Re: [SLUG] Legal Question about SCO

From: Paul M Foster (paulf@quillandmouse.com)
Date: Thu Dec 18 2003 - 23:59:55 EST


On Thu, Dec 18, 2003 at 11:15:49PM -0500, Robert Foxworth wrote:

> I was looking over my notes from the Biz2 expo today.
> We had a packed-house theater for "Maddog" and his
> excellent talk this afternoon.
>
> But that's not the reason I am posting this.
>
> Just before the Maddog talk was an interesrting
> presentation, in the same theater, by Dr. Tim
> McGuiness who spoke of privacy and security reqmts
> that are in place now for businesses. GLB (Graham-
> Leach-Bliley) and HIPAA [_not_ "HIPPA"] were
> some of his topics. Real eye-openers for businesspeople.
>
> One of several regulations in place is known as "SOX"
> (Sarbanes-Oxley) which relates, according to my notes,
> to integrity, security and best practices for data and
> data repositories maintained by firms.
>
> I wish I had thought ahead fast enough to ask him about
> the recent SCO incident in which SCO claimed that
> their "intranet" was subject to attack. This was
> during the two recent DDOS attacks of the last few days.
>
> The question I would have asked would have centered
> around SCO's apparent liability in maintaining a network
> architecture in which their "intranet", presumably housing
> sensitive/company-confidential data, was allowed to be
> subject to outside disruption, and under those conditions,
> why they should not be heavily fined by the FTC for
> "willful violation" of Sarbanes-Oxley.
>
> Any lawyers out there with an opinion. Myself, IANAL.

I could be wrong, but I believe SOX deals primarily with corporate
accounting standards. It's supposed to up the integrity and transparency
of corporate _accounting_. Among other things, I think it includes a
requirement for CEOs to sign off on their companies' books (so it's
_their_ butts on the line).

I could be way wrong about this, as I have a teeny company and two
stockholders, and so it doesn't really apply to me.

Paul
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:47:09 EDT