Click here for workshop application and schedule.

Audience: If you are an IT manager, systems engineer, IT support personnel or a Quality Assurance professional, these workshops are for you. Upon completion of each course you will have learned the principles, strategies and techniques that will aid you in the implementation of process and controls related to a given standard.

PROCESS ENGINEERING FOR COMPLIANCE WITH SARBANES-OXLEY 404

Overview: Section 404 of the Sarbanes-Oxley Act requires that the annual report of a publicly held corporation contain an internal control report. The internal control report should state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting. The report should contain an assessment of the effectiveness of the internal control structure and procedures for financial reporting. The Act requires that the auditor attest to and report on the assertion made by the management of the public corporation.

This course track is designed to aid companies in the implemention of processes and related controls that satisfy Sarbanes-Oxley requirements. Upon completion of this course you be able to document your existing processes, implement controls and automated workflows that will aid your organization if achieving certification under Sarbanes-Oxley 404.

Course Content Specifications:

• Corporate Management Process
• Human Resource Management Process
• Legal and Regulatory Management Process
• Project/Product Management Process
• Sub-contract Management Process Act
• System Development Life Cycle (SDLC) Management Process
• SDLC Quality Assurance Management Process
• Requirements and Contract Management
• Application Service Provider Management Process
• System Migration and Conversion Process
• Internet Service Provider Management Process
• Communication Service Provider Management Process
• Supply Chain Management Process
• Production Support
• Production Quality Control
• Customer Support Management
• Network Management Process
• Contingency Planning and Disaster Recovery Process
• Production Security Management
• Financial Reporting

PROCESS ENGINEERING FOR COMPLIANCE WITH AICPA SAS 70

Overview: The American Institute of Certified Public Accountants (AICPA) SAS 70 standards are designed to provide information and assurance to the auditors of the financial statements of the User Organization, to enable those auditors to satisfy the requirements of SAS 55 - Consideration of Internal Control in a Financial Statement Audit; to obtain and understanding of the entity's internal control to plan the audit and to assess control risk.

A SAS 70 report is primarily an auditor-to-auditor communication. The Service Auditors stands in the shoes of the User Auditors and performs procedures that the User Auditors might perform. The Service Auditors issue a report on the service organization's description of controls and whether the controls were placed in operations, suitably designed, and operating effectively.

This course track is designed to aid companies in the implemention of processes and related controls that satisfy SAS 70 requirements. Upon completion of this course you be able to document your company's processes, implement controls and automated workflows that will enable the company to achieve a clean opinion under the AICPA SAS 70 standards.

Course Content Specifications:

• Human Resource Management Process
• Legal and Regulatory Management Process
• Project/Product Management Process
• Sub-contract Management Process
• System Development Life Cycle (SDLC) Management Process
• SDLC Quality Assurance Management Process
• Requirements and Contract Management
• Application Service Provider Management Process
• System Migration and Conversion Process
• Internet Service Provider Management Process
• Communication Service Provider Management Process
• Supply Chain Management Process
• Production Support
• Production Quality Control
• Network Management Process
• Contingency Planning and Disaster Recovery Process
• Production Security Management
• Financial Reporting

PROCESS ENGINEERING FOR COMPLIANCE WITH ISO-9001-2000

Overview: The International Organization of Standards (ISO) was established in 1947 to facilitate international trade between member countries. ISO is a worldwide federation of national standards institutes from more than 140 countries. The American National Standards Institute (ANSI) is the United States representative at ISO. ANSI promotes the usage of U.S. standards and advocates them worldwide.

To date, ISO has developed and published thousands of standards for businesses and government. This course focuses on the ISO 9000 standards with application to information systems planning, development, maintenance and operations. The first version of ISO 9000 was published in 1987. It was revised and republished in 1994. ISO 9001-2000 is the latest version of the standards. In addition to changes in the structure of the standards, the following enhancements were made:

• The Quality Management System now focuses on business process rather than individual functional areas of and organization
• The standards was restructured to focus more on customer satisfaction than the earlier versions
• There is a requirement for continued process improvement
• The standards now requires evaluation of the effectiveness and suitability of the Quality Management System through gathering of statistical evidence
• The organization implementing ISO 9001-2000 is now referred to as "Organization". "Supplier" was the previous title.
• Requirements that do not apply to an organization may now be excluded.

Other companion ISO standards are:

• AS 9100 - Quality Management System requirements for aero space industry
• QS 9000 - Quality Management System requirements for the automotive industry
• ISO/TS 16949 - Technical Specification for the automotive industry
• ISO 14001 - Environmental Management System

This course track is designed to aid companies in implementing processes and related controls that satisfy ISO 9001-2000 requirements. Upon completion of this course you be able to document your existing processes, implement controls and workflows that will facilitate certification under ISO 9001-2000 Standards.

Course Content Specifications:

PROCESS ENGINEERING FOR COMPLIANCE WITH CAPABILITY MATURITY MODEL

Overview: The Capability Maturity Model (CMM) for Software is a model for judging the maturity of the software processes of an organization. CMM identifies key practices that are required to increase the maturity of software development processes. CMM was developed to:

• Address processes and disciplines that have an impact on software
• Provide an integrated process improvement reference models
• Build broad community consensus
• Harmonize with standards
• Enable efficient improvements across multiple disciplines

This course track is designed to aid companies in the implementation of processes and related controls that satisfy CMM requirements. Upon completion of this course you be able to document your existing processes, implement controls and workflows that will facilitate achievement of the appropriate capability.

Course Content Specification:

• Requirements Management Process
• Software Project Planning Process
• Software Project Tracking & Oversight Process
• Software Subcontract Management Process
• Software Quality Assurance Process
• Software Configuration Management Process
• Organization Process Focus
• Organization Process Definition
• Training Program
• Integrated Software Management
• Software Product Engineering
• Inter-group Coordination
• Peer Review
• Quantitative Process Management
• Software Quality Management
• Defect Prevention
• Technology Change Management
• Process Change Management