It also provides intelligence about how, when and by whom these documents are being viewed or edited, allowing for quick diagnosis in the event of an issue.

But, many of the most sensitive documents, such as contracts and others that require a signature, often begin and end at the office printer/scanner. To ensure you have visibility into how these documents are created, accessed and transmitted you’ll need a multi-function printer that requires a login at the time of use. Such a device can record who printed or scanned a document, as well as the date and time and where it was sent.

Beyond information auditing

The last piece of the puzzle is digitizing any of your company’s sensitive paper-based records to ensure that they can be subject to the same level of protection and scrutiny. Some precautions to take:

Restricting printing or screen captures of documents
A printed watermark on the document identifying who printed it and when
The ability to instantly change privileges to/from view or printSetting a date range for access, so the document can no longer be opened after (or before) a certain date.

Governing content

Digitization of your information can make or break an audit.

Learn more

Keeping files in a locked cabinet is certainly a deterrent but there’s no way to know when these documents have been accessed. This process can be easily outsourced to document conversion specialists, taking the hassle out going digital with your files.

¹ Matthew Heller. "Small Firms Pay Bigger Slice of Revenue in Audit Fees." CFO Magazine. February 26, 2015. http://ww2.cfo.com/auditing/2015/02/small-firms-pay-bigger-slice-revenue-audit-fees/

When an audit is a good thing