• January 15 - 16, 2009
• Location:  Hong Kong

WHAT DO I GET FROM THIS COURSE?

• Detailed understanding of the complex Sarbanes-Oxley regulations, laid out in a clear and straightforward manner
• Equip yourself to lead or contribute to Sarbanes-Oxley strategic, financial or technical compliance projects
• Through numerous case studies and examples learn best practice for implementing key sections of the regulations
• Understand individual accountability and management responsibility under Sarbanes-Oxley
• Learn about the COSO framework and how to use it effectively
• Learn how to best implement Sarbanes-Oxley and align with other key compliance areas including Basel II and Operational Risk

WHO SHOULD ATTEND?

• Board of Directors
• IT and Information Security Directors, Managers and Professionals
• Chief Risk and Compliance Officers
• IT and Security Process Owners
• Network, System and Security Administrators
• IT Auditors
• IT, Security and Management Consultants

COURSE SUMMARY

Companies throughout Asia and the world must comply with the Sarbanes-Oxley regulations. Following the passage of the US Sarbanes-Oxley Act in 2002 (SOX), and subsequent introduction of regulations in Europe (E-SOX) and Japan (J-SOX), all companies listed on an exchange in these regions are required to comply.

Furthermore there are extremely important extraterritorial consequences. The Offshore Financial Centres (OFCs) must enact legislation to prove that they have an "equivalent level of regulation", to protect their auditors from being subject to a tough oversight regime.

The Sarbanes-Oxley Act was enacted following the corporate and accounting scandals surrounding Enron, Tyco International, Peregrine Systems and WorldCom. It requires corporate compliance with higher accounting standards, improved standards in corporate reporting and greater financial transparency.

President George Bush called it "the most far-reaching reforms of business practices since the time of Franklin D. Roosevelt".

This course will cover the detailed scope of the regulations, the COSO framework and how to best implement within your organisation for competitive advantage. The possibilities of outsourcing services, working with service providers and aligning compliance projects and regulations from other areas will all be considered.

Some of the issues specific to the Asia region include whistle-blowing, executive compensation and technology and operations. Your expert trainer George Lekatis will discuss how these are relevant you and your organisation.

Through informed discussion of the requirements and current issues, as well as relevant examples and case studies, the full impact, challenges and possibilities of these regulations in Asia will be brought to life.

Detailed Course Syllabus

The Sarbanes-Oxley Act

• The Need for Sarbanes-Oxley

• US federal legislation: Financial reporting or corporate governance?

• The Sarbanes-Oxley Act of 2002: Key Sections

• SEC, EDGAR, PCAOB, SAG

• The Act and its interpretation by SEC and PCAOB

• PCAOB Auditing Standards: What we need to know

• Management's Testing and Documentation

• Reports used to Validate SOX Compliant IT Infrastructure

• Documentation Issues

• Sections 302, 404, 906 and the three certifications

• Sections 302, 404, 906: Examples and case studies

• Management's Responsibilities

• Committees and Teams

• Project Team – Section 404: Reports to Steering Committee

• Steering Committee – Section 404: Reports to Certifying Officers and cooperates with Disclosure Committee

• Disclosure Committee: Reports to Certifying Officers and cooperates with Audit Committee

• Certifying Officers and Audit Committee: Report to the Board of Directors

• Control Deficiency

• Deficiency in Design and in operation

• Significant Deficiency and Material Weakness

• Is it a Deficiency, or a Material Weakness?

• Reporting Weaknesses and Deficiencies. Examples and Case Studies

• Public Disclosure Requirements

• Real Time Disclosures on a rapid and current basis?

• Whistleblower protection

• Rulemaking process

• Companies Affected. International companies. Foreign Private Issuers (FPIs)

• American Depository Receipts (ADRs)

• Types of ADR programs

• Employees Affected

• Effective Dates

Internal Controls - COSO

• The Internal Control — Integrated Framework by the COSO committee

• Using the COSO framework effectively

• The Control Environment

• Risk Assessment and Control Activities

• Information and Communication

• Monitoring

• Effectiveness and Efficiency of Operations

• Reliability of Financial Reporting

• Compliance with applicable laws and regulations

• IT Controls and Sarbanes-Oxley Act Relevance

• Program Development and Program Change

• Deterrent, Preventive, Detective, Corrective, Recovery

• Compensating, Monitoring and Disclosure Controls

• Layers of overlapping controls

Scope of Sarbanes-Oxley Project

• The most important challenge: The scope

• Discussing the scope with the external auditors

• Assumptions

• In or out of scope?

• Is it relevant to Sarbanes-Oxley?

• Using SOX as an excuse

• Computer Forensics Investigation?

• Business Intelligence?

• Business Continuity and Disaster Recovery?

Third-party service providers and vendors

• Redefining outsourcing

• Outsourcing services and Sarbanes-Oxley compliance

• The new definition of outsourcing

• Outsourcing after Sarbanes-Oxley

• Offshore outsourcing is also redefined

Global Reach of Sarbanes-Oxley

• Worldwide adoption of Sarbanes-Oxley

• The J-SOX and E-SOX directives adopted in Japan and Europe

• Implications of Sarbanes-Oxley in Asia

• How are Asian companies affected by Sarbanes-Oxley

• Efficient compliance for maximum business benefit

Sign up now!