SOC Reporting: What Is It, and Who Can Benefit?

When:  Jun 14, 2023 from 12:00 to 13:00 (ET)
Associated with  New England Chapter

System and Organization Controls reports (SOC) reports are critical for both organizations that service other organizations and those that are being provided a service. This session will explore why SOC reports are important and why you should either be getting one for your own organization, or requesting one from your vendors. 

**1 CPE will be granted for attendance**

Upon registration, a Zoom link will be sent from seminar.lead@isacane.org to the email address used to register. Please check your Junk Folder if you do not see the registration confirmation.

 

Speakers:

Andrea Fernandez, Manager, and Scott Mahoney, Principal

 

Andrea Fernandez

Professional Experience

With over 7 years of professional experience, Andrea is a Manager within the System and Assurance Advisory Services practice.

Specializes in internal control assessments and consulting services relating to Sarbanes-Oxley Act (SOX) and service organization control (SOC) reporting.

Involved in the issuance of over 100 SOC reports, including a combination of SOC 1, SOC 2, and SOC 3 reports.

Credentials/Education

▪ Certified Information Systems Auditor (CISA)

▪ Certified Data Privacy Solutions Engineer (CDPSE)

▪ AICPA SOC for Cybersecurity Certificate

▪ AICPA Advanced SOC for Service Organizations Certificate

▪ Certified FullStack Web Development, Rutgers University

▪ BS, Accounting and Management Information Systems, Rutgers University

Memberships

▪ Information Systems Audit and Control Association (ISACA)

▪ American Institute of Certified Public Accountants (AICPA)

 

Scott Mahoney

Professional Experience

Selected by the AICPA to write and present the first ever Education Program for "Reporting on an Entities Cybersecurity Risk Management Program and Controls" to cybersecurity professionals obtaining SOC for Cybersecurity certification. This Program is the first of its kind, and as the author and presenter, Scott is one of the first in the U.S. to become certified.

With 20 years of experience, Scott is a Principal within Withum’s SOC Services practice.

Expertise lies within internal control assessments, risk assessments, SOC reporting (SOC 1, SOC 2, SOC 3, and SOC for Cybersecurity), SOX 404 and internal audit cosourcing.

Credentials/Education

▪ Certified Information Systems Auditor (CISA)

▪ Certified Information Security Manager (CISM)

▪ Certified in Risk and Information Systems Control (CRISC)

▪ Certified Data Privacy Solutions Engineer (CDPSE)

▪ AICPA SOC for Cybersecurity Certificate

▪ AICPA Advanced SOC for Service Organizations Certificate

▪ Master of Business Administration, Bentley University

▪ BS, Accounting Information Systems, cum laude, Bentley University

Memberships

▪ Information Systems Audit and Control Association (ISACA)

▪ American Institute of Certified Public Accountants (AICPA)