New Service Level of Engagement for Attestation Engagements (SSAE 18) (Completed)

Date: Friday, July 12, 2019
Instructor: Lynn Fountain
Begin Time:  9:00am Pacific Time
10:00am Mountain Time
11:00am Central Time
12:00pm Eastern Time
CPE Credit:  2 hours for CPAs

SSAE 18 is aimed to increase the usefulness and quality of Service Organization Control Reports (SOC), now referred to as System Organization Control Reports (SOC). The changes made to the standard requires companies to take more control and ownership of their own internal controls around the identification and classification of risk and appropriate management of third party vendor relationships. These changes, while, not overly burdensome, will help close the loop on key areas that industry professionals noted gaps in many service organization’s reports.

This course will examine the concepts of Service Organization Control Reports, performing readiness assessments, executing the SOC engagement, documenting and reporting on the engagement. We will also evaluate the various Types of SOC reports including Type I and Type II. Lastly, we will examine the requirements of the new standard for monitoring sub-service organizations.

Who Should Attend
CFO’s, Controllers, Financial professionals, Auditors, Legal professionals, Compliance professionals, Accounting professionals, and Board members.

Topics Covered

  • Concepts of Service Organization Control Reports
  • Performing readiness assessments
  • Executing the SOC engagement
  • Documenting and reporting on the engagement
  • Various Types of SOC reports including Type I and Type II
  • Requirements of the new standard for monitoring sub-service organizations

Learning Objectives

  • Recognize the history of service organization control reports
  • Recognize the transition of the accounting standards from Statement on Auditing Standards (SAS) 70 to Statement on Standards for Attestation Engagements (SSAE)16 and now SSAE 18
  • Recognize the various types of service and subservice organizations
  • Identify procedures to conduct a SOC 1, SOC 2 and SOC 3 Engagement
  • Differentiate the requirements to prepare for a SOC engagement and a readiness assessment
  • Identify specific changes related to monitoring controls at sub-service organizations
  • Describe the concept and requirements of complementary controls
  • Identify the need for evidence provided by service organizations


Instructional Method
Group: Internet-based

NASBA Field of Study
Auditing (2 hours)

Program Prerequisites

Advance Preparation

 Chat — Books Support