Description

Each year, you hear about increasing the usage of SOC 1 reports in your EBP audits. Attend this session and leave knowing why it's imperative to use a SOC 1 report in your audit, if applicable. The session will cover key differences between SSAE 16 and SSAE 18. Content will also include subservice provider reports and noting subservice provider user controls, efficient ways to review and summarize a SOC 1 report, and what to do if you can't obtain a SOC 1 report but need one.

• Identify the appropriate audit approach regarding subservice organizations and complimentary user entity controls.
• Analyze the impact of carve-outs, complementary user controls, exceptions in testing, and report qualifications.
• Analyze the differences between SSAE 16 and SSAE 18.
• Determine efficient ways to summarize and evaluate information in SOC 1 reports.

Speaker(s):

• Patricia McCormick, CPA, Audit Manager, Deloitte & Touche
• Susan J. Peirce, CPA, Principal, Apple Growth Partners