× Course by Subject Webinars Self-Study eBooks Certificates Compliance Manager Subscriptions Firm CPE Blog CCHCPELink.com
Add to Cart View More Self-Study Courses

Keys of Service Organization Control (SOC) Reports - Following SSAE 18 Requirements

Author: Lynn Fountain

CPE Credit:  2 hours for CPAs

Today's businesses have seen a dramatic increase in the use of outsourced providers to assist with executing processes from payroll, accounts payable, information technology, benefit plan administration and many other core processes. These processes ultimately have an impact on an organization's internal control over financial reporting but also could impact compliance and operational issues.

In 2011, the Statement for Auditing Standards Attest Engagements (SSAE 16) replaced the former SAS70 Standard. In May 2017, a new standard SSAE 18 has superseded SSAE 16. The concepts covered is referred to as a Service Organization Control Report (SOC). Organizations who utilize outsourced providers should understand of the various types of SOC reports, their intended use and their implication on a company's financial reporting process, regardless of your status as a publicly traded or privately held organization. The process can be complicated to understand as a user organization. Currently, several types of SOC Reports exist including:

  • SOC 1 - Type 1
  • SOC 1 - Type 2
  • SOC 2 - Type 1
  • SOC 2 - Type 2
  • SOC 2
  • SOC 3
  • Cybersecurity SOC

Publication Date: October 2024

Topics Covered

  • Move from SAS70 and SSAE16 to SSAE18
  • Types of Service Organizations
  • SOC 1 Engagements
  • Control Objectives
  • SOC 1 Execution
  • SOC 2 Engagements
  • SOC 2 Execution
  • SOC 3 Reports
  • SOC for Cybersecurity
  • SOC Comparisons
  • Reporting Opinions
  • SOC Reporting
  • Preparing for SOC Engagment
  • Summary
  • Appendix
  • SOC 1 Questions for Considerations
  • Readiness Assessment Checklist

Learning Objectives

  • Explain the transition of the accounting standards
  • Identify and evaluate the various types of service and subservice organizations
  • Identify and examine procedures to conduct a SOC 1 engagement, SOC 2 and SOC 3 engagement
  • Identify the SOC cybersecurity requirements
  • Identify and evaluate the proper use of control objectives
  • Identify the various reporting methods for SOC reports
  • Recognize and evaluate requirements for user entities

Level
Basic

Instructional Method
Self-Study

NASBA Field of Study
Accounting (1 hour), Auditing (1 hour)

Program Prerequisites
None

Advance Preparation
None

Registration Options
Quantity
Fees
Regular Fee $70.00

Add to Cart View More Self-Study Courses
">
 Chat — Books Support