On January 14, 2009, the Italian DPA (Garante) issued guidelines imposing requirements on IT administrators. Recognizing the importance of IT administrators in the lawful and secure processing of data, the guidelines establish greater transparency and prevent abuses. The guidelines require companies and public entities to (a) assess the qualifications of IT administrators, (b) delimit their powers when appointing them, (c) maintain a list of IT administrators to be included in the company’s security policy document, (d) review IT administrators’ activities annually, and (e) maintain a log file of their activities and access to documents.  

Further information is available here