Soc 2 Essentials - April 2025

The growth of cloud computing and outsourcing have created a chain of reliance by business partners on their respective systems. This in turn has created an enormous demand for assurance on the security, availability, processing integrity, confidentiality and privacy of second- and third-party systems. Chief among them is the assurance on system and organization controls (SOC) offered by the CPA profession.

This workshop will focus on key aspects of SOC 2® and SOC 2® + assurance offerings, including the demand and supply characteristics of these services, criteria for describing and evaluating systems, standards for performing assurance services on these systems and current practices.

To be held ONLINE Wednesday, April 23, 2025 10:30 am - 2:00 pm (EDT) with a break from 12:00 - 12:30 pm.

The registration fee is $200 (+HST) and includes all materials. This workshop qualifies for 3 hrs of CPD credit. To register, please click on the REGISTER HERE button below or email elaine.bauer@uwaterloo.ca.

Discounts available:

• 25% discount to Professional Association Members (CPA Canada, ISACA Toronto Chapter, IIA Canada) with submission of Association Name and Membership Number.
• 50% discount to Academics with submission of the name of Institution and role.
• 100% discount to students - subject to availability - discount code required - request discount code from elaine.bauer@uwaterloo.ca.

The session will cover:

• the nature of Systems and Organization Controls (SOC) 2® services, the demand for those services and suppliers of those services, including the distinction between SOC 1®, SOC 2® and SOC 3®,
• Trust Services Criteria (TSC), Description Criteria (DC) and Assurance Standards,
• key elements of SOC 2® reports and how SOC 2® reports should be used,
• variations of SOC 2® services that address criteria other than TSC and the risks they raise for providers and users of SOC 2® and SOC 2®+ reports,
• non-CPA firm competitors in the market for assurance on SOC,
• service quality monitoring and other quality assurance initiatives aimed at ensuring that SOC 2 reports meet professional standards,
• competency requirements for CPAs and non-CPA providers of SOC 2® related services,
• research opportunities on SOC 2® and related services, and
• how future developments (e.g., regulatory or market developments) may affect SOC 2® services.

This session is designed for professionals interested in acquiring, offering or evaluating SOC 2® related services and reports. Educators and students interested in learning about SOC 2® and SOC 2®+ related criteria, services and practices are also welcome.

After completing this workshop, participants will be able to:

• Describe the demand and supply of SOC 2® and SOC 2®+ reports.
• Describe key elements of SOC 2® reports.
• Describe the standards governing the provision of SOC 2® and SOC 2®+ services.
• Describe competency requirements and research opportunities/requirements.
• Discuss future developments.

Please contact Efrim Boritz <jeboritz@uwaterloo.ca> if you need any assistance.

Instructor