EBP1957. Sort Out the SOC Reports used in Your EBP Audits (Repeat of Session 20)

Accounting & Auditing
Field of Study: 
CPE Credit: 
Advanced Preparation: 

Wednesday, May 8, 2019

Each year, you hear about increasing the usage of SOC 1 reports in your EBP audits. Attend this session and leave knowing why it's imperative to use a SOC 1 report in your audit, if applicable. The session will cover key differences between SSAE 16 and SSAE 18. Content will also include subservice provider reports and noting subservice provider user controls, efficient ways to review and summarize a SOC 1 report, and what to do if you can't obtain a SOC 1 report but need one.
Learning Objectives:

  • Identify the appropriate audit approach regarding subservice organizations and complimentary user entity controls.
  • Analyze the impact of carve-outs, complementary user controls, exceptions in testing, and report qualifications.
  • Analyze the differences between SSAE 16 and SSAE 18.
  • Determine efficient ways to summarize and evaluate information in SOC 1 reports.


Audit Manager | Deloitte & Touche
Principal | Apple Growth Partners