Keys of SOC Reports - Following SSAE 18 Requirements

Friday, January 24, 2025
Webcast or Webinar, Online
2:00 PM - 4:00 PM (opens at 1:30 PM) EST
2Credits
Accounting and Auditing

Registration is Open

Members
$85.00 Regular Price
Non-Members
$115.00 Regular Price

CPE PowerPass Users

Click the "Apply PowerPass" button to use your PowerPass for the applicable course below.
$40.00 Members / $56.00 Non-Members
Course Type: Webcast
Course Code: 24/AC058972
Level: Basic
Vendor: ACPEN
Field of Study: Auditing

Overview:

Today's businesses have seen a dramatic increase in the use of outsourced providers to assist with executing processes from payroll, accounts payable, information technology, benefit plan administration and many other core processes. These processes ultimately have an impact on an organization's internal control over financial reporting but also could impact compliance and operational issues

In 2011, the Statement on Standards for Attestation Engagements (SSAE) 16 replaced the former Statement on Auditing Standards (SAS) 70. In May 2017, a new standard, SSAE 18, superseded SSAE 16

The concepts covered in this course are referred to as a Service Organization Control Report (SOC). Organizations who utilize outsourced providers should understand the various types of SOC reports, their intended use and their implication on a company's financial reporting process, regardless of your status as a publicly traded or privately held organization.  The process can be complicated to understand as a user organization. Currently, several types of SOC Reports exist including:

  • SOC 1 - Type 1

  • SOC 1 - Type 2

  • SOC 2 - Type 1

  • SOC 2 - Type 2

  • SOC 3

  • Cybersecurity SOC

This course speaks briefly to the transition from SAS 70 to SSAE 16 and now SSAE 18.  However, the focus is on the various Service Organization Control Reports, their purposes and uses

Objectives:

  • Explore the transition of the accounting standards from Statement on Auditing Standards (SAS) 70 to Statement on Standards for Attestation Engagements (SSAE) 16 and now SSAE 18
  • Recognize the various types of service and subservice organizations
  • Explore procedures to conduct a SOC (Service Organization Control) 1 engagement, develop proper control objectives and determine specific reporting methods
  • Explore procedures to conduct and report on a SOC 2 engagement
  • Recognize the requirements for SOC 3 reports
  • Explore the SOC cybersecurity requirements
  • Recognize the requirements to prepare for a SOC engagement
  • Recognize the requirements for user entities

Major Topics:

  • Move from SAS 70 and SSAE 16 to SSAE 18
  • Types of Service Organizations
  • SOC 1 Engagements
  • Control Objectives
  • Reporting
  • SOC 1 and SOC 2 Reporting
  • SOC 3 Reports
  • Preparing for SOC Engagement
  • SOC Comparisons

Major Topics:

  • Move from SAS 70 and SSAE 16 to SSAE 18
  • Types of Service Organizations
  • SOC 1 Engagements
  • Control Objectives
  • Reporting
  • SOC 1 and SOC 2 Reporting
  • SOC 3 Reports
  • Preparing for SOC Engagement
  • SOC Comparisons

Designed For:

CPAs, Corporate personnel working with SOC providers, consultants providing SOC reports

Prerequisites:

None