0845 470 1000 / enquiries@flane.co.uk

SOC for Cybersecurity Certificate (SOCCC)


Course Overview

Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes—whether public or private. Organizations are under increasing pressure to demonstrate that they are managing threats, and that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events.

To meet this need, we have introduced SOC for Cybersecurity, a solution that builds upon the profession's experience in auditing system and organization controls. For clients whose cybersecurity risk management programs are mature, an independent CPA can perform an examination, in which the CPA expresses an opinion on the client's description of its cybersecurity risk management program and an opinion on the effectiveness of the controls within that program.

This certificate will enable you to understand how to perform SOC for Cybersecurity attestation examinations using the AICPA's new cybersecurity risk management reporting framework. Earn this certificate and be among the first to showcase your knowledge about the AICPA's profession-wide approach to cybersecurity.

The two-day live event covers:

Day One

  • Overview of SOC Suite of Services
  • Overview of a Cybersecurity Risk Management Program
  • Overview of Description Criteria
  • Overview of Control Criteria

Day Two

  • Accepting & Planning a Cybersecurity Examination
  • Performing a Cybersecurity Examination
  • Forming the Opinion & Preparing the Practitioner's Report

Instructional delivery method: Live
Recommended CPE credit: 20
Recommended field of study: Auditing
Prerequisites: Familiarity with the cybersecurity description criteria and the trust services criteria
Program level: Intermediate
Advance preparation: None – but please note that the content within this certificate program references the trust services criteria and description criteria. If you need guidance and examples, then consider purchasing Walkthrough of the Trust Services Criteria and Walkthrough of the Description Criteria.
Important Information on Your CPE Credit
Digital Badge: Upon completing the learning, you will be awarded with a certificate in the form of a digital badge to be proudly displayed anywhere on the internet—a personal blog, a social network like LinkedIn, Facebook, Twitter, Mozilla Open Badges, a biographical page on a company website, or an online resume.

Who should attend

Who Will Benefit?

  • This is designed for public accounting practitioners who are interested in providing cybersecurity attestation services (SOC for Cybersecurity) and want to build their competencies in and understanding of this service. Practitioners must have the appropriate skills and competencies, including IT expertise or access to IT professionals who possess those skills, to perform a SOC for Cybersecurity Engagement. For that reason, participants are likely to come from firms that currently provide SOC for Service Organizations services and are looking to expand into cybersecurity attestation services.
  • CPAs in public accounting firms who are providing non-consulting and advisory services for clients of the firms (e.g. tax or A&A services) and need to be able to intelligently convey the value of a cybersecurity risk management program to their clients (to then hand off to the cybersecurity specialist within the firm).
  • Management accountants and internal auditors who want to understand how their organizations can use the description criteria and trust services criteria, which are part of the AICPA's cybersecurity risk management framework, to evaluate the effectiveness of controls within their cybersecurity risk management program and to communicate information about that program to interested parties. In addition, the course will help them understand the SOC for Cybersecurity examination services that a CPA can provide to organizations.

Course Objectives

This course will prepare you to understand:

  • The AICPA's Cybersecurity Risk Management reporting framework and how it may be used by organizations and practitioners to evaluate controls and communicate certain cybersecurity information to interested parties
  • The components of an organization's cybersecurity risk management program
  • The performance and reporting requirements of a SOC for Cybersecurity examination
Classroom Training

Duration 2 days

Price (excl. VAT)
  • United Kingdom: £ 1,540.-



Accessing our website tells us you are happy to receive all our cookies. However you can change your cookie settings at any time. Find out more.   Got it!