Sarbanes Oxley Training - course updated November 2005 1154



  • Sarbanes-Oxley Compliance Training
    The impact on IT and Information Security
    3 days

    Objectives:
    The seminar has been designed to provide with the knowledge and skills needed to understand and support Sarbanes-Oxley compliance.

    Target Audience:
    This course is intended for:
    C Level Executives
    IT and Information Security Directors, Managers and Professionals
    Chief Risk and Compliance Officers
    IT and Security Process Owners
    Network, System and Security Administrators
    IT Auditors
    IT, Security and Management Consultants

    Duration:
    3 Days, 09:00 to 17:00 each day. The third day from 17:15 to 19:00hrs we will discuss your issues and questions.

    Course Synopsis:

    The Sarbanes Oxley Act 
    The Need 
    US federal legislation: Financial reporting or corporate governance? 
    The Sarbanes-Oxley Act of 2002: Key Sections
    SEC, EDGAR, PCAOB, SAG 
    The Act and its interpretation by SEC and PCAOB 
    PCAOB Auditing Standards: What we need to know 
    Management's Testing 
    Management's Documentation
    Reports used to Validate SOX Compliant IT Infrastructure 
    Documentation Issues 
    Sections 302, 404, 906 and the three certifications
    Sections 302, 404, 906: Examples and case studies
    Management's Responsibilities
    Committees and Teams
    Project Team Section 404: Reports to Steering Committee
    Steering Committee Section 404: Reports to Certifying Officers and cooperates with Disclosure Committee
    Disclosure Committee: Reports to Certifying Officers and cooperates with Audit Committee
    Certifying Officers and Audit Committee: Report to the Board of Directors 
    Control Deficiency
    Deficiency in Design
    Deficiency in Operation
    Significant Deficiency
    Material Weakness
    Is it a Deficiency, or a Material Weakness?
    Reporting Weaknesses and Deficiencies 
    Examples
    Case Studies
    Public Disclosure Requirements
    Real Time Disclosures on a rapid and current basis?
    Whistleblower protection
    Rulemaking process
    Companies Affected 
    International companies
    Foreign Private Issuers (FPIs)
    American Depository Receipts (ADRs)
    Types of ADR programs
    Employees Affected 
    Effective Dates 
    Internal Controls - COSO 
    The Internal Control Integrated Framework by the COSO committee 
    Using the COSO framework effectively 
    The Control Environment 
    Risk Assessment 
    Control Activities 
    Information and Communication 
    Monitoring 
    Effectiveness and Efficiency of Operations 
    Reliability of Financial Reporting 
    Compliance with applicable laws and regulations 
    IT Controls 
    IT Controls and Sarbanes Oxley Act Relevance 
    Program Development and Program Change 
    Deterrent, Preventive, Detective, Corrective, Recovery, Compensating, Monitoring and Disclosure Controls
    Layers of overlapping controls
    COSO Enterprise Risk Management (ERM) Framework 
    Is COSO ERM needed for compliance?
    COSO AND COSO ERM
    Internal Environment 
    Objective Setting 
    Event Identification 
    Risk Assessment 
    Risk Response 
    Control Activities 
    Information and Communication 
    Monitoring 
    The two cubes
    Objectives: Strategic, Operations, Reporting, Compliance
    ERM Application Techniques 
    Core team preparedness 
    Implementation plan 
    Likelihood Risk Ranking 
    Impact Risk Ranking 
    COBIT - the framework that focuses on IT 
    Is COBIT needed for compliance?
    COSO or COBIT?
    Corporate governance or financial reporting?
    Executive Summary 
    Management Guidelines 
    The Framework 
    The 34 high-level control objectives 
    What to do with the 318 specific control objectives 
    COBIT Cube 
    Maturity Models 
    Critical Success Factors (CSFs) 
    Key Goal Indicators (KGIs) 
    Key Performance Indicators (KPIs) 
    How to use COBIT for Sarbanes Oxley compliance
    The alignment of frameworks 
    COSO and COBIT 
    COSO ERM and COBIT 
    ITIL and COBIT 
    ISO/IEC 17799:2000 and COBIT 
    ISO/IEC 15408 and COBIT 
    COSO, COBIT and Sarbanes-Oxley Sections 302 and 404 
    Scope of Sarbanes Oxley Project 
    The most important challenge: The scope
    Discussing the scope with the external auditors
    Assumptions
    In or out of scope?
    Is it relevant to Sarbanes Oxley?
    Using SOX as an excuse 
    Computer Forensics Investigation? 
    Business Intelligence? 
    Business Continuity and Disaster Recovery? 
    Software and Spreadsheets 
    Is software necessary?
    Is software needed?
    When and why
    How large is your organization?
    Is it geographically dispersed?
    How many processes will you document?
    Are there enough persons for that?
    Selection process
    Spreadsheets
    It is just a spreadsheet
    Certain spreadsheets must be considered applications
    Development Lifecycle Controls 
    Access Control (Create, Read, Update, Delete) 
    Integrity Controls 
    Change Control 
    Version Control 
    Documentation Controls 
    Continuity Controls 
    Segregation of Duties Controls 
    Spreadsheets Errors
    Spreadsheets and material weaknesses 
    Third-party service providers and vendors 
    Redefining outsourcing 
    Outsourcing services and Sarbanes Oxley compliance
    The new definition of outsourcing
    Outsourcing after Sarbanes Oxley
    Offshore outsourcing is also redefined
    Key risks of outsourcing
    What is needed from vendors and service providers
    SAS 70
    Type I, II reports
    Advantages of SAS 70 Type II
    Disadvantages of SAS 70 Type II 
    Working with vendors and service providers
    Sarbanes Oxley and other compliance projects 
    European answer to SOX 
    Integrating SOX IT security with other regulations 
    Aligning Basel II operational risk and Sarbanes-Oxley 404 projects
    Common elements and differences of compliance projects
    New standards
    Multinational companies and compliance issues
    US federal legislation and state law. The US constitutional challenges 
    From the 1929 Companies Act (UK) to the 1933 Securities Act (USA) to Sarbanes Oxley: The need to avoid a federal intrusion into state reserved matters
    Auditing in the USA and auditing in UK: Very important differences
    

    United Kingdom:
    Net-Security Training
    Net-Security Training, Elvin House, Stadium Way, Wembley, Middlesex, HA9 0DW, Tel: 020 8900 9015 Email: info_at_net-security-training.co.uk

    • January, Mon 23, Tue 24, Wed 25 and Thu 26, Fri 27 Sarbanes-Oxley Compliance Training London, UK
    • February Mon 13, Tue 14, Wed 15, Thu 16, Fri 17 Sarbanes-Oxley and Basel II Compliance Training London, UK
    • February, Mon 20, Tue 21, Wed 22 and Thu 23, Fri 24 Sarbanes-Oxley Compliance Training London, UK
    • March, Mon 20, Tue 21, Wed 22 and Thu 23, Fri 24 Sarbanes-Oxley Compliance Training London, UK
    • April, Wed 26, Thu 27, Fri 28 Sarbanes-Oxley Compliance Training London, UK
    • May, Mon 15, Tue 16, Wed 17 and Thu 18, Fri 19 Sarbanes-Oxley Compliance Training London, UK
    • June, Mon 12, Tue 13, Wed 14, Thu 15, Fri 16 Sarbanes-Oxley and Basel II Compliance Training London, UK
    • June, Mon 19, Tue 20, Wed 21 and Thu 22, Fri 23 Sarbanes-Oxley Compliance Training London, UK
    • July, Mon 24, Tue 25, Wed 26 and Thu 27, Fri 28 Sarbanes-Oxley Compliance Training London, UK
    • August, Mon 21, Tue 22, Wed 23 and Thu 24, Fri 25 Sarbanes-Oxley Compliance Training London, UK
    • September, Mon 18, Tue 19, Wed 20 and Thu 21, Fri 22 Sarbanes-Oxley Compliance Training London, UK
    • October, Mon 23, Tue 24, Wed 25 and Thu 26, Fri 27 Sarbanes-Oxley Compliance Training London, UK
    • November, Mon 20, Tue 21, Wed 22 and Thu 23, Fri 24 Sarbanes-Oxley Compliance Training London, UK

    Middle East, Canada, Germany, France, Italy:
    Intelligence Secured
    Intelligence Secured, Mauds Court, Long Lane, Tendring, Essex CO16 OBG, UK Tel: 44 (0) 1206 790250
    Email: info_at_intelligence-secured.com

    • November Sat 19, Sun 20, Mon 21 Sarbanes-Oxley Compliance Training Manama, Bahrain
    • December Mon 12, Tue 13, Wed 14 Sarbanes-Oxley Compliance Training Kuwait City, Kuwait
    • December Mon 19, Tue 20, Wed, 21 Basel II Compliance Training Riyadh, Saudi Arabia
    • January Sat 7, Sun 8, Mon 9 Basel II Compliance Training Dubai, U.A.E
    • February Sat 4, Sun 5, Mon 6 Basel II Compliance Training Manama, Bahrain
    • March Sat 4, Sun 5, Mon 6 Basel II Compliance Training Kuwait City, Kuwait
    • April Mon 3, Tue 4, Wed 5 Sarbanes-Oxley Compliance Training Frankfurt, Germany
    • May Mon 8, Tue 9, Wed 10 Sarbanes-Oxley Compliance Training Paris, France
    • June Sat 3, Sun 4, Mon 5 Basel II Compliance Training Dubai, U.A.E
    • July Sat 1, Sun 2, Mon 3 Sarbanes-Oxley Compliance Training Dubai, U.A.E
    • August Sat 5, Mon 6, Tue 7 Basel II Compliance Training Riyadh, Saudi Arabia
    • September Mon 4, Tue 5, Wed 6 Sarbanes-Oxley Compliance Training Toronto, Canada
    • October Sat 7, Sun 8, Mon 9 Basel II Compliance Training Dubai, U.A.E
    • November Sat 4, Sun 5, Mon 6 Basel II Compliance Training Muscat, Oman
    • December Mon 4, Tue 5, Wed 6 Sarbanes-Oxley Compliance Training Milan, Italy

    Singapore, Malaysia, Australia, Honk Kong, Taiwan, Thailand, Philippines, South Korea, New Zealand, Japan:
    Fusion Frontier
    Fusion Frontier, Enquiry hotline: 65 9383 7726
    Email: training_at_fusionfrontier.com

    There is a class every month. For more information please visit www.fusionfrontier.com

    • January, Mon 16, Tue 17, Wed 18 Sarbanes-Oxley Compliance Training Singapore
    • February Mon 27, Tue 28, Wed 1 March Sarbanes-Oxley Compliance Training Sydney
    • March, Tue 14, Wed 15, Thu 16 Sarbanes-Oxley Compliance Training Hong Kong
      The Netherlands:
      CIBIT
      CIBIT , Prof. Bronkhorstlaan 10-XII, 3720 AA Bilthoven, The Netherlands
      Tel: 31 30 230 89 00 Email: info_at_cibit.com

    November Wed 23, Thu 24 Sarbanes-Oxley Compliance Training Bilthoven, The Netherlands

    May Mon 22, Tue 23 Sarbanes-Oxley Compliance Training Bilthoven, The Netherlands

    In-company Training Courses
    Fully tailored training, presented exclusively for your own people.
    Saving time and money. George Lekatis will work on your premises or at a venue of your choice, on a fixed fee per day, for teams from 2 to 30.



  • Geia sou George
    Seminaria gia SOX diorganonode stin Ellada ??
    Thanks in advance
    Simos
    SAP Certified Basis Consultant



  • Simos,
    There will be a class in Athens Hilton during the summer.
    I will keep you informed.


Log in to reply