top of page
SAE SOC Audits: Comprehensive Training for Auditees, Auditors, and Assessors


Since May 1, 2017, audits of System and Organization Control (SOC) have been governed by the AICPA Statement on Standards for Attestation Engagements (SSAE 18). This standard replaced SSAE 16, which in turn replaced SAS 70 and SAS 44. The implementation of SSAE 18 necessitates adjustments to compliance programs for users of SOC 18 audit reports, as it offers a more comprehensive approach.


Join us for this essential training program led by highly experienced instructors who perform SSAE 18 audit activities. Gain insights into the best practices for preparing, conducting, and assessing SSAE 18 audit reports. The program delves into the entire SSAE 18 audit process, covering planning, performing, documenting, and reporting.


This valuable CPE event provides a comprehensive evaluation of SSAE 18 requirements from three perspectives: the Service Organization, the External Auditor, and the Report User. The materials offer detailed guidance on creating and assessing effective internal control systems within outsourced IT service organizations under the SSAE 18 standard. Additionally, Report Users will gain insights into interpreting and documenting the report in alignment with their specific requirements.


We provide service organizations with guidance on typical SSAE 18 controls and procedures, while also equipping external auditors with the knowledge to document SSAE 18 workpapers and audit reports effectively.


By attending this program, your organization will develop, assess, and maintain an effective SSAE 18 program within a Vendor Management Program. This ensures compliance with regulatory requirements such as the Sarbanes-Oxley Act (SOX) Section 404, as well as other similar regulations (HIPAA, GLBA, etc.) and best practices (COBIT, NIST 800, ITIL, etc.).


Our top-down, risk-based approach to SSAE 18 compliance will provide attendees with a comprehensive understanding. The presentation includes topics such as assessing organizational objectives, selecting control objectives and criteria, conducting a risk assessment, evaluating client requirements, managing vendors and subservice organizations, maintaining physical and logical security controls, evaluating control deficiencies, and ensuring compliance with SSAE 18 standards.


This internal control training course will provide each attendee with 18 CPE Event Hours (YB) and receive a certificate of completion, validating their expertise in SSAE 18 audits.


Don't miss this opportunity to enhance your knowledge and skills in SOC audits under the SSAE 18 standard. Register now to gain valuable insights and techniques that will drive effective SOC compliance in your organization.


SSAE 18 SOC Audits: Auditee - Auditor - Assessor Training

  • Offered on Tuesday-Thursday once every six weeks in three six hour sessions for 18 CPE credits.

    The sessions will run from 9:00 a.m. to 3:00 p.m. Central Time Zone. There will be a lunch break from 12:00 noon to 12:30 p.m. each day.

    We can schedule private events on your timetable for two or more attendees. Bring this event to your audit team now!

    NASBA Program Disclosure

    Program Level of Understanding: Basic
    Prerequisites: None
    Advance Preparation: None
    Delivery Format: Group Internet Based
    NASBA Field(s) of Study: Auditing, Information Technology
    CPE Credits: 18 based on 50 minutes of instruction per hour

In the event you haven't seen an email from confirming your registration land in your inbox, there's a chance it might have taken a little detour into your spam, junk, or quarantine folder. If you could take a moment to peek in there and kindly mark it as "not spam" or “not junk,” that would be fantastic. On the off chance that your firewall is being a bit overprotective and preventing the email from even reaching your spam folder, please don’t hesitate to give me a ring at 479-200-4373. I’m here to ensure everything’s set straight for you.

bottom of page