MBA622 Systems Ogranizational Control and Engagements

In this course, the students will learn about System Organizational Control (SOC) audits of a third party and the various stages within the process. Students will develop an in-depth understanding of the purpose and types of SOC audits across industries, the intended use and users of SOC reports and the applicable attestation standards that guide the attestation process. Students will gain an appreciation of the critical nature of auditing a company’s controls and the role of management and the auditor in that process. Students will learn what controls are necessary to ensure the financial statements are complete and accurate (SOC1) and the Security, Availability, Processing Integrity, Confidentiality and Privacy of their customer’s data (SOC2). Students will apply that knowledge by developing an audit plan to evaluate and test the control design and operating effectiveness of those controls. With this knowledge students will differentiate between the required documentation to support the completeness and accuracy of sample populations. Finally, students will assess deficiencies and user control considerations noted in mock SOC reports and determine the impact the issue would have on an organization, leverage risk assessment skills, and determine what controls an organization may need to add in order to address user control considerations noted within the SOC1 or SOC2 report.