Skip to main content
Not Found
Live Webcast Replay

Audit Analysis: Third-Party Risks & SOC Reporting

Total Credits: 1 including 1 Auditing- Technical

Average Rating:
Partner Produced |  Accounting and Auditing
Sarah Pavelek |  Dan Paulson
Course Levels:
1 Hour
Access for 30 day(s) after program date.



The use of third-party services continues to increase. The ability to gain assurance over internal controls when using these third-party services is critical. Compare and contrast third party controls as they apply to software as a service, specifically with regards to the user-controlled risk and cloud-based programs.

Basic Course Information

Learning Objectives
  • Compare and contrast third party controls as they apply to software as a service



Major Subjects
  • Third party trends
  • COIVD-19 changes
  • Risks of using third parties
  • Third party controls
  • How do you gain assurance?

Course Materials


Sarah Pavelek Related seminars and products

Sarah has over twenty years of cybersecurity consulting experience in a number of industries, including technology, service, insurance, financial institution, and healthcare. Sarah is one of the leaders in the System and Organization Controls (SOC) practice and her experience includes SOC readiness assessments & examinations, Microsoft Data Protection Requirements (DPR) assessments, IT risk assessments, IT audits, application security controls reviews, privacy assessments (GLBA, HIPAA Security), HITRUST, and Sarbanes-Oxley 404 IT compliance reviews. Sarah has a BS in Accounting from the University of Alabama (Summa Cum Laude) with a minor in Computer Science. Sarah is Certified in Risk and Information Systems Control (CRISC), Information Systems Security (CISSP), and is a HITRUST Certified CSF Practitioner (CCSFP). She is a member of the Information Systems Audit & Control Association (ISACA) and the International Information Systems Security Certification Consortium (ISC)². She has also achieved the Advanced SOC for Service Organizations Certificate from the AICPA. Sarah has presented on cybersecurity related topics in various white papers, newsletters, TV outlets, webinars, and conferences.   

Dan Paulson Related seminars and products

Dan has over seven years of information security, control and IT audit experience in a number of industries including cloud services, financial institutions, healthcare, insurance, and manufacturing. Dan’s experience includes SOC 1, 2, and 3 examinations and SOC readiness assessments, ISO 27001 Certification Audits, Microsoft Data Protection Requirements (DPR) assessments, IT risk assessments, IT audits, security & privacy assessments (GDPR, HIPAA/HITECH), and Sarbanes-Oxley 404 IT compliance reviews. Dan holds a Bachelor of Arts degree in Political Science from Ohio State University and a Master of Accounting degree from Southern Illinois University. Dan is a Certified Information System Security Practitioner (CISSP), a Certified Information Systems Auditor (CISA), a Qualified Security Assessor (QSA), and an ISO 27001 Lead Auditor. Dan is a member of the Information Systems Audit & Control Association (ISACA) and (ISC) 2. 


Tue, Apr 25, 2023 - 10:00am to 11:02am MDT
Wed, May 17, 2023 - 08:00am to 09:02am MDT
Mon, Jun 05, 2023 - 01:00pm to 02:02pm MDT

Additional Info

Basic Course Information



Advanced Preparation


Designed For

CPAs, auditors and accounting personnel

Original Recording Date


Yellow Book


Course Developer


Date Added to Catalog


Additional Information

Complaint Resolution Policy

Please contact Anne Taylor for any complaints., (972-377-8199).

Official Registry Statement

Business Professionals' Network, Inc. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

Instructional Delivery Method

Group Internet Based

Course Registration Requirements

Online Registration

Refund/Cancellation Policy

Please contact the ACPEN help desk 1-877-602-9877 or if you wish to cancel your attendance for a previously purchased webcast and are requesting a refund or transfer.



Overall:      4.4

Total Reviews: 23


Heather B

"Great topic! I never thought about breaches & fraud at the vendor level. Great practical considerations."

Justin P

" "

Please wait ...

Back to Top