The Sarbanes- Oxley Act (SOX) was enacted in July 2002, largely in response to large public failures of corporate governance. Securities and Exchange Commission’s (SEC) rulings is that SOX Internal Controls must assure the secure, stable, and reliable performance of computer hardware, software, and SOX personnel connected to financial systems.
There are no pre-requisites.
Who should attend?
This course is intended for:
C – Level Executives
Information Security Directors, Managers and Professionals
Chief Risk and Compliance Officers
IT and Security Process Owners
Network, System and Security Administrators
Security and Management Consultants
This course is highly recommended for professionals from Supervisory Agencies, Central Banks, Financial Institutions, Commercial Banks, Investment Banks, Insurance Companies, Multinational Corporations.
What will you learn?
This course will help individuals understand both the spirit and practicality of the ACT.
Challenges will be highlighted and delegates will be taught the best practices that must be implemented to make their organisation compliant to the Law.
The Sarbanes Oxley Act
US federal legislation: Financial reporting or corporate governance?
The Sarbanes-Oxley Act of 2002: Key Sections
SEC, EDGAR, PCAOB, SAG
The Act and its interpretation by SEC and PCAOB
PCAOB Auditing Standards: What we need to know
Reports used to Validate SOX Compliant IT
Sections 302, 404, 906 and the three certifications
Sections 302, 404, 906: Examples and case studies
Committees and Teams
Project Team – Section 404: Reports to Steering
Steering Committee – Section 404: Reports to
Certifying Officers and cooperates with Disclosure
Disclosure Committee: Reports to Certifying
Officers and cooperates with Audit Committee
Certifying Officers and Audit Committee: Report to the Board of Directors
Deficiency in Design
Deficiency in Operation
Is it a Deficiency, or a Material Weakness?
Reporting Weaknesses and Deficiencies
Public Disclosure Requirements
Real Time Disclosures on a rapid and current basis?
Foreign Private Issuers (FPIs)
American Depository Receipts (ADRs)
Types of ADR programs
Internal Controls - COSO
The Internal Control — Integrated Framework by the COSO committee