� The US Sarbanes Oxley Act (SOX) of 2002 provided new governance rules, regulations and standards for specified public companies including the US Security Exchange Commission (SEC) registrants. Compliance with this Act is intended to improve corporate accountability and become a catalyst for improving the quality of financial reporting. The Information Systems Audit and Control Association (Hong Kong Chapter) is proud to present the following events to you.����

���������������������������������������� (March 31, 2005/ ���������� �� �)

2:00 - 2:15 Registration 2:15 - 2:30 Keynote Opening by Honorable Guest, Mr Paul Chow, JP

Chief Executive, HK Exchanges & Clearing Limited 2:30 - 3:15 Keynote Speech: The Roles of IT in Implementing US Sarbanes Oxley Act of 2002

Ms Lily Shue, Bridgemark Consulting, a division of BDO Seidman, LLP, USA 3:15 - 3:30 Refreshment Break 3:30 - 4:00 Challenges for SOX Implementation for Asian Operations

Mr Frank Yam, International Vice President, ISACA 4:00 - 5:20 Discussion Forum: Surviving Sarbanes Oxley – Think Global, Act Local

� � � � �� �� � � � �� � � ���������������

� � � � ������� ��� ��� �� � � � ��� �� �� � � ��! � � � �"� � �� � ��# � ���$ �� � � % &��� �'����� � �( � � �"� � �� � ��� � � '� �� � � �� ! ) � �&��

�������������������� �� � �� �* �"� � �� � ��+ � � ���� &��� �, � � �- � � � ��"� �� �) � ���* � ( &�

5:20 - 5:30 Closing Remarks by Ms Susanna Chiu, CISA FCPA President of ISACA (HK Chapter)

����� "April 1, 2005�.�/ �� ��0��� ���& Prepare and Maintain IT Compliance for SOX � �� � � �� �� �� � � � � � � � � � � �� � � � �� �� � �� � �� � � � � �� � � �� � � �� � �� � � � � � � � � � �� �� � � �� � �� � � �� � � ��� ��� ��� � �� �� � � � � � �� �� � � � � � ��� �� ���� � � � �� � � � � � �� � ��� � � � � � � ��� � � �� � � ���� �� � � �� � � �� � � � �� � � � � �� � � � � � � ��� ��� � �� �� �� �� � ���� � ���� � � �� � �� � � �� � � ��� � � �� � � � �� �� ! � � � "# $ �� � � �� �� � � � � � � � � �� � � � � � � � � � ��� � � � � � � �� � � �� � � � � �� �� �� � � ��� � � � � � � ��� �� � � � � �� �� � � � � � � �� �� % � � �� � & � � � % � � �� � � � � � � � � � � � � �� � � �� � � � � � � � � � � � � � � � � � �� �� � �� �� � � �� � � � ' ��� � � � � � "� � �� & � � � �� ����� ( � )�� Management requirements of the SOX (302, 404) � Auditor attestation and evaluation responsibilities � Factors should be considered for SOX compliance program � The use of COSO framework and COBIT for the

assessment

� Controls over IT systems and IT control framework

� Compliance and IT governance � How compliance should be documented � Example of how to prepare for compliance

Fee(HK$) ISACA Members HKICPA / HKIoD Members Non-Members Conference 280 / 250* 310 / 280* 350 / 310* Workshop 1,080 / 980* 1,200 / 1,080* 1,350 / 1,200*

New World Renaissance Hotel

* Enrolment on or before 21 March, 2005

Enrolment Form (Enquiry Tel: 8101 2801 Fax: 8101 2802 Email: admin@isaca.org.hk) 1�2 � �� ���� � �� �� � ��3 �"�&�4 � � �! � 3� � � � �5 � �� ������ 6���"7 &�4 � � �' � �� ) �5 � �� ������ 6����"� &- �� ��� � �! � 3� � � � �� � � ��� � �' � �� ) ����� �

* � � )�� + ! �� ���� )��

# � � �� �� � )�� �����,����- �,��� . �/ � � ! � � � �� �� )�����������������������

�� � � � � )��

� � �)�� � $ )�� ���� � � � )��

0 � ��)�� � ��� �� � ����� �� � � �� � � �� �� ��� � �� � �� � � ��� � � � � �� � � � ����� � � �� � �� ��� ��� � � � � � � �� ��� � �1! � �� � � % � 2�� ��8 - ��� � � �4 9 � �! � � � �� ��- � ��� �� % ��7 � �4 � � � � �: � � ��'� � � � ��� ; ��� � �� � �� 4 � � � ; � � �� ��� � � <� ���� � � � % � � � � � �� � ! � � � � � � � � � � � � � � � � � ! �� � � � 34 � � � 1� 3 � � �� � � � � ��� � �� ; � � ��� � � � � ! � � �� ; �� �� �� � � "= * �! � � ) �� &�� �� ��� � 4��� � � ��� � �� � �� � � � � � � ��� �� �� � �1 ���� �� � � � � � 2� �� � � �� � �� � �� � � ��� � �! � �� 5� � �� � �� Supported by