SOC for Cybersecurity Certificate (14.5 hours) – Certificate Program

Previous

This is a Self-Study / On-Demand event. In the event title, "Webcast" indicates the event has a self-paced webcast to view with the materials to complete the self-study. "Download" indicates the user downloads only the materials to complete the self-study.

Fees

Member Fee: $819.00
Nonmember Fee: $1025.00

Available Discounts

AICPA Member: None
Full time Accounting Educator: None

Description

Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes-whether public or private. Organizations are under increasing pressure to demonstrate that they are managing threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events.

To meet this need, we have introduced SOC for Cybersecurity, a solution that builds upon the profession's experience in auditing system and organization controls. For clients whose cybersecurity risk management programs are mature, an independent CPA can perform an examination, in which the CPA expresses an opinion on the client's description of its cybersecurity risk management program and an opinion on the effectiveness of the controls within that program. This certificate will enable you to understand how to perform SOC for Cybersecurity attestation examinations using the AICPA's new cybersecurity risk management reporting framework.


Note:
This is an on-demand/self-study course offered by a 3rd party vendor and will not be accessible in the CPE Tracker section of the OSCPA website. Course access information will be emailed directly to you by AICPA. The course expires one year from the purchase date.

Designed For

This is designed for public accounting practitioners who are interested in providing cybersecurity attestation services (SOC for Cybersecurity) and want to build their competencies in and understanding of this service. Likely participants may already have SOC for Service Organizations practices and are looking to expand into cybersecurity attestation services. Participants must have either IT expertise or access to IT professionals who possess the skills to perform this work. Management accountants and internal auditors who want to understand the SOC for Cybersecurity examination service available to their organizations related to their cybersecurity risk management program.

Objectives

  • Understand the AICPA's Cybersecurity Risk Management reporting framework and how it may be used by organizations and practitioners to evaluate controls and communicate certain cybersecurity information to interested parties
  • Analyze the components of an organization's cybersecurity risk management program
  • Recognize the performance and reporting requirements of a SOC for Cybersecurity examination

Major Subjects

  • Cyberthreat landscape and the terminology used to describe various aspects of cybersecurity
  • Various SOC services
  • Components of cybersecurity risk management program
  • How to use the description criteria
  • How to use the control criteria to assess an entity's controls over cybersecurity
  • Key considerations prior to accepting a cybersecurity examination engagement and key planning considerations
  • Key steps involved in performing the cybersecurity risk management examination
  • Key factors to consider while forming the opinion and preparing the practitioner's report