Managing the risks of cyberattacks has become more difficult as companies rely on a growing number of third-party vendors for services like cloud computing and software development. SOC 2 (System and Organization Controls 2), a compliance standard developed by the AICPA, helps ensure that companies protect their clients' data securely. Audrey Katcher is a partner in RubinBrown’s Business Advisory Group, overseeing the group’s Information Technology Risk Services (ITRS). She offers her expertise in third-party assurance and SOC reports, helping companies understand and manage technology risks for the benefit of their clients and their businesses.
Learning Objectives
• Recognize the current environmental changes and threats in the third
• party trust arena, including increased cyber
• attacks, outages, and the growing use of AI by threat actors
• Identify ways to leverage SOC reports to improve internal control over financial reporting
• Recognize differences between SOC 1, SOC 2 & SOC for cybersecurity reports and how they complement each other
• Identify how to develop and enforce strong governance over third
• party risk management
Major Topics
• GAAP compliance
• financial disclosure requirements
• PCAOB standards
