Content Provider
Withum logo

Middlebanner capstan06262024
Self-Study CPE
View Details/Register
View Details/Register
View Details/Register
View Details/Register
Free cpe webinars
Navigating SOC 2 Compliance: Purpose, Process, Timeline, and Common Pitfalls


Available Date(s)
Monday, June 17, 2024: 4:00PM EDT

Cost Free
CPE Credits 1.5 hours
Subject Area 1.5 - Auditing
CE Credits 0.0 hours
Course Level Basic
Instructional Method Group Internet Based
Prerequisites None
Advanced Preparation None
Course Description

A SOC 2 report focuses on outsourced services that could impact the security, availability, processing integrity, confidentiality, and privacy of their client's data.

This course will examine how SOC 2 reports address internal controls of service organizations and their internal controls around the security, availability, processing integrity, confidentiality, and privacy of their clients' data. Attendees will examine the criteria utilized for SOC 2 reporting and how it enables users to have an apple-to-apple comparison of their vendors or prospective vendors.

This webinar reviews the use cases and scenarios where SOC 2 reports are commonly seen across various industries. The instructor will also uncover common pitfalls encountered during the preparation phase of an audit, as well as issues that may arise during the audit itself. Join this course to review the implications of audit findings, recognize what it means if a finding is identified during the audit, and understand how that may impact the reader's interpretation of the report.

This presentation is part three of a three-part series.

Part 1: Introduction to SOC Reporting

Part 2: SOC 1 Reporting

Learning Objectives:

  • Identify the purpose, use cases, and common industries where SOC 2 reports are utilized to evaluate service organizations' controls over security, availability, processing integrity, confidentiality, and privacy of client data

  • Define the criteria used for SOC 2 reporting, such as the Trust Services Criteria, and how it enables consistent evaluation and comparison of service organizations across different vendors

  • Determine the typical structure and contents of a SOC 2 report, the audit timeline and expectations for an organization undergoing a SOC 2 audit, potential pitfalls in the preparation process, and the implications of any audit findings identified in the report

Withum logo

The AICPA selected Scott to write and present the first-ever Education Program for "Reporting on an Entities Cybersecurity Risk Management Program and Controls" to cybersecurity professionals obtaining SOC for Cybersecurity certification. This program is the first of its kind, and as the author and presenter, Scott is one of the first in the U.S. to become certified. With 20+ years of experience, Scott is a Senior Manager within Withum’s SOC Services practice.  His expertise lies within internal control assessments, risk assessments, SOC reporting (SOC 1, SOC 2, SOC 3, and SOC for Cybersecurity), SOX 404, and internal audit co-sourcing.


Andrea Fernandez

WithumSmith+Brown, PC
Manager, System and Assurance Advisory Services

Withum logo

Andrea has over seven years of professional experience and is a manager within the System and Assurance Advisory Services practice. She specializes in internal control assessments and consulting services relating to Sarbanes-Oxley Act (SOX) and service organization control (SOC) reporting. Andrea is involved in the issuance of over 100 SOC reports, including a combination of SOC 1, SOC 2, and SOC 3 reports.

Additional Materials
Webinar Technical FAQs
Frequently Asked Questions
  • To receive CPE credit, you must register for the webinar before it starts.
  • CPE is available to all eligible participants within 24 hours of each webinar.
  • To receive CPE for multiple attendees, at least one person must sign up for the webinar. The post-webinar email contains a link to instructions for the proctor letter. Alternatively, you may log in to your account following the webinar and click on the MY ACCOUNT button to find a link to instructions. For paid courses, payment needs to be made for each attendee before credit will be issued.

NASBA Approved (Sponsor Id#: 111889) is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: 1685 S. Colorado Blvd, Suite #205, Denver, CO 80222

About Our Presenter

Withum logo
Withum is a forward-thinking, technology-driven advisory and accounting firm, committed to helping clients be more profitable, efficient and productive in the modern business landscape. With office locations in major cities and financial centers across the country, and as an independent member of HLB, the global advisory and accounting network, Withum serves businesses and individuals on a local-to-global scale. Our professionals provide the expert advice and innovation solutions you need to Be in a Position of StrengthSM in today’s fast-paced, tech-driven world.