Subject: OASIS and ISACA Kickoff Meeting

Meeting Minutes

Subject: OASIS and ISACA kickoff meeting

Date: 07 Feb 05

Attendees:

(OASIS)

James Bryce Clark (Legal Background)

Director, Standards Development, OASIS

+1 978 667 5115 x 203 central office

+1 310 293 6739 mobile

Scott McGrath(Operational Background)

Director of Member Services

+ 1 978 667-5115 ext 202

+ 1 978-667-5114 fax

OASIS

PO Box 455

630 Boston Rd

Billerica, MA 01821 USA

OASIS bios at

(ISACA)

Jane Seago

Director, Corporate Communications and Relations

Direct phone: 918.749.5638

Direct fax: 918.749.5649

Tom Lamm, With ITGI since 1998 (Research and Issues Publications)

Director of research and standards

telephone contact 847 590 7463

Peggy Neuzil, CISA, MBA, PMP

Marketing Manager - ISACA

3701 Algonquin Road, Suite 1010

Rolling Meadows, IL 60008

Tel: +1.847.590.7453, Fax: +1.847.253.1443

Ron Hale,

Director of security initiatives

(PBSP Inc)

Robin Basham

David Basham

781 400 1449

Summary:

• Discuss value proposition for proposed ISACA and OASIS collaboration. Understand strengths and possible contribution of each organization.
• What would possible benefits be for organizations themselves, and for their supported user communities.
• Explore the areas of interest mutually shared between ISACA and OASIS and how our organizations can better work together to enable our mutual and respective goals.

Jamie (OASIS):

Why OASIS can be a resource for ISACA:

• Represents considerable market presence and source of knowledge in the field of e-business XML interoperability standards. For example, world current electronic business methods
• OASIS model of standards development is driven by the user community in a bottom-up fashion. This means OASIS is well positioned to work with ISACA to best accommodate, receive and integrate new ideas in a way that is sanctioned, proper and advantageous to ISACA and ISACA market.
• OASIS standards distribution channels, standards integration, and general “trade press” coverage can extend the ISACA message and value of its ideas and products.

Jamie (OASIS):

Compliance, regulation and Governance languages are increasing in presence and volume in the e-business sector at large. There is a general need to speak these languages properly and adequately inside of XML documents and e-business interoperability standards. This needs to be done carefully, accurately, and in a way that provides real value to the consumers and users of these standards. ISACAs leadership, presence, and knowledge in this market make it a natural choice for OASIS to ask for help with this effort.

Scott (ISACA):

ISO has been struggling with the idea of a certifying authority. There are no controls in place to validate or certify ISO compliance. Resonated especially with Jamie’s 3rd point

Jane (ISACA):

“Do good, do well” philosophy of ISACA is well served by OASIS standards development and market presence in this area. Asked Robin (PB&SP, Inc.) to speak about concern with overlap.

Robin (PBSPInc):

Sees market opportunity and general industry value in bringing strengths of these two organizations together; ISACA representing standards for defining what is regulated and OASIS representing the implementation of common language into the documentation of systems

Jamie (OASIS):

How can ISACA be a resource for OASIS? Desire to use great ideas of CobiT and other frameworks (for example) in e-business standards in a way that properly addresses cost of use and sanctioned representation. General need to understand how to proceed; which parts are ‘free’, and which parts are paid for.

Scott (ISACA):

Question for Jamie (OASIS) re: general differences between XBRL and ebXML.

Jamie (OASIS):

XBRL (eXtensible Business Reporting Language): Language well suited for financial reporting. Amiable for accounting and general financial reporting involving currency.

ebXML (electronic business XML): Older, more general purpose business messaging standard. Some consider it an EDI messaging format replacement. Can represent things such as a purchase order or contract agreement.

Jamie (OASIS):

XML is a way to remove business logic out of “unstructured” code, or vendor implementation / product. In this way XML can naturally extend the embrace and reach of ISACA. XML can do this by potentially removing consultant kinds of cost associated with breathing life into IT business processes and supporting infrastructure. In this way, OASIS can be a natural fit for ISACA

Jane (ISACA):

Thanked Robin for working to facilitate bringing ISACA and OASIS together. Sees value in working together with OASIS.

Robin (PBSPInc):

Action item to send out meeting minutes (this document) and schedule next meeting.