Mistake 1: Using a File Server as the Archive #

The problem: A folder structure on a file server feels like an archive, but it has no immutability. Any administrator (and any attacker with admin credentials) can modify or delete records. In an audit, you cannot prove that a single document is unchanged.

The fix: Move records under statutory retention to hardware storage (for example Silent Cubes), where the system itself prevents modification and deletion for the retention period, regardless of credentials.

Mistake 2: Software WORM Without Organizational Controls #

The problem: Object locks and retention flags are software . In many configurations, privileged accounts can change policies, shorten retention, and then delete the logs that would have revealed it. Without strict separation of duties and protected audit logs, the immutability” is an assertion, not a guarantee.

The fix: For compliance data, use hardware , where no software path to the data’s integrity exists. Where software remains in use, add separation of duties, four-eyes changes, and tamper-resistant log storage.

Mistake 3: No Process Documentation #

The problem: The auditor cannot evaluate what they cannot understand. An archive without documented capture, workflow, authorization, and error-handling processes fails the orderliness requirement, even if the technology is flawless. National bookkeeping standards (in Germany, for example, the ) make this documentation explicitly mandatory.

The fix: Write and maintain process documentation covering the full chain: capture, validation, archiving, access, retention, deletion, responsibilities. Update it with every system change.

Mistake 4: Retention Periods Not Managed #

The problem: A single global retention setting is almost always wrong. Some records get deleted before their statutory period ends (an audit finding), others are kept forever (a storage-limitation violation). Retention periods differ by record type and member state; in Germany, for example, 10 years for commercial books and annual accounts, 8 years for accounting documents and invoices, 6 years for commercial correspondence.

The fix: Implement a retention table per record type with legal basis, store the retention class with each record, and automate deletion after expiry.

Mistake 5: Readability Not Ensured #

The problem: Immutable storage preserves the bits, not the ability to render them. Proprietary formats from discontinued software become unreadable within a decade, and an archive you cannot open fails the availability requirement.

The fix: Archive in long-term formats, primarily PDF/A (ISO 19005), and run periodic readability checks and format migrations where needed.

Mistake 6: Ignoring GDPR Erasure #

The problem: It is on , we cannot delete it” is not a valid answer to a data protection authority. Art. 17(3)(b) lets retention obligations take precedence while they apply, but after expiry, personal data must be erased. Indefinite retention exposes you to fines of up to EUR 20 million or 4% of global annual turnover.

The fix: Use systems with built-in retention management: immutable during the statutory period, deletable (and deletion-logged) afterwards. Silent Cubes implement exactly this lifecycle.

The Pattern Behind All Six #

Each mistake comes from treating archiving as a storage purchase instead of a compliance process. The technology baseline (hardware with retention management) solves mistakes 1, 2, and 6. The process work (documentation, retention table, format strategy) solves 3, 4, and 5. You need both.

Further Resources #

Guide (/en/blog/revisionssicherheit-leitfaden/) → The 10 Criteria of (/en/blog/10-kriterien-revisionssicherheit/) → and (/en/blog/revisionssicherheit-dsgvo/) → PDF/A as an Archiving Format (/en/blog/pdf-a-archivformat/) → Silent Cubes: Hardware Archive Storage (/en/produkte/silent-cubes/)

Disclaimer

This article was written by our editorial team and edited using AI. It provides a general overview and does not constitute legal advice – we recommend seeking professional advice for your specific situation.