Sarbanes-Oxley Act &
Records Management
The cost and magnitude of regulatory mandates associated with corporate
compliance, particularly records management, have increased significantly in recent
years. As a result, many more companies, not just those in traditionally regulated
environments such as pharmaceuticals and aerospace are finding that they need to
change from a departmental plan or ad hoc approach to an enterprise-wide
compliance strategy. Is your organization prepared to meet the regulatory
requirements of the
Department of Defense 5015.2 Standard, the Sarbanes-Oxley
Act of 2002, or the Security and Exchange Commission's Rule 17a
? How will your
company balance the cost of compliance with the risks of non-compliance? What
are you doing to build investor confidence and trust - and can you do it without
diluting shareholder value? And, last, but certainly not least, how much will it cost
you to comply?

To reduce risks as well as costs, companies are turning to
enterprise content
management (ECM)
- of which enterprise records management (ERM) is a significant
part. Because ECM provides a robust environment for managing all types of
unstructured content (documents, Web pages, images, rich media, etc.) across the
full lifecycle (creation, management, delivery, and archive), companies can solve not
only their compliance challenges, but leverage this investment for on going
competitive advantage and operational efficiency. This article explains the challenge
of new corporate regulations and outlines how your company can meet that
challenge through an effective ERM strategy tightly integrated with ECM.

Understanding the Regulations

Many organizations throughout American government and business have adopted
Department of Defense (DoD) Directive 5015.2, issued in 1997, as a de facto
records management standard. It provides detailed implementation and procedural
guidance on the management of records in the DoD and its departments and

In 2002, Congress enacted the
Sarbanes-Oxley (SOX) Act in response to Enron,
Worldcom, and other accounting scandals. SOX affects all publicly traded
companies, private companies that may go public or be acquired by a public
company, and public accounting firms. Among other things, it makes it a federal
crime to obstruct justice by destroying or tampering with corporate accounting
records. Section 404 of SOX specifically outlines the requirements for public
companies regarding records retention. Everything must be documented in a way
that can be reviewed by auditors, including policies and procedures, approvals,
authorizations, verifications, recommendations, and performance reviews, in
addition to financial data. This includes the widely publicized mandate that CEOs
and CFOs must personally certify all financial statements.

In addition to responding to the Sarbanes-Oxley mandates, companies must comply
with an expanded
SEC Rule 17a and related regulations. SEC Rules 17a-3 and 17a-4
spell out new requirements for securities brokers, dealers, investment companies,
financial advisers, and transfer agents regarding records of electronic interoffice
communications and communications with customers. Other regulations relevant to
records management include NASD Rules 2210, 3010, and 3110, NYSE Rules 342
and 440, ISO 15489, and MOREQ. Together, these rules impose strict ERM
requirements on regulated organizations.

In responding to these new regulations and the events that led to their adoption,
executives face many challenges. They must manage compliance issues inside and
outside the enterprise, balance the organizational costs of compliance with the
risks of non-compliance, increase visibility and transparency for corporate practices,
and take other steps to maintain or restore investor confidence.
For additional details
on SOX, and to learn
how enterprise
records management
helps organizations
meet the broad
challenges of

go here.
To learn more about
records management
solutions that enable
compliance, contact
TELA Technologies
for a free "Document

go here.