Security Due Diligence audit using Virtual Data Room - security in your company

As companies develop, they inevitably come to the point where control of their functioning in the form of an audit (e.g. financial, tax, legal) is unavoidable, and the relevant departments of the company are obliged to manage such a process. It is not always an easy undertaking as each audit requires making company documents available to external entities – auditors, as well as financial, legal and tax advisors. These documents are often confidential or of particular significance to the company. It is crucial that they are accessed only by authorized persons and solely for the duration of the audit.

Some companies, being the advocates of the traditional way of auditing, still keep their documentation only in paper form. They also find inviting audit firms to their headquarters the only reasonable solution. Business owners feel that in this way they have everything under control and the important documentation is well-protected as it never leaves the company premises. But is it effective? In my judgment, not entirely. Not only does it involve paying auditors’ travel and delegation expenses, but the audit also simply takes longer.

Definitely more frequently the company’s documentation is shared with auditors in electronic form online – e.g. via email or company FTP servers. It is, undoubtedly, a much more effective solution as auditors can work comfortably from their offices and the audit lasts shorter. The question that arises here, though, is whether this is the most secure way of sharing sensitive files? Do we sufficiently protect the content of the documents when we send them via email? Can we be sure that confidential data will not fall into the wrong hands? There is always a risk of human error, i.e. sending documents to unauthorized parties by mistake or lack of control over the documentation after it has been sent to auditors. Even company FTP servers do not prevent such risks.

The process of sharing confidential information can be greatly improved by using Virtual Data Room – a system dedicated to carrying out due diligence or audit securely. VDR is a web-based application that makes online documentation sharing a safe and controlled process. Within one document repository, only authorized users can have access to the shared files: at the same time, from any place and 24/7.

The Data Room does not require any implementation or interference in the company’s IT infrastructure and, as a matter of fact, the client does not need to have advanced IT knowledge to start using the Data Room. The system is available through a web browser – immediately after the purchase. All the users need is a device with access to the Internet. Unlike running an FTP server, there is no need to involve IT specialists, and the users will easily find their way in the system. The Data Room is intuitive, extremely easy to use and has a user-friendly interface.

For the audited companies, an important advantage of placing documentation in the Data Room is the ability to differentiate access rights to it for individual auditors. Within one repository, for instance, the auditors can be granted access only to specific files and thematic areas, or only view the documentation in the read-only mode. Unlike sending documents via email, Virtual Data Room minimizes the risk of error, such as sending information to the wrong recipient, and allows you to share one repository to different audit firms at the same time independently, who are unbeknownst to each other. It also allows you to maintain full control over the process and protect the information contained in documents. Applications like Virtual Data Room have built-in activity reports, making it easy to keep track of what has been made available to whom and to what extent. Reports also give you control over the progress of work on the shared documentation. Thanks to them, the audited entity monitors who viewed which files, how much time they spent on each document and from what IP address they were logged in. It allows you to protect confidential data included in the documents in multiple ways. You can find more information about the VDR data security mechanisms in the article Everything you should know about Virtual Data Room.

On the other hand, auditing with the use of Data Room means, above all, comfort and proper ordering of the work process to the auditing company – documents are clearly structured, automatically numbered and located in one place. Virtual Data Room mechanisms allow to search for documents by title and keywords contained in the content of the document. Audit managers can efficiently supervise each stage of the project implementation, even if the auditors are located in remote areas. Furthermore, the application has a built-in module for confidential communication, thanks to which you can ask questions concerning specific files or conduct a confidential dialogue with the user.