Monday, May 14, 2007
     

San Francisco ISACA Chapter presents a unique and relevant education event instructed by MISTI (MIS Training Institute).

7 Hours of CPE Credit -  Seating is limited

THIS EVENT IS FULL -

NO REGISTRATIONS BEING TAKEN.

 

SESSION TITLE

Sarbanes-Oxley for IT Auditors

SCHEDULE
Check In:
8:00 a.m. - 8:30 a.m.
Session:
8:30 a.m. - 4:30 p.m.
PWC Presentation
4:30 p.m. - 5:30 p.m.

 

DESCRIPTION

Although the Sarbanes-Oxley Act may appear to be directed at financial auditors, its  ramifications directly affect IT auditors as well. The primary objective of the  Act is to assure the integrity of the organization's financial statements and a  key aspect of that integrity is the control and security of the financial  systems and IT infrastructure that supports those systems. When your CEO and CFO  sign off on the firm's annual reports, they are stating that the organization’s  financial systems have appropriate controls and security to assure that the  resulting financial statements are reliable. IT audit can, and should, play a  major role in helping management achieve Sarbanes-Oxley compliance.

To that end, Control Objectives for Information and related Technology (COBIT®), the internationally recognized set of IT management best practices and control objectives, provides a powerful framework for IT governance, control and audit. COBIT offers IT management an effective tool for controlling IT operations and provides IT auditors with an efficient way to assess the resulting IT control environment. Because COBIT links control objectives to the business framework, it can be used as a guide for ensuring appropriate control coverage.

This full-day seminar has been designed to provide IT auditors with the know-how they need to tackle Sarbanes-Oxley compliance for IT-specific areas. You will cover the key requirements of the Act as they apply to internal control assessments, including PCAOB Auditing Standard #2, and examine control framework methodologies that should be employed to help establish control requirements for Sarbanes-Oxley compliance. You will pay particular attention to the COBIT 4.0 control framework and zero in on how you can use this standard for evaluating the effectiveness of IT-related controls for complying with Sarbanes-Oxley. You will gain detailed information about how to approach an audit of IT application and infrastructure controls, focusing on planning, on the critical areas for review, and on performing compliance audits. In addition, you will explore available tools and techniques you can use to provide required supporting control documentation. You will leave this intensive seminar ready to develop a strategy for ensuring that your IT organization is Sarbanes-Oxley compliant.

 

INSTRUCTOR

Richard H. Tarr, CIA, CISA is an audit and information systems consultant and President of Richard Tarr and Associates, a consulting practice that specializes the development of and training in integrated internal auditing functions, quality assurance reviews, application and general control reviews, strategic planning, business continuation planning, project management, and Sarbanes-Oxley testing and compliance.

A 28-year audit and IT veteran, he has extensive audit and IT experience and has managed complex development projects as well as participated in the design and acquisition of software and hardware architectures for both centralized and distributed environments. He has specialized in the development, training, and evaluation of internal audit departments in both government and industry. Mr. Tarr has also conducted over 50 quality assessment reviews and provided training and consulting services to numerous Fortune 500 companies, government agencies, and universities.

Previously with the Walt Disney Company, he initiated and developed the information systems audit function, and served as the Corporate Information Systems Audit Manager.  Mr. Tarr was a senior systems engineer with Electronic Data Systems (EDS), where he designed and implemented applications for financial industry clients. He has started and managed corporate audit functions, managed information systems development project teams and has supervised programming staffs in both government and industry. He was the Manager of Quality Assurance Review for the Institute of Internal Auditors (IIA) and is has authored two publications on establishing internal audit activities.

Among the seminars Mr. Tarr teaches for MIS are IT Auditing and Controls, How to Audit Automated Business Applications, Advanced Business Applications Auditing and Testing, and How to Perform a General Controls Review. He also teaches Fundamentals of Internal Auditing, Advanced Auditing for In-Charge Auditors, Data Driven Auditing: A Business Approach, Testing for Sarbanes-Oxley Compliance, and numerous other Sarbanes-Oxley training courses.

REGISTRATION
FEES
Please note this event includes lunch. Registration fee is for the same for members and non-members alike.

  • $150 – on or before April 30

  • $175 - after April 30

NOTE:  If after submitting your reservation you determine that you need to cancel your reservation for any session, please do so at least 72 hours prior to the event by contacting the registration chairperson, Tim Sauer, at either: tim@landerint.com or (510) 232-4264 x24.

Please do not be a 'no show'.  Our Chapters are billed for reservations made with our facilities provider and we will have to pass the charges on to you.  Thanks for your cooperation!!!
      

LOCATION
 
PricewaterhouseCoopers
3 Embarcadero Center, 20th Floor
San Francisco, CA 94111

Transportation:  The closest Muni/Bart station is Embarcadero and there's a parking lot on Clay Street that offers an early bird special at a rate of $17.50.