During this presentation, we will discuss the various types of SSAE SOC reports, as well as the corresponding types of audits. This course will help your organization identify critical processes, procedures, and controls that should be included in the scope of your assessment. We will discuss methodologies to implement and maintain an effective control environment compliant with the Sarbanes-Oxley Act (SOX) Section 404 or NIST. Lastly, participants will be educated in the following:

  • Identifying 3rd party processes being performed on behalf of clients.
  • Identifying SOC requirements based on those 3rd party processes.
  • Identifying the process, objectives, and control scope.
  • Creating documented policies, procedures, and controls, and
  • SSAE report formatting.


Course Key Concepts: SSAE, SOC, Compliance, Security, Audit, CISA.


Learning Objectives
  • Recognize the differences SSAE 18 SOC I, SOC II, SOC III, and Type I and II.
  • Discover and discuss various audit objectives.
  • Explore and discuss policies, procedures, and control to determine the audit scope.
  • Identify and discuss the advantages of performing a readiness assessment.
Last updated/reviewed: August 23, 2023
7 Reviews (35 ratings)


Member's Profile
Instructor provides a detailed presentation (and explanation) of the structure of SOC 1, 2 & 3 reports and frameworks utilized. It's an excellent refresher and training tool for individuals assessing third party reports.

Member's Profile
Great overall course. Good understanding of the various topics associated with an SSAE18 audit/report. Which there were more examples of the testing behind the audits, or examples of the audit but good course.

Anonymous Author
This course was a good refresher on SSAE18. As a professional working on several SOC1/SOC2 Gap Assessments, it was a good reminder for the necessary preparations for a SOC Assessment.

Anonymous Author
Great course that highlights the details related to SSAE 18 and SOC reports. It's great to learn more about SOC 2 and SOC 3 reports as SOC 1 is so commonly talked about. Thanks!

Anonymous Author
Amazing lecture. Great instructor. Nice and to the point. I'm glad I took this course. I got a better understanding of SSAE 18

Anonymous Author
I've used illumeo for years to complete my CPEs. I've never had a problem with the material or the exams.

Anonymous Author
Very indepth course about SOC. It has solidified my earlier knowledge on the subject matter

Course Complexity: Foundational

No advanced preparation or prerequisites are required for this course.

Education Provider Information
Company: Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact: For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Instructor for this course
Course Syllabus
  Introduction to Preparing for a SSAE Audit2:44
  What is a SSAE 18?11:01
  Type 1 Vs Type 22:45
  Identifying the Processes Objectives and Control Scope9:56
  Identifying the Processes Objectives and Control Scope Cont'd8:21
  Creating Documented Policies Procedures and Controls5:34
  The Advantages of Performing a Readiness Assessment4:27
  SSAE Report Formatting5:12
  Preparing for a SSAE SOC Assessment50:00
  Slides: Preparing for a SSAE SOC AssessmentPDF
  Preparing for a SSAE SOC Assessment Glossary/ IndexPDF
  Supporting Content - Preparing for a SSAE SOC AssessmentPDF
  Supporting Content - Preparing for a SSAE SOC AssessmentXLXS