SSAE 16 (formally known as SAS70), SOC1 to SOC 3 Reporting Demystified

Why Should You Attend:

Companies are familiar with SAS70 reports, which were prepared following the AICPAs Statement of Auditing Standards No 70. The main focus was to provide assurance over service organizations’ controls over financial reporting. However, the landscape of compliance sometimes requires additional requirements such as security, availability, processing integrity, confidentiality and privacy which did not directly correlate to controls over financial reporting. Hence, the AICPA recently released a new series of reporting options called Service Organizations Control Reports (SOCs) which enable CPA firms to provide assurance on internal controls on subject matter outside of financial reporting. These reports are called SOC1, SOC2 and SOC3 reports.

In this presentation, you will learn more about SSAE 16 (formally known as SAS 70), SOC 1, SOC 2 and SOC 3, how to choose the right report for your organization and how to get ready for the attestation.

Learning Objectives:

Participants will learn how to

• Transition between SAS70 and SSAE 16.
• Evaluate which SOC report is right for their organization.
• Decide between SOC 2 and SOC 3.
• Prepare their organization to obtain a SOC 1, SOC 2 and/or SOC 3 report.

Areas Covered in the Seminar:

• Transition between SAS70 and SSAE 16.
• Evaluate which SOC report is right for their organization.
• Decide between SOC 2 and SOC 3.
• Prepare their organization to obtain a SOC 1, SOC 2 and/or SOC 3 report.
• Restrictions related to each report.

Who will Benefit:

The following professionals in accounting and audit firms will benefit

• C-level Executives (CEO, CFO, CIOs)
• IT Service Professionals
• IT Audit Professionals
• IT Management
• IT Compliance and Security Officers

Instructor Profile:

Angela Polania, is a dynamic speaker and risk and strategy advisory specialized in IT and Finance governance, risk and compliance. She is a principal of Elevate Consult, a premier advisory firm specialized in: Risk Management, IT & Business Process Assurance and IT & Finance Transformation services.

Angela is a trainer and speaker on subjects such as Governance Risk and Compliance, IT Best Practices Frameworks such as COBIT, ISO27001and ITIL , Sarbanes- Oxley and Best Practices on Systems Implementations. Angela speaks at organizations such as ISACA, IIA, PMI, AICPA, Financial Executives Institute and ITSMF.
Angela has mastered complex process improvement solutions including: Financial systems implementations project management, Sarbanes- Oxley compliance projects, Governance Risk and Compliance initiatives (Financial and Information Technology). Angela often assumes the role of the trusted advisor for her clients that require process and methodology management to ensure on time and under budget delivery of their more comprehensive Finance and IT projects and strategies.

Prior to Elevate, Angela acquired a mix of ‘Big 4’ to boutique consulting firm experience. Angela began her career with Arthur Andersen and then move to Deloitte. Her entrepreneurial spirit led her to Grant Thornton to assist in the successful start-up of the Grant Thornton Business Advisory Services practice as an Experienced Manager. Angela is dedicated to her community and her profession. She is the Vice President of the Institute of Internal Audit (IIA) Miami Chapter and the South Florida Information Systems Audit and Control Association (ISACA) chapter. She also a board member for the South Florida ITSMF Academy and CIO Council.

Follow us :