CU news Logo

 Your source for the latest technology information of interest to credit unions across America.

Subscribe to our weekly e-mail newsletter and/or our monthly newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Biometrics, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.

SSAE18, SOC 1, SOC 2 - What Do I Need?

Date: Wednesday August 21st 1:30 pm - 3:30 pm CT | Cost: $265 and 2.5 CE Credits

SSAE18, SOC 1, SOC 2 - What Do I Need?

Each of our regulators say this in a similar way, we must understand the security controls of a third party “to the same extent” as we understand our own internal controls. This is challenging, as some of our vendors share few details about controls. Our industry currently relies heavily on the new SSAE18 Audit Report and the Service Organization Control (SOC)2 reports provided by vendors. What are the differences between these two reports, and which should we be requesting? And once we obtain them, how do we understand the security controls to the “same extent” as our own?

We will explore the different types of SOC reports provided by vendors and highlight the best items that should be requested from vendors. Each of these reports serves a different purpose and will provide different value to your institution. In addition to what reports to ask for, we will explore them in detail to highlight what to look for and how to fill in the gaps to ensure your understanding security to the “same extent”.

Covered Topics:

- Third Party Management best practices
- Fourth Party Management assistance
- Updated Regulatory Expectations
- Existing Regulatory Review
- SSAE16 vs SSAE18 standard changes
- SOC1, SOC2, SOC3 Audits
- SOC Reports Type 1 and Type 2
- Other items useful in vendor reviews
- Detailed due diligence and contract questions

Who Should Attend: Information Security Officer, IT Manager, Risk Officer, Internal Auditor, CFO, and Executives looking to understand the risk around Vendor Management.

Speaker: Jon Waldman is a co-founder and Senior Information Security Consultant for SBS CyberSecurity, LLC, a premier cybersecurity consulting and audit firm dedicated to making a positive impact on the banking and financial services industry. He maintains his CISA and CRISC certifications and received his Bachelor of Science in Computer Information Systems and his Master of Science in Information Assurance with an emphasis in Banking and Finance Security from Dakota State University.

Over the last ten years Jon has helped hundreds of financial institutions across the country create and implement comprehensive, valuable, and manageable Information Security Programs. He also conducts webinars and certification programs for the SBS Institute.

Webinar 18 Paid

Enter Your Name

Enter company position

Enter institution

Invalid Input

Invalid Input

Select a State

Invalid Input

Invalid Address

Invalid Input

Invalid Input

Please select invoice method

If you are paying by credit card, please enter it below.

Invalid Input

Invalid Input

(mm/yyyy)

Invalid Input

(Found on the back of the card)

Invalid Input

Invalid Input

Select a State

Invalid Input

SSAE18, SOC 1, SOC 2 - What Do I Need?

Get Our Free Email Newsletter

Invalid Input

Invalid Input

Invalid Input

Invalid Email Address