*** Note: Due to COVID-19, this course will be delivered virtually with in-person instructors. A link to the online event will be provided before the course begins ***
February 22-23, 2021: 11am - 2 pm EST. - Live Online Course
SOC Reports (System and Organizational Controls Reports): 1-day course by Deloitte & CORE
Third party risk management (TPRM) is evolving into a strategic capability within organizations. Whether you are a part of vendor management, relationship management, TPRM group or vendor governance, it is helpful to have a strong appreciation and understanding of SOC reports that your suppliers, outsourced service providers and partner organizations provide, to be able to review these reports and address any findings.
Course Description: The objective of this course is to introduce both the purpose and use of System and Organizational Control (SOC) reports, in the context of outsourced services.
The session will focus on the following topics:
(i) purpose of SOC reports;
(ii) types of reports – SOC 1 and SOC 2, Type I and Type II;
(iii) key considerations when reviewing SOC reports;
(iv) dealing with exceptions and deficiencies identified in a SOC report;
(v) complementary user entity controls and implications; and
(vi) sub-service organizations (fourth parties) involved, their treatment and implications.
The 2-day course will benefit those who engage outsourced service providers and review the SOC reports received from Suppliers. The course may also be beneficial for those from the service provider and advisor community to allow them to understand typical expectations that their clients have around SOC reports.
This course will be an instructor led, interactive session and will include mini-case studies and discussions to simulate common scenarios faced by organizations.