SSAE 18 Service Organization Control Reports: How to Incorporate Them into Your Third-Party Risk Management Program

Duration: 90 Minutes
Financial institutions know how the regulators view outsourcing. They expect that institutions will perform extensive due diligence of all third parties before entering business arrangements with them. They also expect that bankers will monitor those relationships for risks that could adversely impact the institutions operations and safety and soundness.
SSAE 18 Service Organization Control Reports
Instructor: Gary Deutsch
Product ID: 509410
When SSAE 16 replaced SAS70 as the standard for auditing service organizations, the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) expected that their guidance would be sufficient for CPA firms to develop quality engagements. Although well-known CPA firms embraced SSAE 16 and conducted thorough audits of service organizations, some firms that competed for these engagements on price were less thorough. The ASB took notice and decided to clarify the standards they originally intended for auditing service organization controls. The result of this effort is SSAE 18 which encompasses all "attestation" engagements, not just the audits of service organization controls. However, SSAE 18 does not address audits of "trust service principles" that are part of SSAE 16, SOC 2 and SOC 3 engagements. SOC 2 and SOC 3 engagements continue under SSAE 16.

Objectives of the Presentation
During this important webinar, Gary Deutsch will discuss:
  • What has changed and what is the same in the transition from SSAE 16 to SSAE 18
  • How to evaluate when you can rely on SSAE 16 reports or if you need SSAE 18 reports
  • How to interpret SSAE 18 SOC 1 reports to incorporate the results into your third-party vendor management regulatory compliance program
  • How to effectively incorporate SSAE 18 SOC 1 risk assessments into your institution's risk assessment process
  • Understand the types of engagements institutions can ask for beyond SOC 1 under SSAE 18
Why Should you Attend
SSAE 18 is important to bankers because it requires CPAs to focus on such critical regulatory issues as third party vendor management practices, validating the data on reports that vendor management provides, and performing a comprehensive risk assessment of their vendor clients. These expended procedures are all directed at ensuring that the vendor's controls will not adversely impact the accuracy of the institution's financial reports. Another important addition in SSAE 18 is the need for vendors to conduct thorough due diligence and ongoing monitoring on all vendors (i.e., sub servicers) they use. Control risks increase when your vendors contract with sub servicers which are why the ASB expanded this part of the required audit process.

Please join Gary Deutsch, CPA MBA, for this timely webinar that has been developed to help you prepare for examinations of your third-party risk management program.

Who will Benefit
  • Internal auditors
  • Financial Institution Counsel
  • Compliance Officers
  • IT officers
  • Risk Managers
  • Vendor Managers
  • Finance Officers
  • Chief Operations Officers
  • Chief Information Officers
  • Persons responsible for electronic security
NOTE*This is a 90 minutes Recorded Video Program wherein the speaker will join at the end for the Q&A session to answer your queries.
$300
Recorded Session for one participant
Get life time access with download option!
Book this course
Pay Now
  $450.00 Training CD
Free shipment within 4 Working Days of placing the order. Get life time access for unlimited participants.
  $550.00 Training USB Flash Drive
Free shipment within 4 Working Days of placing the order. Get life time access for unlimited participants.
For multiple location please contact our customer care team +1-510-857-5896.
How it works
Live Session - How it works
  • Login to onlinecompliancepanel with your registered username and password https://www.onlinecompliancepanel.com/login
  • The webinar joining link, username and password for joining the webinar will be updated on your OCP Account 24 hours prior to the webinar
  • Presentation handouts in Downloadable PDF format will be updated on your OCP Account 24 hours prior to the live session
  • Login to the audio conference on the scheduled date and time
  • Get answers to your queries through interactive Q&A sessions via chat at the end of the session
  • Download the Certificate of Attendance and Purchase Invoice from your OCP Account 24 hours after the completion of the session
  • Please let us know your thoughts and views at the end of the webinar, your valuable feedback will help us improve
Recorded Session - How it works
  • Login to onlinecompliancepanel with your registered username and password https://www.onlinecompliancepanel.com/login
  • Upon purchase of the recorded session a link will be updated on your OCP Account within 24 hours
  • Please click on the link to access the Recorded Session
  • Presentation handouts in downloadable PDF format will be updated on your OCP Account within 24 hours of the purchase of the product
  • Download the Certificate of Attendance and Purchase Invoice from your OCP Account after 48 hours of the product Purchase
  • Please share your valuable Feedback at the end of the session
Instructor Profile:
Mr. Deutsch is a licensed CPA in Maryland and has a B.A. in accounting and an MBA in finance from Loyola University Maryland. He has also achieved the Certified Management Accountant, Certified Internal Auditor and Certified Bank Auditor designations. Mr. Deutsch is the founder and president of BRT Publications LLC.

Mr. Deutsch has trained thousands of financial institution professionals in all aspects of risk management and has written numerous books in the U.S. and Europe on topics such as credit risk, internal audit and compliance with Generally Accepted Accounting Principles.

Mr. Deutsch has extensive risk management and internal audit experience through his association with financial institutions of all sizes as well as through his role leading the KPMG financial institution consulting practice in the Mid-Atlantic region.
View More