2022 AICPA & CIMA SOC & Third Party Risk Management Conference

May 3, 2022 ‐ May 4, 2022


More and more organizations are outsourcing many of their backroom functions to service providers that can provide those functions more efficiently and cost effectively. Organizations are also enabling system access with third parties with whom they do business, such as raw material suppliers or payroll processors. In many situations, the pandemic has accelerated these trends, with more employees than ever working remotely. While outsourcing services to third parties can have tremendous benefits, there is increased risks that organizations need to manage, such as cybersecurity risks and supply chain risks.

The demand for CPAs’ SOC reports, which provide information that organizations find essential to managing such risks, is increasing exponentially. In addition, there is growing demand for qualified CPAs to provide advisory services designed to help clients identify and manage their third-party risks.

Whether you’re an established professional or just starting out in this rapidly expanding field, you’ll find exclusive insights, networking opportunities and specialized training at this inaugural event developed by subject matter experts.

This new event offers:

  • Beginner and experienced learning tracks to accommodate multiple levels of understanding
  • Updates on current technical issues arising in this area
  • Introduction to new service opportunities in third-party risk management

The Association is dedicated to removing barriers to the accountancy profession and ensuring that all accountancy professionals and other members of the public with an interest in the profession or joining the profession, including those with disabilities, have access to the profession and the Association’s website, educational materials, products, and services. The Association is committed to making professional learning accessible to all product users. This commitment is maintained in accordance with applicable law. For additional information, please refer to the Association’s Website Accessibility Policy. As part of this commitment, this product is closed-captioned. For additional accommodation requests, please contact adaaccessibility@aicpa-cima.com and indicate the product that you are interested in (title, etc.) and the requested accommodation(s): Audio/Visual/Other. A member of our team will be in contact with you promptly to make sure we meet your needs appropriately. 

Packages Display Packages

Standard: $299.00

Sessions

Managing Third Party Risks: Introduction to Third-Party Assessment Programs

May 3, 2022 1:40pm ‐ May 3, 2022 2:30pm

Identification: TPR2202

An introduction for service auditors on how to provide third party risk assessment services. This session will define third party assessment programs, provide examples of such programs, and discuss some of the challenges working with specific third party assessment program bodies.

Learning Objective:
  • This session will identify third party assessment programs, examples of such programs, and recall some of the challenges working with specific third party assessment program bodies.
Speaker(s):
Tags: Novice
Standard: $49.00

SOC 2 Examinations: The Next Evolution

May 3, 2022 1:40pm ‐ May 3, 2022 2:30pm

Identification: TPR2203

SOC reports remain the gold standard for managing third party risks that arise from doing business with a service organization. The SOC 2 guide, which provides guidance to service auditors on how to perform a SOC 2 examination, is currently being updated to better reflect the effect of new technologies and new methodologies on the SOC 2 examination. This session will provide a preview of some of the more significant changes being made to the guide.

Learning Objective:
  • Identify some of the more significant changes being made to the SOC2 guide.
Speaker(s):
Tags: Experienced
Standard: $49.00

Understanding SOC and the SOC Suite of Services

May 3, 2022 3:00pm ‐ May 3, 2022 3:50pm

Identification: TPR2204

This introductory session will give an overview of the SOC suite of services, including how each SOC service addresses the needs of a specific set of users. It will also recognize the differences between each SOC service.

Learning Objectives:
  • Recognize the differences between each SOC service
  • Identify the SOC suite of services
Speaker(s):
  • Neha S. Patel, CPA, CISA, CDPSE, Partner in charge, Weaver & Tidwell LLP
Tags: Novice
Standard: $49.00

CPAs: Helping Clients Obtain Third Party Certifications

May 3, 2022 3:00pm ‐ May 3, 2022 3:50pm

Identification: TPR2205

Third party risk management is top of mind for all organizations. As a result we've seen a proliferation of third party assessment programs in this space. This session will give an overview of the most common third party assessment frameworks and related programs. It will also give guidance for service auditors on how they can identify assessment services for their clients.

Learning Objectives:
  • Identify the most common third party assessment frameworks and related programs.
  • Guidance for service auditors on how they can identify assessment services for their clients
Speaker(s):
  • Steven Ursillo, CPA, CISA, CISSP, CCSFP, Partner | National Leader Information Assurance and Cybersecurity, Cherry Bekaert LLP
  • Brian J. Thomas, CISA, CISSP, QSA, Partner, Weaver
  • Nelly Spieler, CISA, CIPT, ISO27001LI, Partner, Frank, Rimerman +Co, LLP
  • Maureen Berggren, CPA, CISA, Managing Director, Deloitte & Touche LLP
Tags: Experienced
Standard: $49.00

Setting Up a SOC Practice iconSetting Up a SOC Practice

Preview Available

Setting Up a SOC Practice

May 3, 2022 4:00pm ‐ May 3, 2022 4:50pm

Identification: TPR2206

This session, which is based on a new AICPA toolkit, will provide considerations for practitioners considering starting new SOC practices within their firms.

Learning Objective:
  • Identify considerations for practitioners considering starting new SOC practices.
Speaker(s):
Tags: Novice
Standard: $49.00

SOC and Assurance for Emerging Technologies

May 3, 2022 4:00pm ‐ May 3, 2022 4:50pm

Identification: TPR2207

This session is geared for experienced practitioners who want to learn more about ways that SOC and other assurance reports are being used to provide assurance over emerging technologies (e.g., Cloud, ESG, Blockchain).

Learning Objective:
  • Identify ways that SOC and other assurance reports are being used to guide assurance over emerging technologies
Speaker(s):
Tags: Experienced
Standard: $49.00

Welcome to Day Two of the Conference: Opening Remarks | Evolving and Promoting CPA Technology Assurance and Advisory Services

May 4, 2022 12:30pm ‐ May 4, 2022 1:30pm

Identification: TPR2208

Our Profession is continuously evolving to serve the public interest by developing high quality, value-added, innovative assurance and advisory solutions. The AICPA’s Assurance Services Executive Committee (ASEC) is responsible for addressing current market needs, particularly those that arise from the use of new and emerging technologies, through the development of new assurance and advisory solutions. This session will offer an inside look into ASEC, its areas of focus, current projects, and what’s on the horizon. It will also give an overview of ways in which other teams and committees across the AICPA and CIMA support these new assurance and advisory services.

Learning Objectives:
  • Recognize the mission and objectives of ASEC
  • Identify current projects and areas of focus under ASEC
  • Indicate future initiatives supporting professional services in this space
Speaker(s):
Tags: Novice
Standard: $49.00

Welcome to Day Two of the Conference: Opening Remarks | Exploring Data Privacy

May 4, 2022 12:30pm ‐ May 4, 2022 1:30pm

Identification: TPR2209

Increased stakeholder demand for better information about how companies manage third party data has resulted in more opportunities for CPAs to provide services around data privacy. This session will address emerging trends in data privacy as well as the types of services CPAs can provide to meet their clients needs.

Learning Objectives:
  • Identify emerging trends in data privacy
  • Identify types of services CPAs can give to meet their clients needs.
Speaker(s):
Tags: Experienced
Standard: $49.00

SOC1 Essentials iconSOC1 Essentials

Preview Available

SOC1 Essentials

May 4, 2022 1:40pm ‐ May 4, 2022 2:30pm

Identification: TPR2210

For practitioners that are new to SOC 1 examinations this session addresses the basics, including:
- obtaining an understanding of the service organization's system and relevant controls
- determining whether control objectives are appropriate
- evaluating suitability of design
- evaluating operating effectiveness
- forming an opinion in the SOC 1 report

Learning Objectives:
  • Obtaining an understanding of the service organization's system and relevant controls
  • Distinguish whether control objectives are appropriate
  • Identify suitability of design
  • Identify operating effectiveness
  • Forming an opinion in the SOC 1 report
Speaker(s):
  • Patrick Morin, CPA, CISA, CITP, Principal - Information Systems and Risk Assurance, Baker Newman & Noyes
  • Binita Pradhan, CPA, CISA, CHQP, Partner, BDO USA LLP
Tags: Novice
Standard: $49.00

Exploring the Value of Assurance in Third Party Risk Management: A CISO's Perspective (Panel)

May 4, 2022 1:40pm ‐ May 4, 2022 2:30pm

Identification: TPR2211

During this panel, Chief Information Security Officer and industry leaders will discuss the importance of third party assurance to enhance the trust and credibility users can place on company prepared information.

Learning Objectives:
  • Identify current security trends directly from Chief Information Security Officer and industry leaders..
  • Differentiate information security risks across technology environments.
Moderator(s):
  • Angela Appleby, CPA, CITP, CISSP, CISA, CIA, QSA-PCI, Audit Partner, Plante Moran
Speaker(s):
Tags: Experienced
Standard: $49.00