Skip to main content
Not Found
Live Webcast Replay

Keys of SOC Reports - Following SSAE 18 Requirements

Total Credits: 2 including 2 Auditing- Technical

Average Rating:
Partner Produced |  Accounting and Auditing
Lynn Fountain, CGMA, CRMA, MBA
Course Levels:
2 Hours
Access for 30 day(s) after program date.



Today's businesses have seen a dramatic increase in the use of outsourced providers to assist with executing processes from payroll, accounts payable, information technology, benefit plan administration and many other core processes. These processes ultimately have an impact on an organization's internal control over financial reporting but also could impact compliance and operational issues

In 2011, the Statement on Standards for Attestation Engagements (SSAE) 16 replaced the former Statement on Auditing Standards (SAS) 70. In May 2017, a new standard, SSAE 18, superseded SSAE 16

The concepts covered in this course are referred to as a Service Organization Control Report (SOC). Organizations who utilize outsourced providers should understand the various types of SOC reports, their intended use and their implication on a company's financial reporting process, regardless of your status as a publicly traded or privately held organization.  The process can be complicated to understand as a user organization. Currently, several types of SOC Reports exist including:

  • SOC 1 - Type 1

  • SOC 1 - Type 2

  • SOC 2 - Type 1

  • SOC 2 - Type 2

  • SOC 3

  • Cybersecurity SOC

This course speaks briefly to the transition from SAS 70 to SSAE 16 and now SSAE 18.  However, the focus is on the various Service Organization Control Reports, their purposes and uses

Basic Course Information

Learning Objectives
  • Explore the transition of the accounting standards from Statement on Auditing Standards (SAS) 70 to Statement on Standards for Attestation Engagements (SSAE) 16 and now SSAE 18
  • Recognize the various types of service and subservice organizations
  • Explore procedures to conduct a SOC (Service Organization Control) 1 engagement, develop proper control objectives and determine specific reporting methods
  • Explore procedures to conduct and report on a SOC 2 engagement
  • Recognize the requirements for SOC 3 reports
  • Explore the SOC cybersecurity requirements
  • Recognize the requirements to prepare for a SOC engagement
  • Recognize the requirements for user entities

Major Subjects
  • Move from SAS 70 and SSAE 16 to SSAE 18
  • Types of Service Organizations
  • SOC 1 Engagements
  • Control Objectives
  • Reporting
  • SOC 1 and SOC 2 Reporting
  • SOC 3 Reports
  • Preparing for SOC Engagement
  • SOC Comparisons

Course Materials


Lynn Fountain, CGMA, CRMA, MBA Related seminars and products

Lynn Fountain has over 37 years of experience spanning public accounting, corporate accounting and consulting. 22 years of her experience has been working in the areas of internal and external auditing. She is a subject matter expert in multiple fields including internal audit, ethics, fraud evaluations, Sarbanes-Oxley, enterprise risk management, governance, financial management and compliance. 

Ms. Fountain has held two Chief Audit Executive positions for international companies. In 2011, as the Chief Audit Executive for an international construction/ engineering firm, she was involved in the active investigation of a joint venture fraud.  The investigation included work with the FBI and ultimately led to indictment of the perpetrators and recovery of $13M.  Ms. Fountain is currently engaged in her own training and consulting business and is a regular trainer for the AICPA.

Ms. Fountain is the author of three separate technical books.  “Raise the Red Flag – The Internal Auditors Guide to Fraud Evaluations” was published by the Institute of Internal Auditors Research Foundation. “Leading The Internal Audit Function” and “Ethics and The Internal Auditor Political Dilemma” were published by Taylor & Francis In addition,

Ms. Fountain has performed as an adjunct instructor for the School of Business for Grantham University and developed the first internal audit curriculum for the School of Business at the University of Kansas.  Ms. Fountain obtained her BSBA from Pittsburg State University and her MBA from Washburn University in Kansas. She has her CGMA, CRMA credentials and CPA certificate (non-active).


Thu, Apr 27, 2023 - 12:00pm to 02:00pm MDT
Wed, May 24, 2023 - 09:00am to 11:00am MDT
Fri, Jun 09, 2023 - 08:00am to 10:00am MDT
Wed, Jun 28, 2023 - 11:00am to 01:00pm MDT
Thu, Jul 20, 2023 - 06:00am to 08:00am MDT
Fri, Aug 25, 2023 - 12:00pm to 02:00pm MDT
Wed, Sep 20, 2023 - 09:00am to 11:00am MDT
Mon, Oct 30, 2023 - 06:00am to 08:00am MDT
Tue, Nov 28, 2023 - 12:00pm to 02:00pm MST
Thu, Dec 14, 2023 - 09:00am to 11:00am MST
Fri, Dec 29, 2023 - 06:00am to 08:00am MST
Thu, Jan 25, 2024 - 12:00pm to 02:00pm MST

Additional Info

Basic Course Information



Advanced Preparation


Designed For

CPAs, Corporate personnel working with SOC providers, consultants providing SOC reports

Original Recording Date


Course Developer


Date Added to Catalog


Additional Information

Complaint Resolution Policy

Please contact Anne Taylor for any complaints., (972-377-8199).

Official Registry Statement

Business Professionals' Network, Inc. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

Instructional Delivery Method

Group Internet Based

Course Registration Requirements

Online Registration

Refund/Cancellation Policy

Please contact the ACPEN help desk 1-877-602-9877 or if you wish to cancel your attendance for a previously purchased webcast and are requesting a refund or transfer.



Overall:      4.8

Total Reviews: 8

Please wait ...

Back to Top