In today’s interconnected world, safeguarding information systems is crucial. This course will provide a comprehensive understanding of SOC engagements, exploring the types of reports (SOC 1®, SOC 2®, and SOC 3®) and the related management assertions.
DESIGNED FOR
Experienced CPAs, CITP designation holders and aspirants, and accountants seeking a greater understanding of information systems and controls
BENEFITS
- Explain the purpose of the Trust Services Criteria and its organization
- Understand the purpose of SOC reports and the roles of key players and identify management assertions specific to different SOC engagement types
- Recall the intended users of SOC 1®, SOC 2®, and SOC 3® reports
- Explain how materiality is determined and used in performing a SOC engagement
- Summarize the criteria for a vendor to be considered a subservice organization
- Explain the considerations for deciding between the inclusive and carve-out method for subservice organizations
- Define service commitments and system requirements in a SOC 2® engagement
- Determine the appropriate form and content of a report on the examination of controls at a service organization
HIGHLIGHTS
- Purpose and organization of the Trust Services Criteria
- Management assertions specific to different SOC engagement types
- Intended users of SOC 1®, SOC 2®, and SOC 3® reports
- Determination and use of materiality in SOC engagements
- Criteria for considering a vendor as a subservice organization
- Inclusive vs. carve-out method for subservice organizations
- Service commitments and system requirements in SOC 2® engagements
- Appropriate form and content of SOC reports
ADVANCE PREPARATION
None