ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: RFC Editor Function SOW Review

2006-07-18 11:40:56
from [Marcus Leech] [Permanent Link] 
Todd Glassey wrote:


Hmmmm... The SOW MUST define all the elements of the Editor's responsibility 
and all the specific tasks they perform as well as the SLA's for those Tasks. 
It also MUST address the SOD (Separation of Duties) within the Editor's work 
since they are altering the IP submitted.

Without that ther is no comprehensive model for evaluating how well the IETF 
met its standards and whether it caused damage to others in the process.

Todd Glassey as an Auditor.
Methinks you've drunk too deeply of the SOX Kool-Aid, Todd. Along what lines would you 
 suggest that the RFC Editor "separate its duties"?
Perhaps you would also reccommend that the guy who replaces the air freshener blocks in the mens bathroom not also be the same guy who fixes the plumbing? Or maybe the guy who diagnoses your automotive problems be different from the guy who actually fixes it? Perhaps in the RFC-Editor function, the person who fixes missing commas and semi-colons, should be different from the person who addresses clarity and normative reference issues? Yup, that's an efficient use of everyone's time and money.
SOD was designed to prevent certain types of financial faud in *financial software development and deployment processes*, and other similar processes where separation of duty is essential to maintain certain properties of the overall process. SOX-mania has become a toxin that has clouded most peoples thinking in this area, and I'm loathe to accept that IETF processes must be held hostage to an ill-conceived set of guidelines promulgated by the utterly-irrelevant-to-the-IETF Public Companies Accounting Oversight Board. The IETF isn't a publically-traded company, last time I checked, and even if it were, the SOD provisions of SOX (and Audit Standard 2, which clearly you've consumed wholesale) clearly 
 wouldn't apply.
I suggest, Todd, that you switch to another beverage, because the SOX Kool-Aid is 
 clearly doing neither you nor anybody else any good.

--

Marcus Leech                            Mail:   Dept 1A12, M/S: 04352P16
Security Standards Advisor        Phone: (ESN) 393-9145  +1 613 763 9145
Strategic Standards
Nortel Networks                          mleech(_at_)nortel(_dot_)com



_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: RFC Editor RFP Review Request, Henrik Levkowetz
Next by Date:  LA -> San Diego transportation (Was: Re: Meetings in other regions), Doug Barton
Previous by Thread:  Re: RFC Editor Function SOW Review, Todd Glassey
Next by Thread:  Re: RFC Editor Function SOW Review, Joe Touch
Indexes:  [Date] [Thread] [Top] [All Lists]