Sarbanes Oxley and Basel II Training 1046
-
Course Title:
Sarbanes Oxley and The New Basel Capital Accord (Basel II): Compliance Training - Impact on IT and Information Security
5 daysObjectives:
The seminar has been designed to provide IT and information security professionals with the knowledge and skills needed to understand and support Sarbanes Oxley and Basel II operational risk compliance. The seminar is tailored to meet specific needs and is presented in clear terms using analogies, examples and case studies.Target Audience:
This course is intended for:
*IT and Information Security Directors, Managers and Professionals
*Chief Risk and Compliance Officers
*IT and Security Process Owners
*Network, System and Security Administrators
*IT Auditors
*IT, Security and Management Consultants
This course is highly recommended for IT professionals from Supervisory Agencies, Central Banks, Financial Institutions, Commercial Banks, Investment Banks, Insurance Companies, Multinational Corporations.Duration:
5 Days, 09:00 to 17:00.Course Synopsis:
The Sarbanes Oxley Act
The Need
The Sarbanes-Oxley Act of 2002: Key Sections
Companies Affected
Employees Affected
Effective Dates
SEC
EDGAR
PCAOB
The Sarbanes-Oxley Act and its interpretation by the PCAOB
The Vendors and the Sox Industry
Cost
Continuous ComplianceThe Bank for International Settlements (BIS)
From the Young Plan (1930) to Basel II
In the 1970s and 1980s: Managing cross-border capital flows
Regulatory supervision of internationally active banksFirst Basel Capital Accord
Committee on Banking Regulations and Supervisory Practices
Formulating broad supervisory standards and guidelines
Important objectives
1980s: The capital ratios of the main international banks are deteriorating
December 1987: The Basel Capital Accord approved by the G10The New Basel Capital Accord (Basel II)Realigning the regulation with the economic realities of the global banking markets
New capital adequacy framework replaces the 1988 Accord
Improving risk and asset management to avoid financial disasters
‘Sufficient assets’ to offset risks
The technical challenges for both banks and supervisors
How much capital is necessary to serve as a sufficient buffer?
The three-pillar regulatory structure
Companies Affected
Employees Affected
Milestones
Effective Dates
Framework for internal control systems
COSO and Sarbanes Oxley Act
The framework for internal control systems in banking organizations - Basel Committee on Banking Supervision
The 13 Principles for the Assessment of Internal Control Systems
The 13 Principles and COSO
Types of control breakdowns typically seen in problem bank cases
The objectives and role of the internal controls framework
The major elements of an internal control process
Evaluation of internal control systems by supervisory authorities
Role and responsibilities of external auditors
Supervisory lessons learned from internal control failures
The Internal Control Integrated Framework by the COSO committee
Using the COSO framework effectively
The control environment
Risk assessment
Control activities
Information and communication
Monitoring
Effectiveness and efficiency of operations
Reliability of financial reporting
Compliance with applicable laws and regulations
IT Controls
IT Controls and Sarbanes Oxley Act Relevance
Program Development and Program ChangeCOSO Enterprise Risk Management (ERM) Framework
Internal Environment
Objective Setting
Event Identification
Risk Assessment
Risk Response
Control Activities
Information and Communication
Monitoring
ERM Application Techniques
Core team preparedness
Executive sponsorship
Implementation plan development
Current state assessment
ERM Vision
Capability development
Change management development and deployment
Monitoring
Implementation plan
Likelihood Risk Ranking
Impact Risk RankingCOBIT - the framework that focuses on IT
Executive Summary
Management Guidelines
Framework
Control Objectives
Audit Guidelines
Implementation Toolset
Activities and Tasks
Processes
Domains
Information criteria
IT resources
IT processes
COBIT Cube
Maturity Models
Critical Success Factors (CSFs)
Key Goal Indicators (KGIs)
Key Performance Indicators (KPIs)The alignment of frameworks
COSO and COBIT
COSO ERM and COBIT
ITIL and COBIT
ISO/IEC 17799:2000 and COBIT
ISO/IEC 15408 and COBIT
Meeting the Information Security Requirements of Sarbanes Oxley and Basel II
Approaches to risk management
Qualitative approach
Quantitative approach
Information security principles and best practices
Defining the data that will need to be captured, stored and analyzed to comply with Sarbanes Oxley and Basel II
IT and the changes demanded by the business
Capturing, analyzing, integrating and reducing risk
Evaluating current systems and processes
Change and configuration management
Common risk indicators
Operational Risk and Basel II
The evolving importance of operational risk
Operational risk management - Basle Committee on Banking Supervision
Definition of operational risk
Risk monitoring
Control of operational risk
The BIS approach to operational risk
Operational risk framework
Operational risk management approaches
Operational risk sound practices
Operational risk mitigation
Operational risk measurement methodologies
Risk-adjusted performance measures
Capital allocation and risk management schemes
The factor of uncertainty in assessing risks
Basic Indicator Approach (BIA)
Standardized Approach
Advanced Measurement Approaches (AMA)
Recognition of the firms’ own modelling of operational risk losses
Weak banks, internal and external audit and sound practices for operational risk
Self assessments Basel II and Sarbanes Oxley compliance
Internal and external auditTesting, Reports and Documentation
Reports used to validate compliant IT Infrastructure
Reporting weaknesses and deficiencies
Testing and Documentation Issues
Records Retention
Real-time Disclosure
Aligning Basel II operational risk and Sarbanes-Oxley 404 projects
The general expectations around Sarbanes Oxley and Basel
Prevent major corporate control failures
From ensuring the overall safety and soundness of banks (Basel) to restoring investor confidence (Sarbanes Oxley)
From the under construction since the 1998 approach (Basel II) to the Sarbanes Oxley deadlines
From the choice of risk management sophistication (Basel) to the specific SEC and PCAOB rules (Sarbanes Oxley)
Board review and approval
Independent and effective internal audit
Management responsibility
Management’s commitment to the implementation of the framework
Control objectives
Risk identification and assessment
Risk monitoring
Risk reporting
Risk mitigation
Continuity plans
Sufficient public disclosure
Documentation
Effectiveness design and operation
Fraud
An industry-wide challenge: Reporting on operational risk
Connecting the dots
Implementation issues
Sarbanes Oxley implementation in the world
Domestic and Foreign approach
Basel II implementation in EU and Europe
Basel II implementation in the United States
Basel II implementation in Asia and Australia
Basel II implementation in Canada and South America
Basel II implementation in Africa and other regions of the world
Banks not subject to Basel II
Impact of Sarbanes Oxley and Basel IIIntegrating Basel II compliance with Sarbanes-Oxley, GLBA and other regulations
Scope and framework of the compliance project
Assumptions
Sarbanes Oxley and Basel II
Compliance issues
There is only one Sarbanes Oxley act but there are many different Basel II frameworks the issue of discretion to individual jurisdictions for Basel II implementation
Markets in Financial Instruments Directive (MiFID) - designed to produce a single European market in financial services
New standards
The different testing and documentation plan
International Partners
United Arab Emirates, Middle East:
Intelligence Secured
Mauds Court, Long Lane, Tendring, Essex CO16 OBG, United Kingdom
Tel: 44 (0) 1206 790250
Fax: 44 (0) 87000 52567
Email: info_at_intelligence-secured.comUnited Kingdom:
Net-Security Training company
Elvin House, Stadium Way, Wembley, Middlesex, HA9 0DW, United Kingdom
Tel: 020 8900 9015
Email: info_at_net-security-training.co.ukSingapore, Malaysia, Australia, Honk Kong, Taiwan, Thailand, Philippines, South Korea,
New Zealand, Japan:
Fusion Frontier
Fusion Frontier, Enquiry hotline: 65 9383 7726
Email: training_at_fusionfrontier.com