Find Seminars by Online Compliance Panel and others

(800) 349-1935

 

 

Vendor Management: Using SOC Reports to Oversee Third-Party Information Security and Cybersecurity Risks Webinar  

By:

Online Compliance Panel

Vendor Management: Using SOC Reports to Oversee Third-Party Information Security and Cybersecurity Risks Webinar seminar agenda print utility

dates/locations

For:

Internal auditors, Financial institution counsel, Compliance officers, IT officers, risk managers, Vendor managers, Finance officers, Chief operations officers, Chief information officers, Persons responsible for electronic security

Cost:   

Visit FindaSeminar.com for seminar cost, group discount etc.

Seminar Summary:

Financial institutions need to comply with the FFIEC's guidance on due diligence and managing third-party relationships. A significant compliance concern today is whether the third-party (a service organization) can protect the institution's sensitive data through proper information security and cybersecurity control programs.CPAs provide system and organization control (SOC) reporting for service organizations including SOC 1® engagements for internal controls over financial reports and SOC 2® engagements for information security. Since SOC 2® engagements are directed towards information security, the AICPA identified a need to also develop professional standards for CPAs related to growing cybersecurity risks. (see full course description)

 

View dates/locations for this event on FindaSeminar.com then register online or call (800) 349-1935

 
 

Training Course Syllabus:


Objectives of the Presentation

In this informative webinar, we will cover:
Interpreting SOC 2® engagements and reports
Understanding SSAE 18 professional standards related to SOC 2® engagements including Concepts Common to All Attestation Engagements (AT-C section 105) and Examination Engagements (AT-C section 205)
Understanding AICPA´s updated Trust Services Criteria for SOC 2
How Trust Services Criteria align with COSO´s 2013 framework
How to identify cybersecurity risks using CPA SOC cybersecurity reports

Why Should you Attend

The objective of the AICPA´s cybersecurity reporting framework is to assist service organizations with communicating useful information regarding their cybersecurity risk-management programs to stakeholders and CPAs. In turn, CPAs can examine and report on the service organization´s cybersecurity risk management program so that financial institution management and regulators can rely on a service organization´s ability to maintain adequate security over financial institution sensitive data. This also includes compliance with the GLBA safeguards rule.

Together, SOC 2® engagements for information security and SOC cybersecurity risk assessments represent a needed evolution of AICPA professional standards to deal with the security risks that financial institutions face when contracting with service organizations.

Please join Gary Deutsch, CPA MBA, as he discusses how CPA prepared SOC 2® reports and reports on a service organization´s cybersecurity risk management program can be used to help management meet their regulatory requirements related to third-party relationships.

Seminar Summary:

Financial institutions need to comply with the FFIEC's guidance on due diligence and managing third-party relationships. A significant compliance concern today is whether the third-party (a service organization) can protect the institution's sensitive data through proper information security and cybersecurity control programs.CPAs provide system and organization control (SOC) reporting for service organizations including SOC 1® engagements for internal controls over financial reports and SOC 2® engagements for information security. Since SOC 2® engagements are directed towards information security, the AICPA identified a need to also develop professional standards for CPAs related to growing cybersecurity risks. (see full course description)

 

Findaseminar.com seminars and training FindaSeminar.com is a member of the Seminar News Network and Training News Network Copyright 2008-2014.

FindaSeminar is a registered Trademark of FindaSeminar.com a division of Allied Internet Solutions Inc.