Corporate Compliance Seminars
HOME ABOUT CCS CONTACT CCS Weekly Virtual Events Calender
Corporate Compliance Seminars
Corporate Compliance Seminars (CCS) is the source for continuing professional education (CPE) credits concerning internal auditing, external auditing, internal controls, Cybersecurity programs, COSO frameworks, PCAOB audit issues and project management training events.

CCS presents our courses in-person, virtually with an instructor, or by on-demand delivery.
Corporate Compliance Seminars Corporate Compliance Seminars - Left Menu, General Pages

Weekly & Biweekly Events Calendar


Auditor Tradecraft Skills Events
Active Listening
Ask, Get, Perform
Audit Sampling
Auditing Social Media
Auditors Know IT
Awesomeness
Conflict Resolution
Ethics
Talent Management
Remote Auditing

Auditor Focused Events
Overview
Art of Audit Report Writing
Ask, Get, Perform
Auditing Social Media
Auditor 101
Auditor 201
Audit Advanced Training
Audit Basic Training
Audit Sampling
Conflict Resolution
Continuous Auditing
Cybersecurity Tools
Ethics CIA, CPA, CFE
Forensic Accounting
"Frauditing"
IT General Controls
Managing Audit Quality
PCAOB Events
Auditing Procure to Pay
PMP Academy
SOX for the CPA
SSAE SOC Audits
Understanding Cyber Risks

 

Weekly & Biweekly Events
Auditor 101
Auditor 201
Audit Committee
Audit Report Writing
Audit Sampling
Auditing Procure to Pay
Conflict Resolution
Continuous Auditing
COSO ICFR
Ethics
Forensic Accounting
"Frauditing"
Green Book Standards
Improving Risk ID
IT General Controls
Managing Audit Quality
Risk ID
Project Management
SOX for CPAs
Understanding Cyber Risks
Understanding COSO
World Class ERM

PCAOB Auditor Focused Events
PCAOB Inspection Recap
PCAOB Inspections B-D
PCAOB Tradecraft
PCAOB Standards
PCAOB AS 2315
Substantive Testing
Control Testing
Dual-Purpose Testing
PCAOB AS 2501

On-Demand Events
PCAOB Inspection Recap PCAOB AS 2501

Periodic Multi-Day CPE Events

Internal Control Focused Events

Using COSO Training
COSO Training
Cybersecurity Tools
Green Book Training
SSAE SOC Training

Auditor Focused Events

I/A Basic Training
I/A Advanced Training
SSAE SOC Training

Insurance Industry Events

NAIC MAR Programs
NAIC MAR Compliance
NAIC CyberSecurity

CPA & Other Events

PCAOB Tradecraft
Project Management
SSAE SOC Training

Cybersecurity Focused Events
Understanding Cyber
Cybersecurity Tools
NAIC CyberSecurity
Project Management

Banking Industry Virtual Events
AML/BSA Basics
Banking Fraud Prevention
Compliance Failures
Employee Fraud at Banks
FinCEN's CDD Rule
Red Flags & High Risk AML
Identity Issues in Banking


PCAOB Auditor Focused Events Focused Events
Audit Sampling Techniques
PCAOB Inspection Recap
PCAOB Inspections B-D
PCAOB Tradecraft
PCAOB Standards
PCAOB AS 2315
Substantive Testing
Control Testing
Dual-Purpose Testing
PCAOB AS 2501
SSAE SOC Training

Auditor Focused Events

Internal Control Focused Events

Information Technology Focused Events

Insurance Industry Focused Events


Events in the Archives
Auditor 301
Auditing Cyber
Broker Dealer Audits
Cyber Assessments Banks
COSO 2013: The Sequel
Cyber Programs
FCPA
I/A Basics for Banks
I/A Basics for Insurance
Inspection Reviews
Managing Requirements
OMB A-123
Quality-Audits

The Instructors

John Blackshire
David Marshall
Robert Berry
C.S. Colvin
Tom Derise
Elliot Fisch
Jim George
Dave Kent
Amar Saini
Henry Schneider
Don West
Tom Wickes
Stanley I. Yaker

Business Partners

Infotech Global
The Accountware Group.
 

Organizations Attending Seminars




Links to Professional Organizations

IIA
AICPA
ISACA
COSO
AAA
ACFEI
ACT
ASMC
AFWA
ASQ
AWSCPA
ACAMA
ACAUS
ACUA
ACUIA
AGA
AHIA
ALGA
APPFA
BAI
BAP
CIMA
CCIA
CHEIA
CUIAA
DSP
GFOA
HFMA
IMA
IAFCI
INTOSAI
ISO
NABA
NACA
NASBA
NCCPAP
NACUBO
NACUSAC
NASBO
NASACT
NISAPA
NSA
SCCE


Insurance Industry Virtual Event

NAIC Cybersecurity Model Law Academy - 12 CPEs



Offered periodically on Wednesday-Friday in 2021

Find Next Event Now

New cybersecurity risk management regulations for insurance companies are here. The National Association of Insurance Commissioners (NAIC) approved Insurance Data Security Model Law and the State of New York in March 2017 placed into effect Section 500 of Title 23 of the Official Compilation of Codes.

"Computers, software, programming and algorithms are all parts of a cybersecurity risk program, but it is the interaction with the 'humans' that makes all the difference in world."

NAIC's model law requires insurance organizations to have everything from information security program policies to incident response plans to specific breach notification procedures. Insurance organizations will also have to certify compliance to state insurance commissioners annually. Now that NAIC's model law is heading for adoption, it is important to learn how it might apply to your organization and what you can do now to start preparing for compliance.

This event focuses on describing the effective components of a modern cybersecurity risk management program. The attendees will be prepared to start the evaluation of an existing program. They will then be able to discuss with senior management, the audit committee, and the board of directors how to proceed in improving cybersecurity risk management. We consider five main components of an effective risk management program: data, control implementation, verification, breach preparedness and risk management.

Follow the below links for these regulations in HTML format on this website:
. 23 NYCRR 500 - NYS DFS Cybersecurity Regulation
. NAIC Data Security Model Law

This comprehensive training course is for anyone who wants to have a strong base of knowledge and understanding of the essentials of cybersecurity risk management program.

This timely, three morning CPE virtual training is designed for the project director, project leader and individuals who have to create effective cybersecurity program and the related documents for an insurance organization. Each attendee will go home with a set of 35 documents that were used to create the academy.

Follow the below links for further detail information:
. Seminar Highlights
. Learning Objectives
. Key Issues on the Agenda
. Table of Contents - Insurance Data Security Model Law
. Table of Contents - New York State Department of Financial Services 23 NYCRR 500

Each attendee will receive 12 CPE Hours.

The retail cost of this CPE seminar is $645.00 for the first attendee from a single organization. Discounts are available for more than one attendee from each organization: (2) $1,200.00 (3) $1,750.00 (4) $2,275.00 (5) $2,775.00.

To reserve your space, click here on "SIGN-UP NOW!". You have to complete the registration form and use the corresponding "Submit Registration Form and Move to Payment Options Page" button for filing the registration and moving to the payment page.

Each attendee will receive 12 CPE Hours (YB). A certificate of completion will be provided.

Program Level of Understanding: Basic
Prerequisites: None
Advance Preparation: None
Delivery Format: Group Internet Based
NASBA Field(s) of Study: Auditing, Information Technology
CPE Credits: 12, based on 50 minutes of instruction per hour

Testimonials:

View Testimonials from prior CCS attendees.

 Upcoming Virtual NAIC Cybersecurity Model Law Training Academies:

Day - Date
Event Timing
April
19-23
2021
Webinar Presentation
Wednesday-Friday, April 21-23, 2021 Daily 10:00 a.m. - 2:45 p.m. Central Time
......

Signup Now

Lunch 12:00 to 12:30
May
24-28
2021
Webinar Presentation
Wednesday-Friday, May 26-28, 2021 Daily 10:00 a.m. - 2:45 p.m. Central Time
......

Signup Now

Lunch 12:00 to 12:30
June 28 -
July 2
2021
Webinar Presentation
Wednesday-Friday, June 30 - July 2, 2021 Daily 10:00 a.m. - 2:45 p.m. Central Time
......

Signup Now

Lunch 12:00 to 12:30
July
26-30
2021
Webinar Presentation
Wednesday-Friday, July 28-30, 2021 Daily 10:00 a.m. - 2:45 p.m. Central Time
......

Signup Now

Lunch 12:00 to 12:30
August
23-27
2021
Webinar Presentation
Wednesday-Friday, August 25-27, 2021 Daily 10:00 a.m. - 2:45 p.m. Central Time
......

Signup Now

Lunch 12:00 to 12:30
October
25-29
2021
Webinar Presentation
Wednesday-Friday, October 27-29, 2021 Daily 10:00 a.m. - 2:45 p.m. Central Time
......

Signup Now

Lunch 12:00 to 12:30

top of page

Seminar Highlights

. What are the NAIC goals with this Act?
. How does this Act compare to New York State Regulation Section 500?
. Which organizations fall under the Act's provisions?
. What is the definition of "cybersecurity event".
. What is contained in an "Information Security Program".
. What is nonpublic information under an information security program?
. What is "publicly available information"?
. How do you approach creating a cybersecurity risk assessment?
. What are the eleven enumerated security measures?
. What does continuous monitoring mean?
. What Board of Director's oversight is required?
. What certficiation is required?

top of page

Learning Objectives

- Attendees will see how cybersecurity is an evolving art.
- Attendees will understand risk assessment from the cybersecurity viewpoint.
- Attendees will have examples for the minimum standards.
- Attendees will know the components in an effective information security program.
- Attendees will have an approach to controls at third party providers.
- Attendess will have a example incident reporting and notification plan.

top of page

Key Issues on the Agenda

Introduction and Overview
. About Us and About Your Instructors
. Who are You?
. What are Your Needs?
. What is "Cybersecurity"?
. This is War!
. Myths!
. Key Players in Cyber Risk Standards

Section 1 - Concepts and Definitions
. What is "Information Technology"?
. Risk Appetite
. Risk Tolerance
. What is an "Information Security Program"?
. What is "Non-Public Information"?
. The NAIC's 12 Principles of Cybersecurity
. SIFMA Principles of cybersecurity Regulation
. Insurance Data Security Model Law by Section
. New York State Section 500
. Comparison of NAIC to Section 500

Section 2 - Initiating the Improvement of an Information Security Program (ISP)
. NAIC Model Law Section 4a - Implementation of an ISP
. SLCA - Creating the Appropriate Environment
. Where did the "Current State" come from?
. How good is our Risk Assessment?
. NAIC Model Law Section 4b - Objectives of an ISP
. What questions do you start with?
. Cyber Threats by the Numbers
. NAIC Model Law Section 4e - Oversight by the Board of Directors
. Key Principles of Cyber Risk Oversight per the NACD
. NAIC Model Law Section 4f - Oversight of Third-Party Service Providers
. NAIC Model Law Section 4h - Incident Response Plan

Section 3 - Define the Problems and Opportunities
. The Effects of "Moore's Laws"
. SLCA - Program Management
. The Usual Suspects - Cyber Security Issues . Measuring the Maturity of Internal Controls
. Internal Breaches
. External Breaches
. Business Alignment Issues
. Governance and Leadership Issues
. Extended Ecosystem Issues

Section 4 - Deep Dive into The Issues
. NAIC Model Law Section 4e - Oversight by the Board of Directors
. Mission Statement - Explicit Values - Business Model . Ethics
. Authorized Individuals
. User Access and Passwords
. Desktop Management
. Email Management
. Mobile Device Management
. "WiFi"
. Cyber Attacks

Section 5 - The Effective Information Security Program Management
. NAIC Model Law Section 4g - Program Adjustments
. How do we manage the Program?
. Project Scoping
. Governance
. Cybersecurity Domains
. Resources

Section 6 - The Information Security Program
. NAIC Model Law Section 4d - Risk Management
. Strategic Management Elements
. Tactical Management Elements
. Operational Management Elements
. Data Assets
. Security Policies
. Physical Security Items
. Personnel Security Items
. System & Application Items
. NIST System Security Plan Standards
. System & Software Life Cycle
. Configuration Management
. Training & Awareness Program
. System Documentation
. Disaster Recovery & Business Continuity

Section 7 - Review The Effectiveness
. Business Objective - Risks - Controls . NAIC Model Law Section 4g - Program Adjustments
. NAIC Model Law Section 4i - Annual Certification
. What is Effectiveness?
. The InfoSec Maturity Model
. FFIEC Cybersecurity Assessment Tool
. Maturity Levels of the Internal Controls
. Inherent Risk Profile
. Technologies & Connection Types
. Online & Mobile Products & Technology Services
. Organizational Characteristics
. Inherent Risk Profile
. The Five Risk Response Domains
. How is your Cybersecurity IC Maturity?
. Cyber Risk Management & Oversight Domain
. Threat Intelligence & Collaboration Domain
. Cybersecurity Controls Domain
. External Dependency Management Domain
. Cyber Incident Management & Resilience Domain
. Innovative - Advanced - Intermediate - Evolving - Baseline Levels
. Cybersecurity Inherent Risk & IC Maturity Relationship
. Management Assessment Results
. Certification & Accreditation Program

Section 8 - Incident Response to a Cybersecurity Event
. NAIC Model Law Section 4h - Incident Response Plan
. Who is on the "Team"?
. Key Layers of Management's Response
. What are the "Goals" for the Team?
. The Skills - The World Class Response Team
. Preparation
. The Observe - Orient - Decide - Act (O.O.D.A.) Methodology in Detail
. Incident Response Procedures
. SANS Institute "Jumpbag" Recommendations
. Post-Event Recommendations

Section 9 - SOC for Cybersecurity - AICPA Standards and Guidance
. AICPA's Three Key Components
. AICPA - SOC for Cybersecurity Resources
. Difference Between Cybersecurity and Information Security
. AICPA Objectives
. Three Reporting Levels - Entity - Service Provider - Supply Chain
. Two Sets of Criteria
. Cybersecurity Program Descriptive Criteria
. Cybersecurity Program Control Criteria
. Trust Services Approach to COSO 2103
. Trust Services Additional Points of Focus within COSO 2103
. Trust Services Supplemental Criteria
. Components of the Cybersecurity Report
. Management's Description
. Management's Assertion
. The Practitioner's Opinion

Section 10 - Summary and Wrap-Up
. "Information Security Program" Defined
. "Reactive" or "Proactive"
. Your Keys to Success!
top of page

Follow the below links for the regulations in PDF format:
. 23 NYCRR 500 - NYS DFS Cybersecurity Regulation
. NAIC Data Security Model Law

Tables of Contents for the Regulations Being Presented in this Event with links to the Contents

Insurance Data Security Model Law

Section 1. Title
Section 2. Purpose and Intent
Section 3. Definitions
Section 4. Information Security Program
Section 5. Investigation of a Cybersecurity Event
Section 6. Notification of a Cybersecurity Event
Section 7. Power of Commissioner
Section 8. Confidentiality
Section 9. Exceptions
Section 10.Penalties
Section 11.Rules and Regulations [OPTIONAL]
Section 12.Severability
Section 13.Effective Date

top of page

New York State Department of Financial Services 23 NYCRR 500

Section 500.00 Introduction.
Section 500.01 Definitions.
Section 500.02 Cybersecurity Program.
Section 500.03 Cybersecurity Policy.
Section 500.04 Chief Information Security Officer.
Section 500.05 Penetration Testing and Vulnerability Assessments.
Section 500.06 Audit Trail.
Section 500.07 Access Privileges.
Section 500.08 Application Security.
Section 500.09 Risk Assessment.
Section 500.10 Cybersecurity Personnel and Intelligence.
Section 500.11 Third Party Service Provider Security Policy.
Section 500.12 Multi-Factor Authentication.
Section 500.13 Limitations on Data Retention.
Section 500.14 Training and Monitoring.
Section 500.15 Encryption of Nonpublic Information.
Section 500.16 Incident Response Plan.
Section 500.17 Notices to Superintendent.
Section 500.18 Confidentiality.
Section 500.19 Exemptions.
Section 500.20 Enforcement.
Section 500.21 Effective Date.
Section 500.22 Transitional Periods.
Section 500.23 Severability.
APPENDIX A Certification of Compliance
APPENDIX B Notice of Exemption

top of page

Follow the below links for these regulations:
. 23 NYCRR 500 - NYS DFS Cybersecurity Regulation
. NAIC Data Security Model Law

top of page

Experts Providing CPE Training Events

Corporate Compliance Seminars (CCS) was created by experts who enjoy providing CPE training events. All our experts have years of experience in providing training courses, workshops and consulting on internal controls, internal auditing, information technology, cybersecurity and accounting related subjects. We have focused on SOX, COSO, PCAOB, COBIT, CMMI, GRC, GAAP, IFRS, AICPA, GAO, NAIC, ISO, and IIA Standards. We are your best source for continuing professional education (CPE).

Our programs, live in-person, webinar and on-demand, provide CPE for professionals with CPA, CGA, CIA, CFE, CISA, CMA and CA designations. CCS is focused on providing the best learning programs in using three distinct distribution channels: live in-person events, virtual webinar events and on-demand self-study e-learning.

Corporate Compliance Seminars presents CPE to a range of professionals, auditors, accountants, finance staff, compliance personnel, information technology (IT) professionals, Boards of Directors and Audit Committees. We examine the details of risk management, Sarbanes-Oxley Act compliance, Model Audit Rule (MAR) compliance, auditing, internal controls, cybersecurity and compliance, and fraud prevention and detection.

Within the U.S.A. marketplace, Corporate Compliance Seminars allows the attendee to earn NASBA CPE credit.

Our events focus on the details of the Sarbanes-Oxley Act of 2002 (SOX), Internal Controls over Financial Reporting (ICFR), Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control Frameworks, ISACA's Control Objectives over Information Technology (COBIT), Information Technology Infrastructure Library (ITIL), Open Compliance & Ethics Group's (OCEG) Governance, Risk & Compliance (GRC) methodology, PCAOB's Auditing Standard 5 (AS5), AICPA auditing standards, and NAIC regulatory model regulations and acts .

Our live in-person events are generally presented in a small classroom setting with two to five attendees. Over the last few weeks, we have come to the understand we need to provide distant e-learning events. We are now in the process of moving all our content to an online available status. We have created distant e-learning opportunities using both a virtual webinar event approach and on-demand e-learning self-study modules. These two e-learning approaches: webinars and on-demand self-study with extended web access to our content into the global continuing professional development (CPD) marketplace. In the webinar e-learning events we will limit the number of students to maximize the interaction between the live instructor and attendees. The on-demand self-study e-learning modules will be created and offered to meet the NASBA CPE credit requirements .

Our seminars provide CPE for the CPA, CFE, CIA, CISA, auditors and others with effective and engaging internal audit training courses.

Our instructors have had direct experience in the following industries: financial activities, bank, insurance, healthcare, construction, leisure and hospitality, professional and business services, mining and oil & gas extraction, manufacturing, educational, government agencies, transportation, software, technical, hi-tech and agricultural.

top of page

 

Sign-Up Today!!!!
Registration Form
SIGN-UP NOW!

Make a Payment After Sign-up

Contact Us

About Us

Seminar CPE Credits,

Pricing and Discounts

Join Our Email List


Price Comparison


Weekly Virtual Events Calendar


Forensic & Investigative Accounting


Recent Issues Links


Organizations Attending Seminars


On-Site/Custom Seminars

On-Site/Custom Training
We can provide training seminars at your company's location. Contact us for details.

NASBA Member

Corporate Compliance Seminars

CCS Terms & Conditions


Audit Sampling


Internal Auditor 101 Course


Internal Auditor 201 Training Course


Internal Auditor 301 Course


Internal Audit Basic 3 Day Course


Internal Audit Advanced 3 Day Course


Internal Audit Report Training Course


Cybersecurity Risk Programs Training


Cybersecurity Risk Tools Training


NAIC Cybersecurity Risk Compliance


COSO 2013 Training Course


COSO Academy 3 Day Course


Using COSO 3 Day Course


Continuous Auditing Training Course


Ethics for the CIA, CPA, CFE and CISA


Frauditing Training Course


The GAO Green Book Training


The GAO Green Book Academy 3 Day


ICFR Assessments Training Course


IT General Controls Training Course


Medicaid Cost Reporting - Texas


NAIC MAR Program


NAIC MAR Compliance


SSAE SOC Audit Course


World Class ERM Training


Testimonials


View All


List of All Seminars

Audit Committee
Audit Quality
Audit Sampling
Internal Auditor 101
Internal Auditor 201
Internal Auditor 301
Audit Quality
Internal Audit Basics
IA Basics - Banking
IA Basics - Insurance
Advanced Auditing
Broker Dealer Audits
Business Restructuring
CFO Challenges
COBIT Framework
COSO 2013 Training
COSO Academy
Using COSO
Continuous Auditing
Cyber Assessments
Cyber Risk Programs
Cyber Program Tools
Ethics CIA CPA
Forensic Accounting
FCPA Course
Frauditing Training
Green Book Course
Green Book Academy
ICFR Assessments
IT Quality Audits
ITGC Course
Managing Change
Managing Requirements
Medicaid Cost Reporting
NAIC Cybersecurity
NAIC MAR Program
NAIC MAR Compliance
PCAOB Audits
Auditing Procure to Pay
Project Management
PMP 5 Day
Quality Audits
Report Writing
Reviews & Inspections
Risk Identification
SOX Compliance
SOX for the CPA
SSAE SOC Audits
Using COSO
World Class ERM
XBRL Reporting

Resources

Resources for Auditors
Recent Issues Links
Click to view top businesses offering compliance resources.


 

Corporate Compliance Seminars
     


Instructor-lead virtual seminars are presented via live internet connections due to COVID-19

Corporate Compliance Seminars is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.

In accordance with the standards of the National Registry of CPE Sponsors, CPE credits have been granted based on a 50-minute hour.

National Registry of CPE Sponsors ID #108983

Complaints may also be forwarded to the company principals, David S. Marshall (708-205-2366; davem@cseminars.com) and/ or John Blackshire (479-200-4373; johnb@cseminars.com).