System and Organization Controls (SOC): Latest SOC 2® guidance updates and impacts for issuers and recipients


In March 2018, the American Institute of Certified Public Accountants (AICPA) released additional guidance for practitioners as it relates to SOC 2® reporting on a service organization’s controls over security, availability, processing integrity, confidentiality and privacy of personal information on the service organization’s system. The guidance provides updates and clarity to SOC 2® reporting requirements and responds to the new 2017 Trust Services Criteria (TSC) and the 2018 Description Criteria, effective for SOC 2® reports with examination periods ending after Dec. 15, 2018.

In this webinar, Baker Tilly SOC specialists discuss the key topics service organizations and users should consider as they perform their SOC 2® examinations under the new guidance, and touch on other recent SOC updates.

Key learning objectives

  1. List key updates in the newly released SOC 2® guide, and how they impact the reports.
  2. Recognize how the new Description Criteria differs for reports issued with periods ending after Dec. 15, 2018 and what service organizations and users need to do now to prepare. 
  3. Identify distinctions between SOC 2® examinations and SOC for Cybersecurity examinations, as described in the recent AICPA whitepaper.

Who should watch:

This webinar is intended for both issuers and recipients of SOC examination reports.

Download the slides >

For more information on this topic, or to learn how Baker Tilly specialists can help, contact our team

"During Baker Tilly’s April 10, 2018, webinar, System and Organization Controls (SOC): Latest SOC 2® guidance updates and impacts for issuers and recipients , 86 percent of polled respondents indicated they believe their organization will be impacted by new SOC 2® guidance released by the American Institute of Certified Public Accountants (AICPA) on March 14, 2018."