Accounting, Audit & Controls

New cybersecurity risk management regulations for insurance companies are here. The National Association of Insurance Commissioners (NAIC) approved Insurance Data Security Model Law and the State of New York in March 2017 placed into effect Section 500 of Title 23 of the Official Compilation of Codes. "Computers, software, programming and algorithms are all parts of a cybersecurity risk program, but it is the interaction with the 'humans' that makes all the difference in world." NAIC's model law requires insurance organizations to have everything from information security program policies to incident response plans to specific breach notification procedures. Insurance organizations will also have to certify compliance to state insurance commissioners annually. Now that NAIC's model law is heading for adoption, it is important to learn how it might apply to your organization and what you can do now to start preparing for compliance.

This CPE course is focused on how to address Model Audit Rule (MAR) annual ICFR assessment and triennial enterprise risk management evaluation using the COSO frameworks (COSO 2013 and COSO ERM) and COBIT. This five session CPE course is designed for compliance managers, controllers, CFOs and others who have the responsibility for the insurance organization's internal control framework used in the NAIC Model Audit Rule compliance efforts. Examples are used which tie to the seventeen COSO principles. Reference is made to the various exhibits in the Financial Condition Examiners Handbook which drive the examination of compliance activities. Learn how to comply using a cost effective approach to address your compliance needs under the NAIC Model Audit Rule (MAR) requirements. These requirements concern both the annual filings but also the Insurance Commissioner's approach using the Financial Condition Examiners Handbook for the triennial exams.

The senior auditor needs to develop their skills to add value to the Audit Department. This focused 20 hour CPE virtual event helps the experienced internal auditor to understand the underlying concepts and principles that drive the practice of internal auditing. The attendees will learn the concepts that are behind audit planning, performance, reporting, and followup. It is ideal for senior auditors and those preparing to be an audit team manager. "Internal Audit Advanced Training" is the perfect CPE course to provide a focused review of advanced audit techniques. The advanced auditor must have tools in the following areas: - Essentials of providing internal audits, - Effective communication of internal audit findings, - risk-based internal audit planning and execution - Advanced audit fieldwork and interviewing methodologies, - Audit issue and audit fieldwork workpaper quality and review, - Manage corporate cultural change.

So, you've accepted a new position as an Internal Auditor; congratulations, and welcome to our world! Join us for a unique, interactive course that "walks you through" the Internal Audit process. The instructors focus on bringing out the "tradecraft" needed to be an effective and efficient internal auditor. "This course is not just for auditors or new auditors. It is for anyone who wants an understanding of the relationship between business objectives, risk, control, assessment and reporting." This comprehensive internal audit training course is for anyone who wants to have a strong base of knowledge and understanding of the essential audit and the personal skills to become a successful internal auditor. We present the "Audit Life Cycle":

Audits of "SOC" (System and Organization Control) have been in effect since May 1, 2017 through the implementation of AICPA Statement on Standards for Attestation Engagements (SSAE) 18. This standard replaced SSAE 16, just as SSAE 16 replaced SAS 70, and SAS 70 replaced SAS 44. This SOC audit standard requires the users of SOC audit reports to adjust their compliance programs to fit the SSAE 18 SOC standard. SSAE 18 is more comprehensive than the prior SOC standards. Learn the best practices for preparing, conducting and assessing SSAE 18 SOC audit reports from our highly experienced instructor who performs these activities. This program examines the details of the SOC audit process.from planning to performing to documenting to reporting. This valuable five-morning virtual CPE event is designed to evaluate SSAE 18 SOC requirements from all three viewpoints: - The Service Organization, - The External Auditor, - The Report User.

A Practical Approach to A-123 Compliance Programs Join us for a unique, interactive workshop that "walks you through" the latest update of The Green Book which now conforms to the Internal Control Integrated Framework (COSO 2013) from the Committee of Sponsoring Organizations of the Treadway Commission (COSO). This training is focused on the current Standards for Internal Control in the Federal Government as detailed in the GAO's Green Book. This sixteen hour CPE course provides you with the tools to implement a compliance program that is consistent with The Green Book. This compliance workshop is focused on the needs of the government entity that has to comply with the Green Book. This program covers the Who - What - Why - Where - How to Control. We look at the 17 principles-based approach presented in The Green Book. We make sure your program covers the 52 attributes concerning Green Book compliance.

"How can we implement a holistic approach to cybersecurity?" "What methodologies, policies, technologies, and specific tools can we deploy to prevent, detect and monitor cybersecurity threats"? "How can we build a more effective program?" As more data breaches are disclosed, cybersecurity is at the forefront of Boards, executives, employees and consumers. Breaches are a continuing threat to an organization's reputation through the disclosure of intellectual property and non-public, confidential information. Organizations must remain vigilant in their attempt to prevent a cyberattack and minimize the damage once it occurs. We must raise the awareness of threats and harden our defenses. As attacks develop, so do awareness and defensive tools. To help you be more proactive in maturing your cybersecurity program, we have created this training academy based on the best tips or applications to improve cybersecurity at your business.

Focuses on the skills need by professionals working on COSO 2013 compliance programs Our academy approach contains the relevant information which professionals will need to fulfill the "Internal Control Life Cycle" using the "top-down, risk-based" approach. We teach the background knowledge sources, provide advice on how to conduct risk assessments, discuss scoping, and review how to plan the assessment of an internal control framework. Risk management activities are the key process to determine the requirement of the ICFR assessment program. The program deliverables should lead to management's opining on the status of the internal control framework in reference to the SEC reporting requirements. We have created detailed workshop materials based on our experiences with the creation and validation of internal controls over financial reporting (ICFR). This 16 hour CPE course provides you with the tradecraft skills to implement a compliance program that is consistent with COSO 2013.

Join us for a unique, interactive workshop that "walks you through" the 2013 update of the Internal Control Integrated Framework (ICIF 2.0) of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). This course is for business professionals who work for public corporations that are required to comply with the Sarbanes-Oxley Act (SOX), as well as non-public organizations. Our comprehensive training is for anyone in audit, compliance, accounting, information technology, etc. who wants to obtain a solid understanding of the COSO internal controls that help organizations reduce risk. We present the roadmap to COSO compliance and documentation based on textbook approaches and real-world guidance from our client engagements. Each attendee will go home with a set of 36 documents that were used to create the workshop.

A Practical Approach to ERM "Effective risk management allows an organization to have the confidence to take risks." View latest COSO annoucements. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has updated to its Enterprise Risk Management - Integrated Framework in SEptember 2017. The update, Enterprise Risk Management - Aligning Risk with Strategy and Performance, is designed to address the needs of all organizations to improve their approach to managing new and existing risks as a way to help create, preserve, sustain, and realize value. Corporate Compliance Seminars' professionals have been involved in the design, implementation and assessment of risks for over 20 years. We have conducted assessments, audits and trained thousands of auditors, compliance professionals, IT personnel, executives and Audit Committees in the "textbook" and real-world approaches to managing risk.

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) updated the "Internal Control Integrated Framework (ICIF) in 2013. You can purchase the COSO documents from the AICPA Book Store. To purchase click here. This training seminar overviews the best practices for establishing and sustaining internal control for any organization including public companies under Sarbanes-Oxley (SOX). This two hour event is based on SOX compliance requirements and the latest guidance from the SEC, PCAOB, COSO and COBIT. This training seminar is one of several seminars and workshops we present concerning compliance with the Sarbanes-Oxley Act. This seminar provides a timely, two hour summary designed for controllers, C-level executives, finance managers, attorneys, IT professionals, CPAs, auditors and department heads. Learn how organizations can create and sustain internal control over financial reporting (ICFR).

Cybersecurity challenges demand that an organization face two facts. First, the protection of critical company and customer information is a business requirement to protect the company's reputation and enterprise value. Second, even the best programs will experience failure and expose some information the company would like to protect. We at Corporate Compliance Seminars believe confidence in security and privacy does not come from knowing nothing will happen; it is achieved by knowing all the things that can happen and preparing both proactive and reactive solutions. This holistic approach starts by understanding what is most important to Board Members and then structuring and supporting the cybersecurity program so that the organization is engineered to grow securely. Corporate Compliance Seminars provides Understanding Cybersecurity as a risk oversight training course for board members, executives, management personnel and auditors.

This training event gets the attendee ready to meet the challenges of a high-tech, global marketplace to lead small projects and create successes for organizations. Build a solid base of project management knowledge, best practices, techniques, and tools in this 4 hour CPE event that covers the entire project life cycle. The key to success for your COSO 2013 implementation project to have effective project management. The use of project management skills is needed by internal control specialists, accountants, auditors, information technology professionals, project leaders and managers. In this CPE seminar, you will review the critical practices and techniques that have been proven necessary for project management success. While aligned with the PMI framework, this seminar is specifically designed to focus on the needs of the new project leader. The attendee will acquire the knowledge on how to get projects started and how to be successful as a project leader.

Is your quality control framework leading to the creation of quality workpapers that supoport your audit reports? One of the goals of an internal audit project is to improve an organization's overall ability to function effectively. This goal is accomplished through the identification of control weaknesses, potential process improvements, and positive change opportunities. Audit workpapers facilitate this process by enabling auditors to document work performed from the planning stage to the final closing meeting. Workpaper objectives include: - Document the planning, performance, and review of audit work. - Provide the principal support for audit communication such as observations, conclusions, and the final report. - Facilitate third-party reviews and re-performance requirements. - Provide a basis for evaluating the internal audit activities quality control program.

"Effective risk management allows an organization to have the confidence to take risks." Risk management is a continuous, forward-looking process that is an important part of managing an organization, a technology project, or other project. Risk management should address issues that could endanger the achievement of critical business or project objectives. However, there are a number of consequences, if a proper strategy for identifying and managing business and/or project risks is hot taken: . It is easy to ignore risks when they are not identified, documented or tracked . Risks that are known to staff are often not known to management . Failures due to unforeseen risks can have a major impact This seminar will provide practical method(s) for systematically identifying risk types, categories, priorities, and impacts that will help you improve how to manage risks within an organization and/or a project.

A Practical Approach to Internal Controls The Green Book sets the standards for an effective internal control system for federal agencies and is a crucial safeguard over public resources. State, local, and quasi-governmental entities, as well as not-for-profit organizations, may adopt the new Green Book standards as a framework for an internal control system. This four hour CPE seminar provides an overview of the principles-based Green Book and of a system of internal controls which uses COSO 2013 framework as its basis. COSO 2013 defines internal controls as being within five components and seventeen principles. The education process covers the interrelationships presented within the COSO 2013 framework and how to approach the classification of controls within the framework. The Green Book has a different focus for compliance within the COSO framework in line within the governmental environment needs.

Fraud is a serious problem! Organizations need to prepare to investigate issues using forensic accounting techniques to provide reporting to oversight and compliance management. Any Internal Audit function needs support management's efforts to establish a culture that embraces ethics, honesty, and integrity. Internal Auditors assist management with the evaluation of internal controls used to detect or mitigate fraud, evaluate the organization's assessment of fraud risk, and are involved in any fraud investigations. What is forensic accounting and how does the Internal Audit function approach using forensic accounting technioques in fraud detection and investigation? This CPE Event provides an overview of the concepts along with the techniques and processes used by forensic accounting to identify whether fraud has occurred.

Are you getting the audit results within the Procurement-To-Pay business process? Auditing the Procurement Function is an important assignment for auditors and compliance departments. The seminar presents: · The definition, scope, and importance of purchase to pay process, · The core challenges of procurement process, · The important risk areas of fraud, ethics, and external factors, · Common risks, procedures, and internal controls at different stages of the purchase to pay process, · Procurement tactical and strategy planning. This training seminar looks at how world class organizations reduce costs. Procurement is usually the largest category of administrative expenditures. This seminar offers practical advice for auditing the procurement function, and it is intended to be of relevance for all types and sizes of organizations globally-in the private sector, the not-for-profit or charitable sectors, local and national government, and international organizations.

How is your audit department going to handle the post pandemic workplace? We've been thrust into the world of remote work. Join us to learn how audit, compliance and internal control professionals can overcome these new challenges and gain efficiencies through the effective use of technology. This timely course examines tools and techniques to win at remote auditing. We begin with a general description of the software tools. We then detail the Audit process, and provide specific guidance for how Audit and Compliance professionals are using these software tools and methods in their assessments. Here's what we'll discuss: - The case for remote auditing - Equipment and Software - Tools and Techniques - Audit Planning - Audit Fieldwork - Audit Reporting This session is designed to arm auditors with the tools necessary to manage the audit life cycle in this new remote working environment.

Are you getting the best talent and are you retaining it? Finding and retaining audit professionals is a daunting task. You write a winning job description, have some awesome interviews and hire a rockstar. But then after a few months, the star starts to fade. Could it be that you made a bad hire? Did you fail to adequately train your people? Or was it just not a good fit? The process of hiring, developing and keeping talent is a complex yet necessary part of the audit department's operations. The employer/employee relationship is a two way process that requires time and attention to be meaningful for both parties. After attending this session, participants will be able to: -Identify and describe the organization's culture -Evaluate the current goal setting process -Assess employees and identify top talent -Discuss the importance of the talent acquisition process -Discuss some retention techniques