Skip to main content

Keys of SOC Reports - Following SSAE 18 Requirements

Monday, December 30
 9:00am - 11:00am

(Check-In )

Add to Calendar

Online

2.00 Credits

Member Price $85.00

Non-Member Price $115.00

Overview

Today's businesses have seen a dramatic increase in the use of outsourced providers to assist with executing processes from payroll, accounts payable, information technology, benefit plan administration and many other core processes. These processes ultimately have an impact on an organization's internal control over financial reporting but also could impact compliance and operational issues

In 2011, the Statement on Standards for Attestation Engagements (SSAE) 16 replaced the former Statement on Auditing Standards (SAS) 70. In May 2017, a new standard, SSAE 18, superseded SSAE 16

The concepts covered in this course are referred to as a Service Organization Control Report (SOC). Organizations who utilize outsourced providers should understand the various types of SOC reports, their intended use and their implication on a company's financial reporting process, regardless of your status as a publicly traded or privately held organization.  The process can be complicated to understand as a user organization. Currently, several types of SOC Reports exist including:

  • SOC 1 - Type 1

  • SOC 1 - Type 2

  • SOC 2 - Type 1

  • SOC 2 - Type 2

  • SOC 3

  • Cybersecurity SOC

This course speaks briefly to the transition from SAS 70 to SSAE 16 and now SSAE 18.  However, the focus is on the various Service Organization Control Reports, their purposes and uses

Objectives

  • Explore the transition of the accounting standards from Statement on Auditing Standards (SAS) 70 to Statement on Standards for Attestation Engagements (SSAE) 16 and now SSAE 18
  • Recognize the various types of service and subservice organizations
  • Explore procedures to conduct a SOC (Service Organization Control) 1 engagement, develop proper control objectives and determine specific reporting methods
  • Explore procedures to conduct and report on a SOC 2 engagement
  • Recognize the requirements for SOC 3 reports
  • Explore the SOC cybersecurity requirements
  • Recognize the requirements to prepare for a SOC engagement
  • Recognize the requirements for user entities

Highlights

  • Move from SAS 70 and SSAE 16 to SSAE 18
  • Types of Service Organizations
  • SOC 1 Engagements
  • Control Objectives
  • Reporting
  • SOC 1 and SOC 2 Reporting
  • SOC 3 Reports
  • Preparing for SOC Engagement
  • SOC Comparisons

Designed For

CPAs, Corporate personnel working with SOC providers, consultants providing SOC reports

Prerequisites

None

Preparation

None

Notice

Your webinar can be accessed via https://ctcpas.acpen.com/Account/loginhttps://ctcpas.acpen.com/. If you do not have an ACPEN account, please sign up for an account using the email address you have on file with CTCPA.

Leader(s):

Leader Bios

Lynn Fountain, AICPA

Lynn Fountain, CGMA, CRMA, MBA 1/1/2017 Lynn Fountain has over 35 years of experience spanning public accounting, corporate accounting and consulting. 20 years of her experience has been working in the areas of internal and external auditing. She is a subject matter expert in multiple fields including internal audit, ethics, fraud evaluations, Sarbanes-Oxley, enterprise risk management, governance, financial management and compliance. She has held two Chief Audit Executive (CAE) positions for international companies. In one of her roles as CAE, she assisted in the investigation of a multi-million-dollar fraud scheme perpetrated by a vendor that spanned 7 years and implicated 20 employees. The fraud was formally investigation by the FBI and resulted in 5 indictments estimating a $13M fraud loss. Ms. Fountain is currently engaged in her own consulting and training practice. She has assisted numerous companies with enterprise risk management frameworks, internal audit processes and financial accounting. She is a highly sought after speaker and has trained internationally. In addition to her personal training, she also serves as a discussion leader for the AICPA for numerous classes. Topics include fraud and forensic courses for both profit and not-for profit, internal controls for large and small entities, COSO 2013, ethics, and risk management and various leadership courses. Ms. Fountain is the author of three separate technical books released in 2015, The first entitled “Raise the Red Flag – The Internal Auditors Guide to Fraud Evaluations” was published by the Institute of Internal Auditors Research Foundation and released in April 2015. Her second book “Leading The Internal Audit Function” was released in October 2015 by Taylor & Francis Publications. This book serves as the initial launch for a series of leading practice internal audit and information technology publications. In addition, her third book “Ethics and the Internal Auditor’s Dilemma” was released in December 2016. Ms. Fountain obtained her BSBA from Pittsburg State University and her MBA from Washburn University in Kansas. She has her CGMA, CRMA credentials and CPA certificate. www.lynnfountain.net fountainlynn1@gmail.com

Return to Top

Non-Member Price $115.00

Member Price $85.00