SSAE 18/ISAE 3402/Service Organisation Controls (SOC) 1 – Implementation and Audit Training

SOC 1 report issued by CPA attests an organizations’ ‘Internal control over financial reporting (ICFR)’

There are two kinds of reports:

Type 1 – Report on the fairness of the

presentation of management’s description of the service organization’s system and the suitability of the design of the controls to achieve the related control objectives included in the description as of a specified date.

Type 2 - Report on the fairness of the

presentation of management’s description of the service organization’s system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.

(Source: AICPA)

The training is aimed at anyone seeking knowledge and roadmap in implementing the requirements for designing these ‘internal controls’, which becomes embedded in the organisation processes.

In Coral, we have helped several organizations achieve SOC 1 attestation through our implementation methodology. In this course, we are sharing our aporach and methodlogy.

The training will have the following coverage:

  • Explain the SOC 1 requirements using COSO and IT General Controls
  • COSO Framework covers the followings – Control Environment, Risk Assessment, Control Activities, Information and Communication, and Minitoring Activities.
  • Impart a step by step process to help your organisation design a formal SOC 1 compliance program
  • Exercises that covers business objective setting, information system identification, risk and control matrix, risk assessment, requirement, control performance reporting, and internal audit
  • Interpretation of the individual SOC 1 requirements in easy role wise explanations
  • Personal feedback of an individual of how he/she performed in the classroom

Who should attend this course?

Anyone interested in designing, implementing, documenting, and auditing ‘internal controls’. This can includes Finance Professionals, IT Security Officers, IT Security Professionals, IT Professionals, Compliance Professionals, GRC professionals, Internal Auditors, Information Security Officers, and Chief Risk Officers.

Course Delivery

The course is delieverd online (such as webex), and in a classroom setting depending upon the number of delegates.

Course Trainer and Author

Probal Choudhuri, Principal Consultant is the course author and trainer. He has advised several organisations achieve SSAE 18/ISAE 3402/SOC 1 compliance.

Contact Us:

Please enter your contact information in the fields below
and one of our experienced consultants will contact you immediately.