Securing Information Systems and SOC Compliance in the Digital Era (SIS4)

Overview

In today’s interconnected world, safeguarding information systems is crucial. This course offers a deep dive into information security and privacy principles with a focus on modern cybersecurity threats tied to cloud environments, internet of things (IoT), and mobile technologies. Participants will also gain a comprehensive understanding of SOC engagements, exploring the types of reports (SOC 1r, SOC 2r, SOC 3r) and the related management assertions. The use of the reports for internal controls over financial reporting (ICFR) and operations and compliance will be analyzed. The course will also cover data protection during application development and how to align with evolving security standards. This course equips accounting professionals with the knowledge to lead in both cybersecurity strategy and compliance reporting.

Highlights

• Information security and privacy
• System and organization controls (SOC) engagements

Prerequisites

None

Designed For

Experienced CPAs, CITP designation holders and aspirants, and accountants seeking a greater understanding of information systems and controls

Objectives

• Examine cybersecurity principles in the context of HIPAA, GDPR, and PCI DSS, and understand how they regulate the protection of sensitive data
• Summarize the NIST Cybersecurity Framework (CSF) and Privacy Framework
• Identify cybersecurity risks related to cloud environments, IoT, and mobile technologies
• Identify methods for the protection of confidential data during application development
• Understand the purpose of SOC reports, the roles of key players, and identify management assertions specific to different SOC engagement types
• Recall the intended users of SOC 1r, SOC 2r, and SOC 3r reports