[arin-discuss] Legacy RSA
Ted Mittelstaedt
tedm at ipinc.net
Tue Nov 6 15:34:01 EST 2007
>-----Original Message-----
>From: Howard, W. Lee [mailto:Lee.Howard at stanleyassociates.com]
>Sent: Tuesday, November 06, 2007 7:07 AM
>To: Ted Mittelstaedt; Dean Anderson
>Cc: arin-discuss at arin.net
>Subject: RE: [arin-discuss] Legacy RSA
>
>
>> That is why it's important to have regular
>> audits of these groups. I would challenge you to investigate
>> this, obtain and read the auditors report and see what they
>> had to say.
>
>The auditor's report is available at
>http://www.arin.net/about_us/corp_docs/annual_rprt.html
>
>As reported at the Members Meeting, we are also having a
>separate audit of our financial controls, by an independent
>auditor, who provides no other services to ARIN. We're not
>required to do this, and in fact it's unusual for an
>organization like ARIN to do so, but we want every possible
>assurance that we have adequate controls.
>
Lee,
Just a point here. These audits are financial, not operational.
Has ARIN considered having an ISO management audit performed? The
obvious one would be ISO 9001:2000 but they also have a new one -
ISO 27001:2005 that might be of interest.
Ted
More information about the ARIN-discuss
mailing list