For service auditors and user entities new to SOC reporting, not understanding the report content can result in reporting deficiencies or inappropriate identification of key information. This course will explain the differences between SOC 1, 2, 3, Cyber, and Supply Chain reports, including their purpose, their content, and their intended audiences. The course will also present the contents of each section of a SOC report, highlighting key items of interest. Why take this course? Take this course as an introduction to SOC reporting, to strengthen your foundational knowledge as you perform SOC examinations as a service auditor or as you review SOC reports as a user entity or user auditor.
Learning Objectives:
Jeff Cook CPA, LLC
CFO & Co-Founder
[email protected]
Jeff is an information assurance and public accounting professional with over 9 years of IT audit and consulting experience and over 20 years of experience in public accounting and auditing. Jeff has worked extensively on SOC in addition to providing IT audit support for traditional financial statement audits. Jeff also has functional knowledge of ISO standards, CSA STAR, C5, FISMA, and FedRAMP. Jeff has grown and developed several IT audit and SOC practices at various firms throughout his career, as well as participated in firm quality control for SOC engagements. Jeff is also heavily involved with the AICPA, volunteering with the development of the SOC and CITP programs. Jeff is part of the SOC 2 working group, which helps develop the AICPA SOC 2 guide, and has developed numerous pieces of training for the AICPA.