The SOC for Cybersecurity Certificate Program (14.5 CPE Credits) will teach you how to help your clients navigate threats as a trusted business adviser for their cybersecurity risk management programs.

Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes – whether public or private.

The result? Your clients are under pressure to demonstrate that they are managing threats. And that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events.

The framework for cybersecurity attestation

SOC for Cybersecurity meets a growing business need for attestation. It's a solution that builds upon the accounting profession's experience in auditing system and organization controls.

For clients whose cybersecurity risk management programs are mature, an independent CPA can perform an examination and express an expert opinion:

• Is the program accurately described?
• Are the controls effective?

Your opportunity as a cybersecurity adviser

This self-study certificate helps you understand how to perform SOC for Cybersecurity attestation examinations using the AICPA's new cybersecurity risk management reporting framework.

As a certificate recipient, you'll be among the first to showcase your knowledge about the AICPA's profession-wide approach to cybersecurity.

Digital badges: Your professional distinction

After you complete the three-part webcast series, you will be awarded a certificate in the form of a digital badge.

Proudly display it anywhere on the internet – a personal blog, a social site such as LinkedIn, Facebook or Twitter, Open Badges, a bio page on a company website or your email signature.

WHO WILL BENEFIT?

Note: You must have either IT expertise or access to IT professionals who possess the skills to perform this work.

• Public accounting practitioners interested in providing cybersecurity attestation services (SOC for Cybersecurity) and in building competencies in and understanding of this service
• Professionals who already have SOC for Service Organizations practices and are looking to expand into cybersecurity attestation services
• Management accountants and internal auditors who want to understand the SOC for Cybersecurity examination service available to their organizations related to their cybersecurity risk management program

KEY TOPICS

• Cyberthreat landscape and the terminology used to describe various aspects of cybersecurity
• Various SOC services
• Components of cybersecurity risk management program
• How to use the description criteria
• How to use the control criteria to assess an entity's controls over cybersecurity
• Key considerations prior to accepting a cybersecurity examination engagement and key planning considerations
• Key steps involved in performing the cybersecurity risk management examination
• Key factors to consider while forming the opinion and preparing the practitioner's report

LEARNING OBJECTIVES

• Understand the AICPA's Cybersecurity Risk Management reporting framework and how IT organizations and practitioners may use it to evaluate controls and communicate certain cybersecurity information to interested parties.
• Analyze the components of an organization's cybersecurity risk management program.
• Recognize the performance and reporting requirements of a SOC for Cybersecurity examination.
• Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes – whether public or private.

Credit Info

• CPE CREDITS: Online: 14.5 (CPE credit info)
• NASBA FIELD OF STUDY: Auditing
• LEVEL: Intermediate
• PREREQUISITES:  Familiarity with the cybersecurity description criteria and the trust services criteria
• ADVANCE PREPARATION: None
• DELIVERY METHOD: QAS Self-Study
• COURSE ACRONYM: CSATT