January Meeting
Thursday the 11th
Crowne Plaza Hotel North Dallas-Addison

Technology
Joint Meeting with the North Texas Chapter of Information Systems Audit & Control Association

SEC Enforcement Trends

Rose Romero, SEC District Administrator, Fort Worth District Office

Ms. Romero is the current SEC District Administrator and a former Assistant United States Attorney. Ms. Romero will provide an overview of recent SEC enforcement activities in the region as well as describe the implications of the SOX legislation on those actions. As a lead-in to the post-session round table discussion directly following the luncheon, Ms. Romero will outline the impact of discovery on SEC investigations and discuss how she expects the new electronic discovery rules to affect SEC investigations.

Rose Romero is the District Administrator for the Fort Worth District Office of the U.S. SEC. Before beginning her duties at the SEC on March 6, 2006, Romero was Executive Assistant United States Attorney for the Northern District of Texas. In that role, she advised the U.S. Attorney in a range of areas of management and administration and oversaw all criminal and civil programs initiated by the Northern District.

Romero joined the U.S. Attorney’s Office in 1989 as an Assistant U.S. Attorney and investigated and prosecuted numerous cases involving white collar fraud, telemarketing fraud, bank fraud, narcotics and money laundering. In 1996, she was appointed Deputy Criminal Chief, Narcotic and Violent Crimes Section, where she served until 1999. Romero then was selected to work as a resident legal advisor to the U.S. Ambassador to Ecuador where she advised the Ambassador on legal and political issues and assisted local officials in drafting civil and criminal legislation aimed at punishing financial crimes, money laundering and narcotics trafficking. Prior to her appointment to her present position, she also served as District Senior Litigation Counsel in the U.S. Attorney’s Office.

Romero received her BS from Texas Christian University and her JD from Southern Methodist University. She also served in the United States Air Force.

Business Continuity Planning
Roger M. Buss, Tatum Technology Partner

Business continuity plans are no longer a luxury, but an essential element of a well-defined risk management program. For many businesses, the decision to invest in this area is being forced upon them by legislation, third parties (e.g., insurers) or the occurrence of a disaster or near disaster. The goal of business continuity planning is to ensure that critical business processes can be recovered and resumed when disaster strikes. In other words, business continuity planning is the act of proactively strategizing methods to prevent, if possible, and manage the consequences of a disaster, limiting the consequences to the extent that a business can absorb the impact.

The loss of mission-critical systems can result in a significant loss of revenue and opportunities. Being able to recover systems quickly, accurately, and completely is critical to the ongoing success of any business. However, business continuity planning is broader than disaster recovery planning, the latter being primarily focused on IT systems recovery, whereas the former addresses recovery of the entire range of critical business processes essential to the continued operation of the company. Business continuity planning encompasses business resumption planning, disaster recovery planning, and crisis management.

Each company should develop a written, comprehensive business continuity plan that addresses all the critical operations and functions of the business. We will examine the steps required to develop a proper plan, and the business benefits which result from the development, communication, testing and maintenance of the plan.

We will also discuss audits of the business continuity plan. An audit of business continuity is essentially an audit of the plan with reference to the adequacy, completeness and appropriateness of the plan; availability of the processes and people to implement the plan; its testing; and the verification of the various day-to-day functions that need to be performed to make the plan effective and ready at all times.

Roger Buss is a Technology Leadership Partner and national segment leader for Tatum’s IT Governance and Controls Practice. He is a seasoned Information Technology executive with over 20 years of IT leadership experience in a variety of industries including financial services and health care. He has significant experience in managing large IT organizations and driving major IT initiatives in applications development, systems consolidation and revitalization, and new technology implementation. He has consistently demonstrated strong strategic planning, organizational development, vendor management and budgeting skills. He also has significant experience in IT audit and controls evaluations, including Sarbanes-Oxley Act requirements. For a $600 million property casualty insurer, he implemented a critically-needed web portal for policy rate/quote/issue for the company’s independent agents, and completed a major multi-year systems consolidation for a $100 million acquired business. For another major insurer, he orchestrated a comprehensive migration and conversion of core systems and a major network upgrade. For a $400M legal services firm, he managed an extensive Sarbanes-Oxley IT compliance effort, including IT general controls and application controls assessment, remediation and testing. For a major home health care equipment supplier, he recruited and led a large development team in successfully building and delivering a suite of mission-critical applications against aggressive timelines. For a $75M high-tech manufacturer, he created an IT strategic blueprint, evaluated several IT outsourcing strategies, mentored a newly-appointed IT director, and documented IT policies and controls.

Roger has an MBA from the Kellogg School at Northwestern University, and holds both Certified Public Accountant and Chartered Property Casualty Underwriter designations.

The New Rules of Discovery for Electronically Stored Information
Panel Speakers: Rose Romero, SEC District Administrator, Fort Worth District Office
Austin Hutton, Hutton Consulting
Peter Vogel, Gardere Wynne Sewell LLP

This round table discussion will focus on the changes to federal rules of civil procedure regarding electronically stored information. The discussion will include the intents and scope of the changes as well as the intended and unintended outcomes for the new rules. In addition the panelists will discuss how these new rules can be expected to affect how companies identify, classify, and manage data; how to plan for and respond to electronic discovery; and how to minimize the unanticipated costs.

W. Austin Hutton, CISA, CISM has more than 20 years of senior leadership experience in Information Technology. His career includes broad based experience managing global technology organizations for American Express and Pepsi Restaurants (now YUM brands) His experience includes developing and managing global transaction networks, voice networks, and a variety of enterprise class infrastructure and application development services.

In the past eight years Austin Hutton's  consulting experience includes several enterprise reengineering efforts, organizational transition planning technical and operational analysis for mergers and acquisitions as wells as IT architectural planning. Mr. Hutton has also served as the contract CIO for a Fortune 50 subsidiary.

Mr. Hutton has conducted multiple Sarbanes-Oxley and IT governance engagements in a variety of roles and is a regular speaker at industry functions. In addition to co-authoring four articles on IT governance in the past several years, Mr. Hutton conducts seminars on the implications of new legislation on IT planning and operations. Mr. Hutton is a CISA and a CISM.

Peter S. Vogel has been involved with the computer industry since 1967. For the past 28 years Peter combined his Masters in Computer Science and past experience as a mainframe programmer, systems analyst, and management consultant together with effective legal skills negotiating contracts and in court. The result is an attorney who has the technological expertise and business understanding of his clients - from the inside.

Peter's clients often seek his advice about practical business issues relating to technology. These often include software patents, copyrights, trade secret protection, ERP implementation projects, Internet security, website business management, and outsourcing. Because he is a seasoned IT professional with an accounting and marketing background, Peter often consults about IT and Internet marketing and financial issues. His experience as an Adjunct Professor in the Law of the Internet keep him current on the fast moving evolution of the Internet.

Peter is Chair of the Electronic Discovery and Document Retention Group and co-Chair of the Internet and Computer Technology Practice Group at GARDERE WYNNE SEWELL - where he helps clients navigate business and technology issues through the legal mazes of intellectual property, contracts, government regulation, and litigation from cradle to grave. Because of his unique background and expertise, Peter is often appointed as an Arbitrator, Court Ordered Mediator, and Special Master in Internet, intellectual property, and computer technology litigation. In addition to helping businesses throughout the world, Peter has also devoted a substantial amount of time and energy serving government agencies and non-profit organizations by addressing their computer and Internet issues. Peter:

• Chairs the Texas Supreme Court Judicial Committee on Information Technology whose mission is to put Internet on the desktops of all 3,100 judges in Texas. (www.courts.state.tx.us/oca~cit)
• Served on the Texas Task Force for the Uniform Electronic Transaction Act (UETA)
• Served as founding chair of the Computer & Technology Section of the State Bar of Texas
• Writes and lectures nationally on computer law topics including software intellectual property, discovery of computer evidence, Internet, and e-Commerce

In 1994, Peter was President of the Dallas Bar Association and also served on the Board of Directors of the State Bar of Texas. Peter teaches courses on the Law of the eCommerce as an Adjunct Professor at SMU Law School, and is on the founding Board of Advisors of the SMU Computer Law Review and Technology Journal.

In June 2004 Peter received a Lifetime Achievement Award for Promoting Technology in the Law from the Computer & Technology Section of the STATE BAR OF TEXAS. In addition, Peter has been regularly recognized as one of America's Leading Business Lawyers in CWERS, a Best Lawyer in America, a Top Lawyer in Dallas, and a Texas Super Lawyer.