SOC Lessons Learned and Reporting Changes (Webinar Recording)

Since the AICPA introduced new Service Organization Control (SOC) reporting guidance in 2011 for demonstrating the effectiveness of internal controls, the quality of information in SOC reports has improved, and the user community has become familiar with the new report types. This webinar will provide a retrospective on the lessons learned to reveal a number of opportunities organizations can consider to improve the quality of SOC reports and their uses.

The webinar also will outline the 2014 Trust Services Principles and Criteria (TSPC), which will replace the 2009 TSPC for all SOC 2 reports with a time period ending on or after Dec. 15, 2014; discuss the rationale for the changes; and highlight key differences that service providers and users of SOC 2 reports should understand. Further the presentation will demonstrate how the TSPC can be mapped to other industry-leading control frameworks (for example, NIST, CSA CCM, HIPAA).