List of Courses
-
System & Organization Controls (SOC) Part I - CO005011
-
System & Organization Controls (SOC) Part II - CO005012
-
System & Organization Controls (SOC) Part III - CO005013
-
System & Organization Controls (SOC) Part IV - CO005014
-
System & Organization Controls (SOC) Part V - CO005015
-
System & Organization Controls (SOC) Part VI - CO005016
Objective
1. Awareness – Refer to Awareness Bundle 1
2. Awareness + – Refer to Awareness + Bundle 2
3. Part V will further enhance your skills in key areas of writing system description, which includes system overview, infrastructure details, relevant aspects of controls, and complementary user-entity controls. You will learn to describe the control environment, risk assessment process, information communication systems, and control monitoring process.
4. Part VI educates the user about vendors due to diligence and the use of SOC2 reports. You will learn how user organizations can adopt the SOC report, identify the relevant report user organization will need from a vendor, and understand the report content and different types of SOC reports. You will learn to interpret and evaluate the SOC report content (explained with the report examples):
- Independent Service Auditor Report
- Management Assertions
- Overview of Operations
- Relevant Aspects of the Control Environment
- Description of the System
- Description of Control Objectives, Control, and Results of Testing
- Complementary User Entity Controls
- Other Information Provided by Management