Enhance your knowledge of SOC for service organizations examinations! Why is SOC reporting important? Outsourcing has become a trend. The use of technology is expanding rapidly. As a consequence, reporting on system and organization controls is becoming more prevalent, as user entities look to experienced service auditors like you to provide reliable reports on controls at service organizations. However, peer review commonly identifies deficiencies related to compliance with the attestation standards in SOC examinations. Find out what you need to know to provide reports user entities and auditors can trust while avoiding common mistakes. How can you prevent common missteps in SOC reporting? Familiarize yourself with authoritative and interpretive guidance applicable to SOC 1® and SOC 2® examinations. Apply the guidance appropriately in planning, executing, and reporting on SOC for service organizations examinations. How will this course help? This course dives into key aspects of planning, executing, and reporting on SOC for service organizations examinations. It references applicable guidance and presents several thought-provoking and practical activities. Instructors with significant SOC reporting experience share their knowledge to enable you to perform examinations in compliance with the attestation standards.
• Identify guidance that affects system and organization controls (SOC) for service organizations engagements. • Determine how to avoid common SOC for service organizations pitfalls based on peer review findings. • Assess the needs of a service organization to determine the appropriate SOC for service organizations engagement and suitability of criteria. • Apply your knowledge and skills in planning, executing, and reporting on a SOC for service organizations examination.
• Overview of SOC services and guidance • Types of SOC for service organizations engagements • Sections of the report, including the service auditor’s opinion and testing and management’s description and assertion • Consideration of subservice organizations, complementary user entity controls, and use of internal audit and specialists • Planning considerations related to engagement acceptance and continuance, scoping, risk assessment, and materiality • Assessment and documentation of design and operating effectiveness of controls • Types of opinions and concluding activities • Other topics of interest, such as SOC 2®+ reports, SOC 3® reports, and blockchain implications
Managers, senior managers, and partners responsible for performing and managing their firms’ SOC for service organizations engagements. Senior staff of firms specializing in SOC for service organizations engagements.
Substantial experience performing and managing staff on SOC 1®, SOC 2®, and SOC 3® engagements. Basic knowledge of the 2017 trust services criteria.