1 CPE The Statement on Standards for Attestation Engagements (SSAE) No. 16, effectively replaced the former standard SAS 70 in 2010 as the authoritative guidance for reporting on controls at service organizations. Today, many service organizations have converted to the new standard and now have a SSAE 16 report, also referred to as a Service Organization Controls (SOC) 1 report.
This course provides an overview of SSAE 16 standards and the approach to compliance reporting on controls at service organizations as well as the responsibilities of those organizations being audited. We also discuss:
- Outsourcing and risk
- Terms and definitions
- Why SAS 70 was replaced with SSAE 16, and the key differences between the two
You also learn about the three SOC reporting options and two types of reports, with emphasis on the SOC 1 report. Also covered:
- Various sections of SOC 1
- How to write a description of a service organizations control environment, as well as managements written assertion
- How to derive value from the reports to evaluate service organizations services
Learning Objectives
- Discover and differentiate between the three types of SOC reports
- Identify and name the components of a SOC 1 report
- Discover and compose a management assertion letter to include with the service auditor’s opinion
- Recognize and effectively describe the service organization’s “system”
Last updated/reviewed: March 9, 2024
33 Reviews (129 ratings)
Reviews
Anonymous
(Senior IT Audit Manager)
Great description of the SOC 1 report requirements & customary contents. Well-organized presentation with clearly-worded (albeit lackluster) slides, providing a good amount of detail without being overwhelming. The presenter was easy to understand and seemed to be very familiar with the topic. Although she was a bit monotone, my interest was held throughout and I gained knowledge that'll be very helpful in my job.
Festus Akingba
(internal Auditor at Century Next Business Services LLC)
It is pretty detailed and I leant a lot. I will recommend this to my colleagues. The exam and quiz are beneficial, but I will recommend that the exams are a little more, like having 30 questions. I also recommend that there are 5 questions quiz after each video to test the subject of that segment
David Samuel
(staff auditor at RMLSL)
the course was straight forward and well laid out, the time allocated was productive. However, I would suggested well dictating, the presented can make more emphasis on topics and subtopics to allow learners follow through with making notes
Raveendran Madappattu
View Instructor Profile
Excellent course. Within the short time the instructor has explained the SAS 60 and SSAE 16 standards and the juice of all types of SSAE reports. This truly demonstrated her skills and experience. Kudos!!!
Keith Johnson
(Director SOX Compliance at Waterjet Holdings)
I really liked the careful breakdown and explanation of the various components of the different types of SOC reports. The speaker was very clear and organized in her presentation.
Anonymous
(Accounting & Finance Guy)
The course provides an overview of SSAE 16 and SOC reporting. I would recommend this course to anyone that has a service organization or has a third party service organization.
Anonymous
()
very good overview did a good job of laying out the various areas for the auditor and management as well as user considerations. Was supported by examples to reinforce.
Anonymous
(Risk Advisory Consultant)
appreciated going through each SOC report type and levels of the report from opinion assertion description of controls and section five additional information.
Anonymous
(Independent Financial Consultant)
Great overview of how we got from SAS70 (1992) to SSAE16 (2011) as well as the differences between Type I and type II exams and the 3 types of reports.
Jose Cardona
( at Bank Of America)
I liked the course, the only problem I am having is if the two parts of the "understanding soc 1 reports" videos are the exact same video
Christine Matthes
(- at None)
This is a giod course to provide users of Soc reports appropriate background detaild. Slides provided a great deal of content.
Marjorie Land
( at Retired)
Information provided in the instructor's comments was not necessarily included in the presentation materials.
Jason Rogers
(Senior IT Auditor at Charter Communications)
One of the presentation sections was not included, but rather a repeat presentation of the previous section.
Anonymous
(Controller)
very detailed explanation of SOC 1 reports. It was a little repetitive at times, but very informative
Anonymous
(Senior IT Auditor)
This course was a wonderful introduction to SOC 1 Reports. I indeed gained some valuable knowledge
Anonymous
()
It was an interesting course and explained about the SOC report and the various types quite well.
Anonymous
(IT Advisory Snr. Associate)
This is a refreshing course. Nothing surprised me. Beginners will learn a lot from this training.
Anonymous
(Compliance Manager)
Lots of information provided, very easy to follow, good break down of steps and sections.
Almon Hall
(Internal Audit Leader at Cisco Systems, Inc.- GRC)
good information and pace from the presenter. relevant information regardig the topic
Anonymous
()
I think I would have gotten more out of this course by simply reading a script ....
Anonymous
(Consultant)
This course was very helpful in understanding the components of a SOC 1 report.
Anonymous
(Accountant)
Good course providing an overview of SOC reports. Slides were very useful.
Tim Thomas
( at Tim Thomas CPA LLC)
Interesting course with good descriptions of different components of SOC1
Sophia Kasozi
(- at City of Edmonton)
Great overview of the history and need for service reports. Thank you!
Anonymous
()
SSAE 16 SOC 1 Guide for Service Organizations is an excellent course.
Anonymous
(Auditor)
Good basic overview and helpful refresher for SOC reporting.
Anonymous
(auditor)
covers knowledge about the SOC1 report. great course!!
Ari Tafreshi
(Senior IT SOX Analyst at Veeva Systems Inc)
Very thorough course with good real life references.
Anonymous
(SR Manager Internal Audit and Compliance)
Easy to understand.
Raul Cardona
(Senior IT Internal Auidtor at The Cosmopolitan of Las Vegas)
Useful info!
Sarah Smoak
(Senior Accountant at EKS&H)
good course
Anonymous
(Sr. Director - Corporate Audit)
Good
Mei Ren
(Regional Director at AECOM)
Good
Prerequisites
Course Complexity: Advanced
Prerequisite: Overview of service organizations
Advanced Preparation: None
Education Provider Information
Company:
Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA
95113
Contact:
For more information regarding this course, including complaint and
cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to
.
Jennifer EversoleCo-Founder
About Illumeo
Platform
Resources
Contact Us
- Email: info@illumeo.com
- Phone: 408-400-3993
- Adress: 1608 W Campbell
- Av #221, Campbell, CA 95008
© 2025 Illumeo, Inc.