SSAE 18 SOC Audits: Auditee - Auditor - Assessor Training
Elevate your audit expertise with our comprehensive SSAE 18 SOC Audits Training Seminar. This intensive program provides 18 CPE credits and is designed for auditors, compliance officers, and IT professionals seeking mastery in conducting, assessing, and utilizing SOC audits. Learn from seasoned professionals who will guide you through the intricacies of auditing under the SSAE 18 standard, ensuring your skills align with today’s compliance and regulatory demands.
Why Attend?
1. Gain Comprehensive Knowledge of SSAE 18 and SOC Audits - Understand the AICPA Statement on Standards for Attestation Engagements (SSAE 18) and its application to SOC 1, SOC 2, and SOC 3 audits, exploring control environments and reporting options tailored for modern organizations.
2. Practical Skills for SOC Report Analysis - Learn how to prepare, assess, and interpret SOC reports to meet regulatory requirements like SOX, HIPAA, GLBA, and best practices, including COBIT and NIST 800.
3. Advance Your Professional Credentials - Earn 18 NASBA-approved CPE credits while gaining insights that elevate your proficiency and relevance in the auditing field.
4. Flexible, Expert-Led Training - Participate in an engaging three-day course, exploring the latest frameworks, methodologies, and strategies under SSAE 18.
What You’ll Learn
This seminar offers a step-by-step guide to mastering SSAE 18 audits, with detailed instruction and practical applications.
Course Highlights
1. Understand the Evolution of SOC Audits
- Learn about the transition from SAS 70 to SSAE 16 and now to SSAE 18, discovering how updates improve SOC report quality.
2. Unpack the Types of SOC Reports
- Differentiate between SOC 1, SOC 2, and SOC 3 audits, understanding their specific use cases and requirements for service organizations.
3. Execute Risk-Based Audits
- Master top-down, risk-based approaches to evaluate control objectives, select audit criteria, and identify deficiencies.
4. Vendor and Subservice Management
- Focus on managing vendors and subservice organizations within the audit scope to ensure a robust vendor management program.
5. Test and Evaluate Controls
- Learn to examine physical and logical security controls, operational oversight, and user control testing to comply with SSAE 18 standards.
6. Interpret SOC Reports
- Gain the tools to read, analyze, and document SOC reports, ensuring they align with your organizational goals and regulatory obligations.
Key Topics Covered
- AICPA frameworks for SOC audits.
- Preparation and responsibilities of compliant service organizations.
- Conducting and documenting audit tests for SOC compliance.
- Evaluating deficiencies and forming audit opinions under SSAE 18.
- Role of SOC reports in managing risks and regulatory requirements.
Benefits of Attending
- Deep Industry Knowledge: Stay updated on the latest SSAE 18 developments and regulatory implications.
- Actionable Insights: Develop skills that immediately translate into your professional practice.
- Enhanced Compliance Understanding: Meet and exceed requirements for key regulatory frameworks like SOX.
- Earn CPE Credits: Build your expertise and professional standing with 18 NASBA-approved credits in Auditing and Information Technology.
Event Details
- Schedule: Three-day training held Tuesday to Thursday, 9 a.m.–3 p.m. CST, with a 30-minute lunch break.
- Delivery Format: Group Internet-Based with interactive discussions and real-world examples.
- CPE Credits: 18 credits aligned with NASBA requirements.
- Cost: $2,160.
- Private Sessions Available: Flexible scheduling for groups of 2 or more to suit your team’s needs.
Who Should Attend?
This course is perfect for professionals involved in preparing, assessing, or using SOC audit reports, including:
- Auditors: Gain a complete understanding of SSAE 18 and its implications for SOC audits.
- Compliance Officers: Ensure stringent regulatory compliance for your organization or client.
- IT Professionals: Enhance your knowledge of SOC audit frameworks critical for IT environments.
Why SSAE 18 Matters for Today’s Auditing Practices
The SSAE 18 standard is the foundation of today’s SOC audits, offering transparency, flexibility, and tailored evaluations for a variety of industries. Leveraging its principles ensures:
- Improved Audit Quality: Enhanced engagements through thorough control examination and risk assessment.
- Regulatory Alignment: Compliance with key frameworks like COBIT, HIPAA, and GDPR.
- Versatile Reporting Options: SOC reports tailored to meet diverse client and organizational needs.
Register Now
Don’t miss the opportunity to master SSAE 18 and elevate your audit practices. Learn cutting-edge techniques, explore best practices, and broaden your expertise in SOC compliance.
Register today to secure your spot and take your auditing career to the next level!
Details on Event Presentation
Offered on Tuesday-Thursday once every eight weeks in three six hour sessions for 18 CPE credits.
The sessions will run from 9:00 a.m. to 3:00 p.m. Central Time Zone.
There will be a lunch break from 12:00 noon to 12:30 p.m. each day.
We can schedule private events on your timetable for two or more attendees. Bring this event to your audit team now!
NASBA Program Disclosure
Program Level of Understanding: Basic
Prerequisites: None
Advance Preparation: None
Delivery Format: Group Internet Based
NASBA Field(s) of Study: Auditing, Information Technology
CPE Credits: 18 based on 50 minutes of instruction per hourCPE Event Highlights
Fundamental changes have come to Service Organization Control (SOC) reports in the last ten years. In 2011, SAS 70 was superseded by the SSAE 16, and then in May 2017, SSAE 18 become effective.
This move to Statement of Auditing Engagements (SSAE 18) brings along with it significant updates which strengthen the overall quality of the SOC reports.
You will learn about the SOC framework in this event. Known as Service Organization Control (SOC) reports, the SOC framework is a radical departure from the one-size-fits-all approach held by SAS 70 for approximately twenty (20) years.
In short, with three reporting options under SSAE 18 - SOC 1, SOC 2, and SOC 3 - service organizations have more flexibility and more choices regarding third-party assessments of their control environments. While SSAE 18 - SOC 1 has quickly become the dominant reporting option, SOC 2 and SOC 3 are extremely viable, especially for many of today's technology companies.
Learning Objectives
Attendees will understand:
- Internal control and risk management frameworks
- the AICPA standard for System and Organization Control audits (SSAE 18 SOC)
- the various types of SOC audits and their applicability
- the requirements to prepare for SOC engagements
- how SOC 1, SOC 2, and SOC 3 audits are conducted
- how to interpret the SOC reports
- the identification and testing of internal controls in SOC reports
- the responsibilities for user entities and testing of user controls
- how to document the tests of controls
- common SOC audit internal control deficiencies
- how auditors form their SOC audit opinion
- the new types of SOC reports
- the role of SOC audits in Vendor Management Programs
Key Issues on the Agenda
Section 1 - Introduction and Overview of SSAE 18
Section 2 - Types of SSAE 18 Audits
Section 3 - Components of the Audit Report
Section 4 - Sample Reports
Section 5 - SOX, COSO and SSAE 18
Section 6 - The SSAE 18 Data Center Audit
Section 7 - How to Conduct the SSAE 18 Audit
Section 8 - Developing the System Description
Section 9 - Summary of Concepts
Section 10 - Testing of Controls
Section 11 - IT Control Frameworks
Section 12 - Testing the Physical Security Controls
Section 13 - Testing the Logical Security Controls
Section 14 - Testing the Changes Controls
Section 15 - Testing Operations, Backup and Restoration Controls
Section 16 - Testing the IPO and User Controls
Section 17 - Evaluating the SSAE 18 Report
Section 18 - Going Forward with Your Vendor Management ProgramSummary of the Subject Matter
This CPE event focusing on SSAE 18 SOC Audits offers comprehensive training for auditees, auditors, and assessors involved in System and Organization Controls (SOC) audits conducted in accordance with the Statement on Standards for Attestation Engagements (SSAE). This in-person training event is designed to equip participants with the knowledge, skills, and best practices essential for navigating the intricacies of SSAE 18 SOC audits, thereby fostering a thorough understanding of the roles, responsibilities, and requirements inherent to the audit process.
Key focus areas covered in this event may include:
-
Regulatory Framework and SSAE 18 Compliance: An exploration of the regulatory framework and compliance requirements outlined by SSAE 18 pertaining to SOC audits, shedding light on the attestation standards and reporting considerations essential to conducting effective and compliant audits.
-
Auditee Preparation and Responsibilities: Insights into the preparatory measures, documentation requirements, and responsibilities incumbent upon auditees undergoing SSAE 18 SOC audits, emphasizing the significance of accurate, transparent, and comprehensive representations of their control environments.
-
Auditor Methodologies and Examination Techniques: Comprehensive guidance on the methodologies, examination procedures, and assessment techniques employed by auditors and assessors during SSAE 18 SOC audits, empowering participants with the tools necessary to execute thorough, insightful, and value-driven audit engagements.
-
Assessor Training and Professional Development: A focus on the training and professional development opportunities available for individuals seeking to enhance their skill set as assessors within the realm of SSAE 18 SOC audits, fostering continuous learning, competence, and proficiency in audit practices.
By addressing these critical components, the in-person training event aims to fortify the competencies of auditees, auditors, and assessors, ultimately contributing to the delivery of robust, reliable, and value-adding SSAE 18 SOC audit engagements in alignment with regulatory mandates.
-
Authoritative Sources
After attending the CPE event on SSAE 18 SOC Audits: Auditee - Auditor - Assessor Training, you can continue to expand your knowledge and expertise by exploring additional resources from authoritative sources in the field of auditing and compliance. These sources provide valuable insights and in-depth content to further enhance your understanding in this domain:
- American Institute of Certified Public Accountants (AICPA)
- The AICPA offers a wealth of resources, including technical guides, research reports, and news updates related to auditing standards, SSAE 18 SOC audits, and compliance practices.
- The Institute of Internal Auditors (IIA)
- The IIA provides extensive resources, publications, and educational materials focused on internal audit practices, including guidance on SSAE 18 SOC audits and related industry standards.
By leveraging these authoritative sources, you can deepen your knowledge, stay updated on industry best practices, and continue your professional development in the realm of SSAE 18 SOC audits and compliance practices.
- American Institute of Certified Public Accountants (AICPA)