AICPA Offers SOC Educational Resources

The American Institute of CPAs has announced its library of educational resources to provide tools and guidance for professionals performing Service Organization Control engagements.

AICPA members can take advantage of information about IT audits and compliance, as well as SOC reporting guidance. SOC engagements cover assessing internal controls of financial reporting, security controls and data privacy and there is an increasing demand for SOC engagements.

“As technology grows more complex and widely used, it’s only natural that the CPA’s trusted role in assessing the integrity of financial numbers extends more and more to the evaluation of the integrity of systems that house, package and distribute business information in ways unimaginable a few years ago,” said Amy Pawlicki, AICPA Director of Business Reporting, Assurance and Advisory Services. “We see great opportunity for firms that are leveraging their core competencies to help clients navigate this ongoing transformation.”

Firms can take advantage of the many opportunities the AICPA has to offer, such as:

  • SOC School. AICPA offers a boot camp to teach professionals how to conduct IT audit engagements. The first session of SOC School was held in Atlanta in June and the second session is scheduled for July 30-August 1 in Chicago.
  • Online self-study courses. Professionals can choose between an Introduction to SOC Reports course and a series of courses that cover SOC1, SOC2 and SOC3 engagements. CPE credits can be earned for these courses.
  • Guidance. The AICPA Online Professional Library contains many resources, including: The Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy (SOC 2) Guide; Applying SSAE No. 16, Reporting on Controls at a Service Organization Guide (SOC 1); and Using an SSAE No. 16 Service Auditor's Report (SOC 1 Report) in Audits of Employee Benefit Plans.
  • Business Development Tools for Firms. The Quick Reference Guide to Service Organization Control Reporting Matters focuses on SOC 1, 2 and 3 reports and is available for professionals to purchase in bulk for their clients to help them understand SOC engagements.
  • Software to Simplify Privacy Risk Assessment. The AICPA’s Privacy Principles Scoreboard helps professionals assess their privacy risks and programs using the AICPA and the Canadian Institute of Chartered Accountants’ Generally Accepted Privacy Principles.