SOC2508. Maintaining the Essence of SOC Reporting in the Age of Automation

This session will explore how clients use Governance, Risk, and Compliance (GRC) systems to help automate their evidence collection; reflect on AICPA attestation standards and auditing requirements that must be followed when clients provide automated evidence; and consider the need to maintain auditor skepticism and apply professional judgement.

Learning Objectives:

• Assess the evolving market evolution of Governance, Risk, and Compliance (GRC) systems used to automate evidence collection.
• Evaluate the fundamentals of appropriate audit procedures that must still be maintained even when interacting with the GRC systems.
• Interpret inherent risks and the need for specialized audit procedures to use evidence sourced through GRC systems.