direct template functions download www.directtemplate.com

Document Management

Article by wilfred henderson

Document Management or Enterprise Information Management is probably just about the most important from the enterprise solutions which will resolve various requirements of SOX. Several parts of SOX have a very direct referring to the manner the place that the digital documents/records of the enterprise are produced, reviewed, approved, stored, retrieved, transferred, and destroyed.

Knowledge Management: Document & Records Management

Estimates have already been made calculating a significantly large proportion (some say, a lot more than 70%) from the documents owned by a company have been in digi pics and can do not be found in hardcopy.

As outlined by Gartner's Editor in Chief James Lundy: Records management becomes a top 10 issue for many CIOs inside coming year.

Inside following, we shall discuss the various sections of SOX a document management solution may also help in complying with.

SOX Sections:

Section 302: Based on Section 302, the CEO and CFO ought to personally certify the financial statements and disclosures expressed by the corporation on authenticity and accuracy. This involves a method set up that will make the CEO as well as the CFO confident that all the disclosures the company makes are accurate and authentic. This can be accomplished in two ways:

One is to trickle-down the responsibility of the CEO as well as the CFO for the lower management levels as well as in response bubble-up the sign-offs on the lower management levels on all documents that are inputs to your company filings.

Second is usually to design comprehensive business processes that produce the organization filings. The company processes will likely be developed in an extremely rigorous manner to conform to the many provisions and proper implementation and training of all of the personnel linked to the company processes will be performed and tested using a periodic basis. Further, this company processes themselves will probably be open to stringent internal audits which will be completed every once in awhile.

One, or possibly a mixture of these two practices should go further towards ensuring proper compliance.

For these options it is clear a strong enterprise-wide document management system will provide the cornerstone what is the best the compliance will actually be completed. Inside first case, the sign-offs can be configured having a workflow module on the document management system. Inside the second case, the company process itself are going to be configured from the document management system and many types of established track record supporting or input documents too will be area of the DMS and appropriate subordination and linking will be done relating to the official company filings and all of the input documents going without running shoes.

As evidence the records supporting one more company financials--as filed or reported--it is essential to archive every one of the emails, excel sheets, messages or other communications and documents that have been exchanged which triggered a last certified filing with the CEO and CFO. It will safeguard the CxO's are convinced that all the financial statements are true to their knowledge and due diligence was accomplished before certifying the reports.

Section 404: The CEO and CFO should give a report assessing and certifying which the "internal controls" have been assessed and therefore are working fine or there are weaknesses and appropriate action is now being taken. Complying with this requirement is amongst the roughest parts of SOX as well as a complete slew of people, processes and technologies. However, DMS posseses an important role to try out in this particular.

All of the emails and attached documents from the chronological sequence will need to be archived for proving the internal controls are appropriate. Ideally, a workflow module provides added assurance that the internal controls are implemented.

Section 103: requires storing the documents for any amount of Many years for audit companies. The corporation being audited would naturally would like to replicate the documentation to protect against any discrepancy or miscommunication or mismanagement. Also another area of the act requires

Section 409: requires near-real-time reporting of material events--whether internal or external for the investors and the regulatory bodies. As well as simply by using a single enterprise-wide document management system with appropriate "alerts" and notifications and workflow configured in line with the design of the compliance-based business processes. This technique will make without doubt all relevant info is immediately relayed up management (CEO and CFO) and the compliance committee and advisors with minimum delays and latency. DMS provides appropriate capabilities to the compliance advisors to provide a recommendation (within the stipulated time-frame) linked to each alert and escalate the reports to the CxOs with all the appropriate recommendations. The CxOs can then decide when it merits disclosure underneath the compliance act based on recommendations of their Compliance Committee or Advisors.

Section 802: provides for criminal penlties for knowingly altering, destroying, concealing as well as other activities, such as introducing false records, in connection with impeding or influencing a continuous or potentially upcoming investigation with a federal agency. This would require holding all documents inside a secure system where absolutely no one in the business can alter them once they are finalized. Also this needs sophisticated document retention and destruction policy which can be strictly followed (in truth, may be been shown to be followed) and that requires making sure that no document which any investigating agency would should get is being destroyed or deleted. Furhter, the act requires that as soon as the company comes to learn about a possible investigation all documents pertaining or somehow germane fot it investigation are immediately ordered indestructible to or unalterable by anyone--including the CxOs with the company. It is then imperative that you have a very feature relevant to creat!

ing and accepting "alerts" in the legal department from the company about any ongoing or upcoming potential investigations and therefore immediate information "vaulting" coming from all related documents. This feature will compliance using this section and save a prison term plus a large monetary fine and naturally loss in credibility.

This incorporates a strong bearing on a records or document management policy of any company. The business should produce a proper document management policy and follow it in the timely and rigorous manner. Via a done, the organization is exposed to severe costs and damage when it comes to providing documents to hostile parties in "pre-trial discovery"--the legal strategy of providing all relevant documents towards the opposing party in a legal suit. Additionally, it exposes the business to accusations of hiding or destroying relevant documents--if done with a later stage--even before any legal proceedings are begun up against the company--a la Arthur Andersen's Enron-related documents.

Document Management systems provide several advantages to your company. Since an IT strategy is a small business process frozen inside a particular software and hardware implementation, it proves that this particular business process will be consciously and diligently followed. Inside worst, this proves how the compliance will be followed in spirit. Now if the compliance is now being followed in form is found outside the results of the actual system and also from your audits of it at various stages from the business process. The proportions to adhere to an audit trail on all documents created or processed through it is rather beneficial in executing compliance activities as well as in proving compliance at the later stage. The capability to generate workflows automatically creates auditable process paths.

The DMS also facilitates to access any documents at any point of your time with relative ease. Additionally, it behaves as a centralized repository of documents (both structured and unstructured). All publicly disclosed documents is usually locked in the ultimate form as images and may 't be tampered with down the line. These can be stored and deleted in line with the schedules of several regulatory and compliance Acts from the Government. Document and information which is designed to be for limited consumption towards the top management level can even be strictly screened and internal controls on these could be enforced rigorously. When the time comes the documents is usually "published".

Whistleblower: Because of this area of the act, it is vital that a document management system is presented to log all whistleblower communication--absolutely securely where no unauthorized personnel might be able to access it--and store all communications.

An indirect desire for Document Management Systems inside enterprise is good for the intention of storing the documents related to enterprise compliance policies, their updates, amendments, the interior control policies from the company along with documents of an similar nature that really help in proving the compliance process at the enterprise.

The corporation should make policies around the following aspects of documents:

CreationApprovalsPublishingRetentionAccessDistributionLifecycleThis insurance policy will assist in implementing the contradictory requirements of document retention for compliance purposes and document deletion for lowering the price of document retention and improving operational efficiency.

Step one would be to define the document retention policy. The 2nd step is usually to survey the prevailing document management systems available inside the enterprise as well as the third step is always to build a proper document management system.