Sarbanes-Oxley Compliance Training for IT and Information Security Professionals - 3 days

This course satisfies the COBIT requirements: PO 7.1, PO 7.2, PO 7.4, PO 10.12, DS 7.1, DS 7.2, DS 7.3

Move beyond COBIT Maturity Level 3

Target Audience:
IT and Information Security Directors, Managers and Professionals. Chief Risk and Compliance Officers. IT and Security Process Owners.

Duration:
3 Days, 09:00 to 17:00 each day. The third day from 17:15 to 19:00hrs we will discuss your issues and questions.

Course Synopsis:

The Sarbanes Oxley Act
The Need
The Sarbanes-Oxley Act of 2002: Key Sections
Companies Affected
Employees Affected
Effective Dates
SEC
EDGAR
PCAOB
The Sarbanes-Oxley Act and its interpretation by the PCAOB
The Vendors and the Sox Industry
Cost
Continuous Compliance
--------------------------------------------------------------------------------

Scope of Sarbanes Oxley Project
Computer Forensics Investigation?
Business Intelligence?
Business Continuity and Disaster Recovery?
--------------------------------------------------------------------------------

Internal Controls
The Internal Control Integrated Framework by the COSO committee
Using the COSO framework effectively
The control environment
Risk assessment
Control activities
Information and communication
Monitoring
Effectiveness and efficiency of operations
Reliability of financial reporting
Compliance with applicable laws and regulations
IT Controls
IT Controls and Sarbanes Oxley Act Relevance
Program Development and Program Change
--------------------------------------------------------------------------------

COSO Enterprise Risk Management (ERM) Framework
Internal Environment
Objective Setting
Event Identification
Risk Assessment
Risk Response
Control Activities
Information and Communication
Monitoring
--------------------------------------------------------------------------------

ERM Application Techniques
Core team preparedness
Executive sponsorship
Implementation plan development
Current state assessment
ERM Vision
Capability development
Change management development and deployment
Monitoring
Implementation plan
Likelihood Risk Ranking
Impact Risk Ranking
--------------------------------------------------------------------------------

COBIT - the framework that focuses on IT
Executive Summary
Management Guidelines
Framework
Control Objectives
Audit Guidelines
Implementation Toolset
Activities and Tasks
Processes
Domains
Information criteria
IT resources
IT processes
COBIT Cube
Maturity Models
Critical Success Factors (CSFs)
Key Goal Indicators (KGIs)
Key Performance Indicators (KPIs)
--------------------------------------------------------------------------------

Meeting the Information Security Requirements of SOX
SOX and Risk Assessments
IT Security
--------------------------------------------------------------------------------

The alignment of frameworks
COSO and COBIT
COSO ERM and COBIT
ITIL and COBIT
ISO/IEC 17799:2000 and COBIT
ISO/IEC 15408 and COBIT
COSO, COBIT and Sarbanes-Oxley Sections 302 and 404
--------------------------------------------------------------------------------

Testing, Reports and Documentation
Reports used to Validate SOX Compliant IT Infrastructure
Reporting Weaknesses and Deficiencies
Documentation Issues
SOX Testing
Records Retention
Real-time Disclosure
--------------------------------------------------------------------------------

Sarbanes Oxley and other regulations
European Answer to SOX
Integrating Sox IT security with GLBA, HIPAA and other regulations


The Instructor
--------------
George Lekatis is a senior risk and compliance consultant, certified trainer, and general manager of a firm that bears his name, specializing in risk management, Sarbanes-Oxley, Basel II, Data Protection Directive compliance from an IT and Security perspective, and training.

George has more than 16,000 hours experience as a professional speaker and seminar leader. Has worked for more than 10 years as an executive consultant and educator and has demonstrated exceptional presentation and communication skills.

A recognized expert, selected as spokesperson by MIS Institute and ISC2 Organizations, George has lectured at many international IT and information security conferences, and led security training seminars in Europe (Athens, Milan, Oxford, Utrecht, Dublin, Slovenia), the United States of America (Washington DC, Myrtle Beach SC, Boston MA), Asia (Dubai) etc. He also writes frequently for newspapers and magazines, and has been quoted / featured in articles, publications and television.

He has created a flexible Security Awareness and Training curriculum providing learning paths individually suited to the needs of each sector of organizations (executive management, IT, security, sales and marketing, administration).

George is Mathematician, Certified Information Systems Security Professional (CISSP), CISSP Lead Instructor, Steganography Investigator, Internet Security Systems (ISS) Certified in Internet Scanner, Database Scanner and System Scanner, Checkpoint Certified Security Administrator (CCSA), Microsoft Certified System Engineer certified in Windows NT and Windows 2000 (MCSE), Microsoft Certified Trainer (MCT).

George can be contacted via e-mail at lekatis@lekatis.com. For more information please visit www.lekatis.com.

Sarbanes-Oxley Awareness and Training: http://www.george-lekatis.net/compliance.html

Basel II Operational Risk Awareness and Training: http://www.george-lekatis.net/ComplianceBasel.html

Clients and Testimonials: http://www.george-lekatis.net/Clients.html



United Kingdom:
George Lekatis leads every month the course: Sarbanes-Oxley Compliance for IT and Information Security Professionals, 3 days in cooperation with Net-Security Training company
http://www.net-security-training.co.uk/
http://www.net-security-training.co.uk/courses/sarbanes-oxley.html
Net-Security Training, Elvin House, Stadium Way, Wembley, Middlesex, HA9 0DW,
Tel: 020 8900 9015 Email: info@net-security-training.co.uk
September: Mon/Wed 26 - 28
October: Mon/Wed 24 - 26
November: Mon/Wed 28 - 30

The Netherlands:
George Lekatis leads the course: Sarbanes-Oxley Compliance for IT and Information Security Professionals, 2 days in cooperation with CIBIT
http://www.cibit.nl/
http://www.cibit.nl/site.nsf/page/opleiding_security_home
CIBIT , Prof. Bronkhorstlaan 10-XII, 3720 AA Bilthoven, The Netherlands
Tel: +31 30 230 89 00 Email: info@cibit.com
November: Wed/Thu 23 - 24

Singapore, Malaysia, Australia, Honk Kong, Taiwan, Thailand, Philippines, South Korea,
New Zealand, Japan:
George Lekatis leads the course: Sarbanes-Oxley Compliance for IT and Information Security Professionals, 3 days in cooperation with Fusion Frontier
www.fusionfrontier.com
Fusion Frontier, Enquiry hotline: +65 9383 7726
Email: training@fusionfrontier.com
Singapore: September Wed/Fri 14 - 16
Sydney, Australia: October Wed/Fri 25 - 27
Honk Kong: November Sat/Mon 12 - 14


In-company Training Courses
The first choice for many companies. Fully tailored training
Presented exclusively for your own people.
Saving time and money.

George Lekatis will work on your premises or at a venue of your choice,
on a fixed fee per day, for teams from 2 to 30.