Surgent's System and Organization Controls (SOC) Engagements

Description

In today's interconnected world, safeguarding information systems is crucial. This course will provide a comprehensive understanding of SOC engagements, exploring the types of reports (SOC 1®, SOC 2®, and SOC 3®) and the related management assertions. The use of the reports for internal controls over financial reporting (ICFR) and operations and compliance will be analyzed. This course equips accounting professionals with the knowledge to effectively lead in compliance reporting.

Highlights

• Purpose and organization of the Trust Services Criteria
• Management assertions specific to different SOC engagement types
• Intended users of SOC 1®, SOC 2®, and SOC 3® reports
• Determination and use of materiality in SOC engagements
• Criteria for considering a vendor as a subservice organization
• Inclusive vs. carve-out method for subservice organizations
• Service commitments and system requirements in SOC 2® engagements
• Appropriate form and content of SOC reports

Objectives

• Explain the purpose of the Trust Services Criteria and its organization
• Understand the purpose of SOC reports and the roles of key players and identify management assertions specific to different SOC engagement types
• Recall the intended users of SOC 1®, SOC 2®, and SOC 3® reports
• Explain how materiality is determined and used in performing a SOC engagement
• Summarize the criteria for a vendor to be considered a subservice organization
• Explain the considerations for deciding between the inclusive and carve-out method for subservice organizations
• Define service commitments and system requirements in a SOC 2® engagement
• Determine the appropriate form and content of a report on the examination of controls at a service organization

Designed For

Experienced CPAs, CITP designation holders and aspirants, and accountants seeking a greater understanding of information systems and controls