SOC Lessons Learned and Reporting Changes (Webinar Presentation)

Since the AICPA introduced new Service Organization Control (SOC) reporting guidance in 2011 for demonstrating the effectiveness of internal controls, the quality of information in SOC reports has improved, and the user community has become familiar with the new report types. This webinar will provide a retrospective on the lessons learned to reveal a number of opportunities organizations can consider to improve the quality of SOC reports and their uses.

The webinar also will outline the 2014 Trust Services Principles and Criteria (TSPC), which will replace the 2009 TSPC for all SOC 2 reports with a time period ending on or after Dec. 15, 2014; discuss the rationale for the changes; and highlight key differences that service providers and users of SOC 2 reports should understand. Further the presentation will demonstrate how the TSPC can be mapped to other industry-leading control frameworks (for example, NIST, CSA CCM, HIPAA).

Key takeaways as a result of participating in this webinar include helping you to:

  • Implement lessons learned from the initial years of adoption of the SOC examination standards
  • Evaluate the changes to the SOC 2 Trust Service Principles and Criteria (TSPC) and the rationale for these changes
  • Demonstrate how the new TSPC map to industry leading control frameworks (for example, NIST, CSA CCM, HIPAA)

Presented by:
Arshad Ahmed

Rod Smith

Sue Horn