Products
The Devil is in The Details: How To Be Successful In Cross Compliance Framework Alliance
Apr 25, 2023 12:40pm ‐ Apr 25, 2023 1:30pm
The Devil is in The Details: How To Be Successful In Cross Compliance Framework Alliance
This session will review tactics to be successful in implementing a control environment that aligns with multiple security frameworks. The session will review common use case, pitfalls organizations find themselves in as well a review of successful case studies. We will discuss the role of compliance platforms in the process and at the end of the sessions, participants will understand what an auditor needs to do to make this successful as well as what the organization needs to do to be successful in implementing a control environment aligned with multiple frameworks.
Speaker(s):
- Alexis Kennedy, CPA, CISSP, CISA, CCSFP, ISO 27001 Lead Auditor, Partner, Weaver
- Bryan Schader, Partner, Moss Adams
SOC Independence and Peer Review Insights
Apr 25, 2023 12:40pm ‐ Apr 25, 2023 1:30pm
This session will highlight any Independence and Peer review insights as they relate to SOC.
Speaker(s):
- Ellen T. Goria, CPA, Associate Director, AICPA
- Audrey L. Katcher, CPA, CGMA, CITP, Partner, RubinBrown, LLP
- Carrie Kostelec, Lead Manager - SOC & Related Services, AICPA
SOC 2 Examinations: Navigating Changes to the SOC 2 Guide
Apr 25, 2023 2:00pm ‐ Apr 25, 2023 2:50pm
This session will help enhance understanding the use of SOC 2 reports to support trusted reliance on third parties. We will cover ways clients can differentiate their SOC reporting.
Speaker(s):
- Audrey L. Katcher, CPA, CGMA, CITP, Partner, RubinBrown, LLP
- Rebecca Thomas, Managing Director, PwC
Start Here...with Risk Assessments
Apr 25, 2023 3:00pm ‐ Apr 25, 2023 3:50pm
Risk assessments have been a primary focus area for firms as well as peer reviewers. Assessing risk is a continual process through an engagement life cycle (from client acceptance to planning to evaluating the results). This session with strive to answer three questions: What is a risk assessment? Why do we keep talking about it? And…where do you start?
Speaker(s):
- Angela Appleby, CPA, CITP, CISSP, CISA, Partner, Plante Moran
- Neha S. Patel, CPA, CISA, CDPSE, Partner in charge, Weaver & Tidwell LLP
SOC 1 Examinations
Apr 25, 2023 3:00pm ‐ Apr 25, 2023 3:50pm
This session will discuss the updates that have been made to the SOC 1 guide, and address the basics of SOC 1 engagements, including:
- obtaining an understanding of the service organization's system and relevant controls
- determining whether control objectives are appropriate
- evaluating suitability of design
- evaluating operating effectiveness
- forming an opinion in the SOC 1 report
Speaker(s):
- Binita Pradhan, CPA, CISA, CHQP, Partner, BDO USA LLP
- Patrick Morin, CPA, CISA, CITP, Principal - Information Systems and Risk Assurance, Baker Newman & Noyes
Using GRC Products - Tools for SOC Engagement - Workflow and Day Close
Apr 25, 2023 4:00pm ‐ Apr 25, 2023 5:00pm
With the growing pool of GRC and "SOC automation" tools entering the market, SOC practitioners are eager to understand the impact on SOC engagements. In this session, we will discuss the good, the bad, and the potentially non-conforming aspects of engagements that utilize these tools.
Speaker(s):
- Jeff Cook, CPA, CITP, CISA, Managing Principal - SOC, Fortreum, LLC
- Kevin Abbott, Partner, Moss Adams
AICPA Update: The Evolving Assurance and Advisory Landscape
Apr 26, 2023 1:40pm ‐ Apr 26, 2023 2:30pm
The AICPA’s Assurance Services Executive Committee (ASEC) is responsible for addressing current market needs, particularly those that arise from the use of new and emerging technologies, through the development of new assurance and advisory solutions. This session will offer an inside look into ASEC’s current projects including Cybersecurity, SOC Reporting, ESG, Digital Assets, and other emerging areas.
Speaker(s):
- Amy R. Pawlicki, VP - Assurance and Advisory Innovation, AICPA
- Carrie Kostelec, Lead Manager - SOC & Related Services, AICPA
How to Handle Vendor Management
Apr 26, 2023 3:00pm ‐ Apr 26, 2023 3:50pm
This session with explore the requirements and best practices related to vendor management - both for companies and for the reviewing of what is done for SOC engagements. We will explore issues that companies face related to vendor management and how to overcome those issues or risks during the SOC engagement.
Speaker(s):
- Paul M. Perry, CDPSE, CISM, CITP, CPA, Member | Security, Risk and Controls Practice Area Leader, Warren Averett LLC
SOC School Debrief - The Most Commonly Asked Questions
Apr 26, 2023 3:00pm ‐ Apr 26, 2023 3:50pm
Over the past several years, the AICPAs SOC school has been a key point of interaction between SOC practitioners across the globe, from new associates to senior partners. Through the dialogue that occurs during the SOC School, its instructors get an invaluable glimpse into the common questions among practitioners and the areas of guidance that are often unknown or misunderstood. Hear from one of these instructors as we revisit the most commonly asked SOC School questions and explore the guidance-based answers.
Speaker(s):
- Sean Linton, CPA, CITP, Partner, EisnerAmper, LLP
- Shelby Nelson, CISA, CISSP, AICPA CyberSOC, Partner - SOC National Practice Leader, Frazier & Deeter, LLC
Ask the Experts - Panel and Closing Remarks
Apr 26, 2023 4:00pm ‐ Apr 26, 2023 5:00pm
This session will grant attendees the opportunity to bring forward questions relevant to matters of SOC and Third-Party Risk. All topics are fair game; our panel of experts will facilitate dialogue and deliver answers on the spot.
Speaker(s):
- Chris Kradjan, CPA, CITP, CRISC, HITRUST CCSFP, Managing Partner, Moss Adams LLP
- Sean Linton, CPA, CITP, Partner, EisnerAmper, LLP
- Steven Ursillo, CPA, CISA, CISSP, CCSFP, Partner | National Leader Information Assurance and Cybersecurity, Cherry Bekaert LLP
- Neha S. Patel, CPA, CISA, CDPSE, Partner in charge, Weaver & Tidwell LLP
- Chris K. Halterman, CPA, Managing Director, Ernst & Young LLP