Sarbanes Oxley Training - course updated November 2005 1154
-
Sarbanes-Oxley Compliance Training
The impact on IT and Information Security
3 daysObjectives:
The seminar has been designed to provide with the knowledge and skills needed to understand and support Sarbanes-Oxley compliance.Target Audience:
This course is intended for:
C Level Executives
IT and Information Security Directors, Managers and Professionals
Chief Risk and Compliance Officers
IT and Security Process Owners
Network, System and Security Administrators
IT Auditors
IT, Security and Management ConsultantsDuration:
3 Days, 09:00 to 17:00 each day. The third day from 17:15 to 19:00hrs we will discuss your issues and questions.Course Synopsis:
The Sarbanes Oxley Act The Need US federal legislation: Financial reporting or corporate governance? The Sarbanes-Oxley Act of 2002: Key Sections SEC, EDGAR, PCAOB, SAG The Act and its interpretation by SEC and PCAOB PCAOB Auditing Standards: What we need to know Management's Testing Management's Documentation Reports used to Validate SOX Compliant IT Infrastructure Documentation Issues Sections 302, 404, 906 and the three certifications Sections 302, 404, 906: Examples and case studies Management's Responsibilities Committees and Teams Project Team Section 404: Reports to Steering Committee Steering Committee Section 404: Reports to Certifying Officers and cooperates with Disclosure Committee Disclosure Committee: Reports to Certifying Officers and cooperates with Audit Committee Certifying Officers and Audit Committee: Report to the Board of Directors Control Deficiency Deficiency in Design Deficiency in Operation Significant Deficiency Material Weakness Is it a Deficiency, or a Material Weakness? Reporting Weaknesses and Deficiencies Examples Case Studies Public Disclosure Requirements Real Time Disclosures on a rapid and current basis? Whistleblower protection Rulemaking process Companies Affected International companies Foreign Private Issuers (FPIs) American Depository Receipts (ADRs) Types of ADR programs Employees Affected Effective Dates Internal Controls - COSO The Internal Control Integrated Framework by the COSO committee Using the COSO framework effectively The Control Environment Risk Assessment Control Activities Information and Communication Monitoring Effectiveness and Efficiency of Operations Reliability of Financial Reporting Compliance with applicable laws and regulations IT Controls IT Controls and Sarbanes Oxley Act Relevance Program Development and Program Change Deterrent, Preventive, Detective, Corrective, Recovery, Compensating, Monitoring and Disclosure Controls Layers of overlapping controls COSO Enterprise Risk Management (ERM) Framework Is COSO ERM needed for compliance? COSO AND COSO ERM Internal Environment Objective Setting Event Identification Risk Assessment Risk Response Control Activities Information and Communication Monitoring The two cubes Objectives: Strategic, Operations, Reporting, Compliance ERM Application Techniques Core team preparedness Implementation plan Likelihood Risk Ranking Impact Risk Ranking COBIT - the framework that focuses on IT Is COBIT needed for compliance? COSO or COBIT? Corporate governance or financial reporting? Executive Summary Management Guidelines The Framework The 34 high-level control objectives What to do with the 318 specific control objectives COBIT Cube Maturity Models Critical Success Factors (CSFs) Key Goal Indicators (KGIs) Key Performance Indicators (KPIs) How to use COBIT for Sarbanes Oxley compliance The alignment of frameworks COSO and COBIT COSO ERM and COBIT ITIL and COBIT ISO/IEC 17799:2000 and COBIT ISO/IEC 15408 and COBIT COSO, COBIT and Sarbanes-Oxley Sections 302 and 404 Scope of Sarbanes Oxley Project The most important challenge: The scope Discussing the scope with the external auditors Assumptions In or out of scope? Is it relevant to Sarbanes Oxley? Using SOX as an excuse Computer Forensics Investigation? Business Intelligence? Business Continuity and Disaster Recovery? Software and Spreadsheets Is software necessary? Is software needed? When and why How large is your organization? Is it geographically dispersed? How many processes will you document? Are there enough persons for that? Selection process Spreadsheets It is just a spreadsheet Certain spreadsheets must be considered applications Development Lifecycle Controls Access Control (Create, Read, Update, Delete) Integrity Controls Change Control Version Control Documentation Controls Continuity Controls Segregation of Duties Controls Spreadsheets Errors Spreadsheets and material weaknesses Third-party service providers and vendors Redefining outsourcing Outsourcing services and Sarbanes Oxley compliance The new definition of outsourcing Outsourcing after Sarbanes Oxley Offshore outsourcing is also redefined Key risks of outsourcing What is needed from vendors and service providers SAS 70 Type I, II reports Advantages of SAS 70 Type II Disadvantages of SAS 70 Type II Working with vendors and service providers Sarbanes Oxley and other compliance projects European answer to SOX Integrating SOX IT security with other regulations Aligning Basel II operational risk and Sarbanes-Oxley 404 projects Common elements and differences of compliance projects New standards Multinational companies and compliance issues US federal legislation and state law. The US constitutional challenges From the 1929 Companies Act (UK) to the 1933 Securities Act (USA) to Sarbanes Oxley: The need to avoid a federal intrusion into state reserved matters Auditing in the USA and auditing in UK: Very important differences
United Kingdom:
Net-Security Training
Net-Security Training, Elvin House, Stadium Way, Wembley, Middlesex, HA9 0DW, Tel: 020 8900 9015 Email: info_at_net-security-training.co.uk- January, Mon 23, Tue 24, Wed 25 and Thu 26, Fri 27 Sarbanes-Oxley Compliance Training London, UK
- February Mon 13, Tue 14, Wed 15, Thu 16, Fri 17 Sarbanes-Oxley and Basel II Compliance Training London, UK
- February, Mon 20, Tue 21, Wed 22 and Thu 23, Fri 24 Sarbanes-Oxley Compliance Training London, UK
- March, Mon 20, Tue 21, Wed 22 and Thu 23, Fri 24 Sarbanes-Oxley Compliance Training London, UK
- April, Wed 26, Thu 27, Fri 28 Sarbanes-Oxley Compliance Training London, UK
- May, Mon 15, Tue 16, Wed 17 and Thu 18, Fri 19 Sarbanes-Oxley Compliance Training London, UK
- June, Mon 12, Tue 13, Wed 14, Thu 15, Fri 16 Sarbanes-Oxley and Basel II Compliance Training London, UK
- June, Mon 19, Tue 20, Wed 21 and Thu 22, Fri 23 Sarbanes-Oxley Compliance Training London, UK
- July, Mon 24, Tue 25, Wed 26 and Thu 27, Fri 28 Sarbanes-Oxley Compliance Training London, UK
- August, Mon 21, Tue 22, Wed 23 and Thu 24, Fri 25 Sarbanes-Oxley Compliance Training London, UK
- September, Mon 18, Tue 19, Wed 20 and Thu 21, Fri 22 Sarbanes-Oxley Compliance Training London, UK
- October, Mon 23, Tue 24, Wed 25 and Thu 26, Fri 27 Sarbanes-Oxley Compliance Training London, UK
- November, Mon 20, Tue 21, Wed 22 and Thu 23, Fri 24 Sarbanes-Oxley Compliance Training London, UK
Middle East, Canada, Germany, France, Italy:
Intelligence Secured
Intelligence Secured, Mauds Court, Long Lane, Tendring, Essex CO16 OBG, UK Tel: 44 (0) 1206 790250
Email: info_at_intelligence-secured.com- November Sat 19, Sun 20, Mon 21 Sarbanes-Oxley Compliance Training Manama, Bahrain
- December Mon 12, Tue 13, Wed 14 Sarbanes-Oxley Compliance Training Kuwait City, Kuwait
- December Mon 19, Tue 20, Wed, 21 Basel II Compliance Training Riyadh, Saudi Arabia
- January Sat 7, Sun 8, Mon 9 Basel II Compliance Training Dubai, U.A.E
- February Sat 4, Sun 5, Mon 6 Basel II Compliance Training Manama, Bahrain
- March Sat 4, Sun 5, Mon 6 Basel II Compliance Training Kuwait City, Kuwait
- April Mon 3, Tue 4, Wed 5 Sarbanes-Oxley Compliance Training Frankfurt, Germany
- May Mon 8, Tue 9, Wed 10 Sarbanes-Oxley Compliance Training Paris, France
- June Sat 3, Sun 4, Mon 5 Basel II Compliance Training Dubai, U.A.E
- July Sat 1, Sun 2, Mon 3 Sarbanes-Oxley Compliance Training Dubai, U.A.E
- August Sat 5, Mon 6, Tue 7 Basel II Compliance Training Riyadh, Saudi Arabia
- September Mon 4, Tue 5, Wed 6 Sarbanes-Oxley Compliance Training Toronto, Canada
- October Sat 7, Sun 8, Mon 9 Basel II Compliance Training Dubai, U.A.E
- November Sat 4, Sun 5, Mon 6 Basel II Compliance Training Muscat, Oman
- December Mon 4, Tue 5, Wed 6 Sarbanes-Oxley Compliance Training Milan, Italy
Singapore, Malaysia, Australia, Honk Kong, Taiwan, Thailand, Philippines, South Korea, New Zealand, Japan:
Fusion Frontier
Fusion Frontier, Enquiry hotline: 65 9383 7726
Email: training_at_fusionfrontier.comThere is a class every month. For more information please visit www.fusionfrontier.com
- January, Mon 16, Tue 17, Wed 18 Sarbanes-Oxley Compliance Training Singapore
- February Mon 27, Tue 28, Wed 1 March Sarbanes-Oxley Compliance Training Sydney
- March, Tue 14, Wed 15, Thu 16 Sarbanes-Oxley Compliance Training Hong Kong
The Netherlands:
CIBIT
CIBIT , Prof. Bronkhorstlaan 10-XII, 3720 AA Bilthoven, The Netherlands
Tel: 31 30 230 89 00 Email: info_at_cibit.com
November Wed 23, Thu 24 Sarbanes-Oxley Compliance Training Bilthoven, The Netherlands
May Mon 22, Tue 23 Sarbanes-Oxley Compliance Training Bilthoven, The Netherlands
In-company Training Courses
Fully tailored training, presented exclusively for your own people.
Saving time and money. George Lekatis will work on your premises or at a venue of your choice, on a fixed fee per day, for teams from 2 to 30.
-
Geia sou George
Seminaria gia SOX diorganonode stin Ellada ??
Thanks in advance
Simos
SAP Certified Basis Consultant
-
Simos,
There will be a class in Athens Hilton during the summer.
I will keep you informed.