Kansas City Computer Measurement Group
Compliance
with New Government Regulations
How
Will It Affect IT?
February
18, 2004
Please RSVP using attached RSVP form.
|
|
|
Continental
breakfast |
|
|
|
Welcome,
announcements, and elections |
|
|
|
Compliance with New Government
Regulations What Does It Mean to Us? |
|
|
|
Break |
|
|
|
The Sarbanes Oxley ACT of 2002 -
SOX Steven Strong,Yellow
Technologies |
|
|
|
Lunch – Lunch is not provided. The Sprint cafeteria will be available for those who chose to eat there. |
|
|
|
Regulatory Compliance for
Electronic Records, Email and Storage Systems |
|
|
|
Break |
|
|
|
Compliance - Keeping Your Neck Out
of the Noose Clark Hodge, EMC |
Abstracts
Compliance with New Government Regulations
Systems Engineer
SAS Institute
Regulatory intrusion is rewriting the rules of business. Sarbanes-Oxley, HIPAA, Patriot Act and new SEC rules mandate changes in
the way you capture, understand, retrieve and analyze enterprise information.
Sarbanes-Oxley Act and other new regulations have made compliance a
corporate imperative. The question is how do you develop an effective
compliance program? Further, how do you
choose from among the confusing array of technologies aimed at compliance? This presentation will explore the details of
the most important content compliance challenges facing corporations
today. I will also explore specific
technologies and how they address high-priority compliance needs and demands.
Biography
Wayne Embry is a System Engineer
for SAS. His areas of responsibilities
are sales and marketing support for the IT Management Solutions. In his previous life he was responsible for
Performance Management for all hardware and software components at TWA. He has more years in data processing than allowed
to discuss, with the last 24 years being directed to Performance Management and
Capacity Planning. He has been a CMG Member for the last 21 years and a member
of Share for 26 years. He has presented
at Share, CMG, vendor, and user sessions for over 20 years. Wayne
The Sarbanes Oxley ACT of 2002 - SOX
Steven Strong
Technical Specialist – Project Coordinator
Yellow Technologies
This law impacts any publicly traded company on either stock
exchange. COSO is a voluntary,
private-sector organization dedicated to improving the quality of financial
reporting through business ethics, effective internal controls and corporate
governance. COBIT stands for Control
Objectives for Information and related Technology and is an open standard for
control over information technology, developed and promoted by the IT
Governance Institute. This framework
identifies 34 information technology (IT) processes, a high-level approach to
control over these processes, as well as 318 detailed control objectives and
audit guidelines to assess the 34 IT processes. We will share with you Yellow
Technology’s focus and approach for compliance and how it relates to our I/T “pervasive
controls”. These include:
Change control
Problem Management
Vendor Management
Business Continuity
Data Management
Security Administration
Facility Management
Application Development
This presentation will also discuss other areas
affecting compliance including:
Process Flows – Providing a process flow diagram in
accordance with the ITIL framework (swim lane format).
Risks - Identifying risks, controls, and assessment
procedures associated with each of the competency areas. COSO
Self Assessment - Perform or execute the self
assessment identified with each identified control. An effective business has
controls and processes in place to insure financial statements are accurate.
Biography
Steven Strong began his Information Technology career
in 1985 after successfully completing an initiative from the
Saint Luke’s Hospital provided an opportunity to apply
the fundamental processes and procedures learned during the vocational
program. During his 15 year tenure Steve
began as a computer operator trainee and departed as the
Mr. Strong accepted a position at Yellow Technologies
as a Network, Systems and Operations Manager to assist in the creation of a
world class support delivery team. Mr.
Strong has made significant contributions in key success areas of strategic
planning, change control, problem management, business recovery and, most
recently, project management. His
leadership and ability to “grow others,” both technically and in thought, has
raised the level of the Systems Support team.
Mr. Strong’s community involvement includes Habitat
for Humanity, Mentor Programs, Diversity, and numerous coaching activities for
a variety of sports. Mr. Strong has supported the American Cancer Society,
UNCF, and the Urban League of Kansas City.
Mr. Strong is a Leadership Fellow of the Multi-Cultural Leadership
Development Institute.
Regulatory Compliance for Electronic Records, Email and Storage Systems
EDM Consultant
Tallgrass Technologies
This presentation will cover the following topics:
Origins of Compliance Requirements
Company Mandates or Directives
Contractual and Trading Requirements
Regulatory Agencies
Courts and Legal Industry
Record Keeping Regulations
SEC
DOD
State Sunshine Laws
Regulations Driving Retention
SEC
NASD
HIPPA
FOIA (Freedom of Information Act)
Customer Roles
IT
Legal Officer
Compliance Officer
Other Employees
Technologies for Compliance
Content
and Document Management Software
Email
Archive Software
Storage
Management Systems
Biography
Mr. Pearce has over 20 years’ industry experience as a
software consultant, software developer and account executive, with a focus
during the past ten years on records management, imaging, electronic document
management, workflow, Internet technologies, E-commerce and data capture. He has demonstrated his skills in using
technology to enable maximum effectiveness and productivity in organizations,
by linking document systems and technologies with business processes, office
automation and compliant storage management systems.
He has had a successful multifunctional career serving
as Information Lifecycle Management Consultant, Director of Sales, Senior
Systems Analyst, Systems Engineer and Programmer. He has worked with industry leading software
vendors in the EDM market that include, FileNet, Optika,
Hummingbird, Documentum, Hyland, Open Text, IBM, and
Legato.
Mr. Pearce clearly defines business requirements and
identifies appropriate technologies and products that can yield maximum
benefits. This comes from a solid understanding of diverse EDMS and other
information technologies, including networking, client/server, Internet,
workflow, document management, COLD/ERM, and forms processing. He also has a
broad understanding and experience with business processes and industries,
including legal practices, insurance, utility, government, financial services,
chemical, pharmaceutical, food processing, wholesale distribution, and
air/truck freight. He has particularly strong expertise in compliant storage
systems, compliant email archive applications and records management
retention. Areas of specific expertise
include requirements analysis, cost/benefit analysis for ROI determination,
technology/vendor evaluation, project management, implementation, and quality assurance.
Jim is experienced in the delivery of full life cycle consulting and
implementation services.
Compliance - Keeping Your Neck Out of the Noose
Clark Hodge
Product Evangelist for Centera
EMC