Video: Introduction to Considerations Specific to Reporting on a SOC Engagement

In this lesson, Nick Palazzolo, CPA, delves into the specifics of reporting on Service Organization Control (SOC) engagements, focusing on both SOC 1 and SOC 2 reports. He starts by aiming to master the effects of Complementary User Entity Controls (CUECs) and the difference between the carve-out and inclusive methods of reporting. With an emphasis on real-world implications, Nick further explains the various types of opinions and the necessary report modifications when deficiencies are found during SOC engagements. This lesson also covers how to effectively document and present the results of testing of controls, addressing potential exceptions and their impacts on the SOC reports. By building on these points, Nick ensures a comprehensive understanding of the audit and reporting requirements for service organizations like outsourced payroll providers.

Create an account 7-day free trial. No credit card required.
Considerations Specific to Planning, Performing & Reporting on a SOC Engagement
Module: 2 Concepts, 30 Videos
Considerations Specific to Planning and Performing a SOC Engagement - Overview
1:09
Introduction to Considerations Specific to Planning and Performing a SOC Engagement
8:07
Purpose and Organization of the Trust Services Criteria
3:58
Subject Matters in Trust Services Criteria Reporting
5:13
Management Assertions in SOC Engagements
8:35
Intended Users of SOC 1, SOC 2, and SOC 3 Reports
5:16
Independence Considerations in SOC Engagements
3:39
Materiality in SOC Engagements
3:01
Risk Assessment for Service Organizations and Service Auditors
2:40
Criteria for a Vendor To Be Considered a Subservice Organization
5:42
Inclusive v. Carve-out Method in SOC Engagements
4:20
Service Commitments and System Requirements in SOC 2 Engagements
2:47
Subsequently Discovered Facts on SOC Engagements
6:25
Purpose and Common Sections of a System Description in SOC Engagements
3:31
Management's Description of an Entity's Cybersecurity Risk Management Program
3:52
Complementary User Entity Controls
4:22
Obtaining Management's Written Representations
4:07
Understanding the System in a SOC 2 Engagement
5:46
SOC 1 vs. SOC 2 Engagements
11:31
Considerations Specific to Planning and Performing a SOC Engagement - Summary
1:30
Considerations Specific to Planning and Performing a SOC Engagement - Practice Questions
5:08
Considerations Specific to Reporting on a SOC Engagement - Overview
0:59
Introduction to Considerations Specific to Reporting on a SOC Engagement
2:05
CUECs Effect on SOC Reports
5:31
Carve-out vs. Inclusive Method in Reporting on CSOCs
5:39
Types of Opinions and Report Modifications in the Presence of Deficiencies
11:47
Preparation of SOC 2 Reports
5:05
Form and Content of SOC 1 and SOC 2 Reports
4:49
Considerations Specific to Reporting on a SOC Engagement - Summary
1:42
Considerations Specific to Reporting on a SOC Engagement - Practice Questions
5:45