> you shouldn't proceed under the assumption that government > regulators are out there giving IT staff lists of words to be used > in "full-text search" of E-mail archives. That is not the law, and > it is not how subpoenas are issued.
First: I clearly noted that legal (or compliance, if distinct) is given all documents, including criteria for an archive search, and that IT staff are not responsible for the search. IT is expected to create a system that compliance officers can use independent of IT (in turn respecting employees' privacy from sysadmins' snooping, restricting access to those that perform that role professionally). The full retention media must also be made available, but the regulators will request pruned material. You seem to think that you're really going to hit it off with regulators by coolly giving them hard drives with terabytes of raw mbox data and nothing more. You obviously don't know how it feels to be faced with hundreds of millions of dollars in fines and the knowledge that every day you delay is another day with your company name in the papers as an "ongoing investigation." You do not mess around or play tough on producing records; you will only go down harder. The examples are legion. Second: last you wrote, you'd only been involved in an investigation that was not bound to SOX or SEC regulations. I see nothing in your new comments, though they're more verbose, that's any more authoritative. Your isolation of SOX seems deliberately naive, since it is commonplace for SOX's open-ended storage requirements to be allied with SEC 17a-4 requirements to ensure coordination between departments and guarantee prompt response to inquiries without the perception of considered obstruction through negligence. And no organization creates separate SOX-compliant systems and SEC-compliant systems if bound by both. Third: my notes are based on our work with three different clients' IT staffs, their inside and outside counsel (two different outside firms), and documents submitted by regulatory agencies that were specific to the cases; it is also based on the experience of building the original, incomplete archiving systems for these clients and later expansions and revisions of these systems to achieve independently verified SEC/NASD compliance. Fourth: there were no "enemy lawyers" involved, unless you consider those attempting to prevent criminal actions--in this case, stealing millions from individual investors to benefit secret corporate alliances--to be your "enemies." Yet, if those are the enemies in question, I'm surprised you're opposed to _Ipswitch's_ recent activity. Aren't they just following in the footsteps of Enron by concealing their probable dead-end status while soliciting huge monies for nonexistent products? How can a private company's secrecy and price gouging be such an abomination, based on the insults you've used on the IMail list, while here you encourage a public company's destruction of records wherever you perceive a loophole? --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.mailmage.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.mailmage.com/products/software/freeutils/exchange2aliases/download/release/ http://www.mailmage.com/products/software/freeutils/ldap2aliases/download/release/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
