erik gellatly, jd matrix logic corporation [email protected] (415) 893-9897 x235 achieving...
TRANSCRIPT
Erik Gellatly, JD
Matrix Logic Corporation egellatly@matrix-
logic.com(415) 893-9897 x235
Achieving Sarbanes-Oxley Compliance with Hummingbird Solutions
Agenda Introduction
What is Sarbanes-Oxley and Why Do We Care?
Compliance Requirements of Sarbanes-Oxley
‘Document Intelligence’ Defined
Using Hummingbird DM / Collaboration
Bringing It All Together
Questions and Answers
Agenda Introduction
What is Sarbanes-Oxley and Why Do We Care?
Compliance Requirements of Sarbanes-Oxley
‘Document Intelligence’ Defined
Using Hummingbird DM / Collaboration
Bringing It All Together
Questions and Answers
Introduction
Matrix Logic is a Hummingbird Premier Partner and has over 400 clients across the US and abroad.
Matrix Logic integrates other products around the document management system to enhance DM/RM administration, collaboration and security.
Prior to joining the company, Erik Gellatly earned a law degree from Willamette University in 1998 and has worked with technology companies serving the legal profession since that time.
Agenda Introduction
What is Sarbanes-Oxley and Why Do We Care?
Compliance Requirements of Sarbanes-Oxley
‘Document Intelligence’ Defined
Using Hummingbird DM / Collaboration
Bringing It All Together
Questions and Answers
What is Sarbanes-Oxley . . .
Sarbanes-Oxley is the U.S. government’s response to Enron / WorldCom / Adelphia / Tyco scandals
CEOs and CFOs of public companies now must swear under oath that the financial statements of public companies are accurate and complete
SEC filing deadlines are more compressed
Audit committees must establish and maintain internal controls for financial systems and have them certified by public accountants
. . . And We Care Deeply
Executives that knowingly sign falsified reports and anyone that destroys audit records can receive up to 10 years in prison and fines
Destruction, falsification, alteration of documents in federal investigations and bankruptcy proceedings can lead to sentences of up to 20 years in prison and fines
A new non-governmental watchdog agency, the Public Company Accounting Oversight Board, will scrutinize audits of all public companies
Who’s Neck Is It, Anyway?
Executives have a very short time to report any “material changes” to financial statements
Audit committees are responsible for assuring that proper controls are in place to allow them to fulfill their reporting obligations
IT managers are being asked to enforce document retention policies (think Enron / Arthur Anderson shredding scenario)
Investors need to have confidence that executive and auditor claims are accurate and complete
Agenda Introduction
What is Sarbanes-Oxley and Why Do We Care?
Compliance Requirements of Sarbanes-Oxley
‘Document Intelligence’ Defined
Using Hummingbird DM / Collaboration
Bringing It All Together
Questions and Answers
Compliance Requirements: CEO/CFO Attestations
CEO and CFO have reviewed the filing personally
Filings contain no untrue statement of material fact
Filings fairly report the company’s financial position
Any significant deficiencies, material weaknesses and fraud (material or not) have been disclosed to the audit committee and the external auditor
What internal controls are in place
Compliance Requirements: Disclosure Procedures
CEOs and CFOs must certify that processes are in place to ensure that material information relating to the company will be made known to them
“Fair presentation” of company’s results is stronger than GAAP standard – transparency is the goal
SEC recommends that Boards have special Disclosure Committees that determine what is material information and are responsible for regular public disclosures
Compliance Requirements: Records Retention
Anti-tampering provisions in §1102 and anti-destructions provisions in §1519 apply to records that are subject to an investigation
New crimes for attempted destruction and conspiracy to destroy records under §1349
Accountants must retain audit records for public companies for seven years after a review is complete under Reg. S-X (Jan. 22, 2003 update)
Organizations can still destroy records according to a defined and communicated records retention policy
Agenda Introduction
What is Sarbanes-Oxley and Why Do We Care?
Compliance Requirements of Sarbanes-Oxley
‘Document Intelligence’ Defined
Using Hummingbird DM / Collaboration
Bringing It All Together
Questions and Answers
‘Document Intelligence’ Defined The alignment of your document repository
structure with your reporting and disclosure requirements.
The extension of your existing document repository to support retention automation, true enterprise search and security.
The communication and enforcement of policies and procedures for handling electronic documents and records throughout the enterprise
‘Document Intelligence’ Applied Hummingbird DM/RM together provide out-of-the-
box functionality that can be applied to your new business process requirements
• Capture of financial reports for executive roll-ups
• Enterprise search capability for managers and analysts
• Retention Schedules by document type
Hummingbird Collaboration offers activity reports for managers and stakeholders for external users
Third-Party Extensions for wireless and security
Agenda Introduction
What is Sarbanes-Oxley and Why Do We Care?
Compliance Requirements of Sarbanes-Oxley
‘Document Intelligence’ Defined
Using Hummingbird DM / Collaboration
Bringing It All Together
Questions and Answers
Using Hummingbird Products
The out-of-the-box functionality is very helpful for executives, finance department when dealing with compressed filing deadlines
Hummingbird DM – in-progress documents
Hummingbird RM – legacy information, paper records, read-only electronic documents
Hummingbird Collaboration – working with outside individuals on specific matters/projects (external auditors, counsel, board members)
Automating Document Retention
Retention schedules can be specified for specific cases/matters or document types
Document types should map to Sarbanes-Oxley reporting requirements (think CONTRACT, FILING, MINUTES, REPORT and RESOLUTION)
Document deletion can be restricted (think “Arthur Anderson” scenario - electronic file shredding)
No limitation on format: email, documents, memorandums, even instant messaging
Hummingbird DM 5.0
- Use Document Types in your Quick Searches- New “Easy Search” allows for quick, intuitive queries- Easy adoption for new users via Windows Explorer
Hummingbird Collaboration provides an intuitive web interface for specific groups (such as an Audit Committee)
Agenda Introduction
What is Sarbanes-Oxley and Why Do We Care?
Compliance Requirements of Sarbanes-Oxley
‘Document Intelligence’ Defined
Using Hummingbird DM / Collaboration
Bringing It All Together
Questions and Answers
Bringing It All Together
Better risk management and public disclosure are the goals of Sarbanes-Oxley
Throwing bodies at compliance and security problems is not a long-term or scalable solution
Hummingbird products reduce overdependence on email and improves information flow
Consider hand-held connectivity for busy managers, document encryption and watermarking for outgoing email attachments that leave the DM
Audit Committee Process?Over-reliance on email, manual processes and questionable security practices
or Audit Committee Process!Inside the “four walls”, Hummingbird DM provides enterprise search, mobility and document retention policy enforcement.
Board members can collaborate securely and sign off on documents electronically over the Internet.