SOC for Cybersecurity Certificate - Live Event
Aug. 21–Aug. 22, 2019
MicroTrain Technologies, Chicago, IL
| Live online
Conference details

Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes—whether public or private. Organizations are under increasing pressure to demonstrate that they are managing threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events.

To meet this need, we have introduced SOC for Cybersecurity, a solution that builds upon the profession's experience in auditing system and organization controls. For clients whose cybersecurity risk management programs are mature, an independent CPA can perform an examination, in which the CPA expresses an opinion on the client's description of its cybersecurity risk management program and an opinion on the effectiveness of the controls within that program.

This certificate will enable you to understand how to perform SOC for Cybersecurity attestation examinations using the AICPA's new cybersecurity risk management reporting framework. Earn this certificate and be among the first to showcase your knowledge about the AICPA's profession-wide approach to cybersecurity.

The two-day live event covers:

Day One

  • Overview of SOC Suite of Services
  • Overview of a Cybersecurity Risk Management Program
  • Overview of Description Criteria
  • Overview of Control Criteria

Day Two

  • Accepting & Planning a Cybersecurity Examination
  • Performing a Cybersecurity Examination
  • Forming the Opinion & Preparing the Practitioner's Report

Upon completing the learning, you will be awarded with a certificate in the form of a digital badge to be proudly displayed anywhere on the internet—a personal blog, a social network like LinkedIn, Facebook, Twitter, Mozilla Open Badges, a biographical page on a company website, or an online resume.

Learning Objectives
This course will prepare you to understand:

  • The AICPA's Cybersecurity Risk Management reporting framework and how it may be used by organizations and practitioners to evaluate controls and communicate certain cybersecurity information to interested parties
  • The components of an organization's cybersecurity risk management program
  • The performance and reporting requirements of a SOC for Cybersecurity examination
Key Topics:
  • Cyberthreat landscape and the terminology used to describe various aspects of cybersecurity
  • Various SOC services
  • Components of cybersecurity risk management program
  • How to use the description criteria
  • How to use the control criteria to assess an entity's controls over cybersecurity
  • Key considerations prior to accepting a cybersecurity examination engagement and key planning considerations
  • Key steps involved in performing the cybersecurity risk management examination
  • Key factors to consider while forming the opinion and preparing the practitioner's report

Who Will Benefit?

  • This is designed for public accounting practitioners who are interested in providing cybersecurity attestation services (SOC for Cybersecurity) and want to build their competencies in and understanding of this service. Practitioners must have the appropriate skills and competencies, including IT expertise or access to IT professionals who possess those skills, to perform a SOC for Cybersecurity Engagement. For that reason, participants are likely to come from firms that currently provide SOC for Service Organizations services and are looking to expand into cybersecurity attestation services.
  • CPAs in public accounting firms who are providing non-consulting and advisory services for clients of the firms (e.g. tax or A&A services) and need to be able to intelligently convey the value of a cybersecurity risk management program to their clients (to then hand off to the cybersecurity specialist within the firm).
  • Management accountants and internal auditors who want to understand how their organizations can use the description criteria and trust services criteria, which are part of the AICPA's cybersecurity risk management framework, to evaluate the effectiveness of controls within their cybersecurity risk management program and to communicate information about that program to interested parties. In addition, the course will help them understand the SOC for Cybersecurity examination services that a CPA can provide to organizations.

Free eBook with purchase!
Reporting on an Entity's Cybersecurity Risk Management Program and Controls - Attestation Guide is free ($79 value) and will automatically be added to your cart and My Account when you purchase this certificate. Created by the AICPA, this authoritative guide provides interpretive guidance to enable CPAs to examine and report on an entity's cybersecurity risk management program and controls within that program. The guide delivers a framework which has been designed to provide stakeholders with useful, credible information about the effectiveness of an entity's cybersecurity efforts.

Attendance options
SOC for Cybersecurity Certificate - IL
Aug 21-Aug 22, 2019

Step away from your desk, and join us in Chicago, IL. You’ll interact directly with thought leaders and have the advantage of dedicated networking time with your professional community. (Up to 16.5 CPE credits).

Full Registration Rate
AICPA member: $1,805.00
Nonmember: $2,205.00

Day One
8:00 AM - 8:30 AM

Registration & Continental Breakfast

8:30 AM - 10:10 AM

Introduction and Cybersecurity Overview 

10:10 AM - 10:25 AM

Break (15 min)

10:25 AM - 10:50 AM

Overview of SOC Suite of Services

10:50 AM - 11:40 AM

Overview of a Cybersecurity Risk Management Program

11:40 AM - 12:40 PM

Lunch (1 hour)

12:40 PM - 2:20 PM

Overview of Description Criteria

2:20 PM - 2:35 PM

Break (15 min)

2:35 PM - 3:25 PM

Overview of Description Criteria (cont.)

3:25 PM - 5:05 PM

Overview of Control Criteria

5:05 PM - 5:25 PM

Summary and Close

Day Two
8:00 AM - 8:30 AM

Continental Breakfast 

8:30 AM - 10:10 AM

Accepting & Planning a Cybersecurity Examination 

10:10 AM - 10:25 AM

Break (15 min)

10:25 AM - 11:15 AM

Accepting & Planning a Cybersecurity Examination (cont.) 

11:15 AM - 12:30 PM

Performing a Cybersecurity Examination

12:30 PM - 1:30 PM

Lunch (1 hour)

1:30 PM - 2:45 PM

Performing a Cybersecurity Examination (cont.)

2:45 PM - 3:00 PM

Break (15 min)

3:00 PM - 4:15 PM

Forming the Opinion & Preparing the Practitioner’s Report

4:15 PM - 4:35 PM

Summary and Close

More details

Create learning retreats for your team!

When registering for a single conference, groups of 2-9 should contact AICPA customer service team to learn more about their potential savings at 888.777.7077.

If your organization registers for 10+ conference seats over the course of the year, we offer volume pricing, with consolidated invoicing available before or after the event. For more information on the group registration process, contact your conference group sales representative, Corinne Alford at Corinne.Alford@aicpa-cima.com or AICPA Learning at 1-800-634-6780, Option 2.

On-Site/Flex Pass Conference: You may cancel without penalty if cancellation request is received up to and including 45 days prior to the start of the conference. Due to financial obligations incurred by the AICPA, a credit less 50% of the registration fee will be issued for requests received up to and including 21 days prior to the start of the conference. No refunds or credits will be issued on cancellation requests received less than 21 days prior to the start of the event.

For more information about AICPA's conference cancellation policy, contact the AICPA Service Center at 1-888-777-7077 or service@aicpa.org.

Resolution of Disputes

Transactions at this site are covered by binding arbitration. Any controversy or claim arising out of or relating to the use of this Web site that cannot be settled to your satisfaction by our member satisfaction team shall be settled by arbitration in New York, New York. Such disputes will be administered by the American Arbitration Association (https://www.adr.org/), 335 Madison Avenue, 10th floor, New York, New York 10017-4605, (800) 778-7879, in accordance with its Arbitration Rules, and judgment upon the award rendered by the arbitrator(s) may be entered in any court having jurisdiction thereof.

Should you feel that there has been a breach to the integrity or security of this site, please contact the service center immediately at 888.777.7077.

Ratings and reviews
SOC for Cybersecurity Certificate - IL (In person)
CPE credits
: 16.5
NASBA Field of Study
Familiarity with the cybersecurity description criteria and the trust services criteria
None – but please note that the content within this certificate program references the trust services criteria and description criteria. If you need guidance and examples, then consider purchasing Walkthrough of the Trust Services Criteria and Walkthrough of the Description Criteria.
Back to Top