Broadcast Date: Wednesday, May 13, 2020
from 12:00 pm to 1:00 pm (ET)


As of May 1, 2017, the American Institute of Certified Public Accountants (AICPA) implemented the Statement on Standards for Attestation Engagements (SSAE) 18. This updated standard requires companies to take full control and responsibility of their internal controls and to enhance their risk assessment procedures. Mainly focusing on service organizations and third-party vendors, the changes were intended to enhance Service Organization Control (SOC) reports’ quality and usefulness. To ensure compliance with SSAE 18, companies must understand and address the challenges of internal controls reporting process. A number of considerations must also be taken into account to save money, effort, and time.

In this LIVE Webcast, seasoned CPAs Steve Guarini (Cohen & Company) and Shabbir Hassanali (Mazars USA LLP) will help companies understand the attestation changes under SSAE 18. As experts, they will provide an in-depth discussion of the recent updates about SSAE 18 and its pros and cons. Speakers will also offer practical tips and best practices in minimizing risks and in complying with SSAE 18.

Key topics include:

  • SSAE 18 Audit Standard Updates
  • Pros and Cons of SSAE
  • Addressing Risk
  • Best Compliance Practices
  • Outlook


Course Level:



Advance Preparation:

Print and review course materials


Method of Presentation:


On-demand Webcast (CLE); Group-Internet Based



General knowledge on audit reports and standards


Course Code:



NY Category of CLE Credit:

Areas of Professional Practice


NASBA Field of Study:

Auditing - Technical


Total Credit:

1.0 CLE

1.0 CPE (Not eligible for QAS (On-demand) CPE credits)

Speaker Panel:

Shabbir Hassanali, CPA, CITP, CISA, Director
Mazars USA LLP

Shabbir has a decade of experience providing cross-functional services to clients, including SOC reporting, financial and IT assurance and advisory, risk management, SOX 404 compliance and forensic accounting for multiple mid-sized to large companies. Shabbir performs and leads System and Organization Controls (SOC) audits, including readiness assessments, gap analysis, documentation of process narratives, testing and remediation of business and IT controls, and preparation and issuance of reports. He also has substantial experience in advisory services including managing several internal audit outsourcing/co-sourcing projects through developing and executing financial and IT risk assessments, and assessing IT general, application and cybersecurity processes and controls to determine if controls are suitably designed and operating effectively relative to the clients’ size, complexity and risk appetite.

Steve Guarini, CPA, CGMA, Partner
Cohen & Company

Steve brings a real energy to client engagements. Trusted for both his technical and business savvy, he continuously seeks ways to improve and grow, including learning about new ideas and techniques that may help clients achieve greater success. Steve remains dedicated to working beyond what is expected without being asked, communicating early and often, and treating clients and colleagues with respect.

With more than 30 years as a CPA, including national firm experience, Steve is one of the firm’s technical resources for the application and implementation of audit and attest requirements, as well as the proper presentation of GAAP financial statement disclosures. He also has deep expertise in the area of SOC 1 and SOC 2 reports. In addition to not-for-profit entities, Steve works with clients in a variety of industries, including manufacturing and distribution.


SEGMENT 1: Shabbir Hassanali, CPA, CITP, CISADirector Mazars USA LLP

  1. Overview of SOC reports SOC 1, 2, 3 , Type 1, Type 2)
  2. Benefits and importance of SOC reporting
    1. Addressing contractual obligations
    2. Address data accuracy and data security risks – marketplace concerns
    3. Providing transparency to internal/external stakeholders over internal control environment
    4. Stay and remain competitive in the market
  3. History of SOC reporting standards – SAS70 –> SSAE 16  -> SSAE 18 -> SOC 2

SEGMENT 2: Steve Guarini, CPA, CGMAPartner Cohen & Company

  1. Subservice organizations and related vendor management and the role it plays in SOC reporting
  2. SOC in a smaller organization – how to make it work
  3. Exactly what is the “assertion” that management must provide with a SOC report – why is it needed?
  4. Risk assessment – exactly what do we need to do?

Date & Time:

Wednesday, May 13, 2020

12:00 pm to 1:00 pm (ET)

Who Should Attend:

  • Information Security Professionals
  • Information Technology Managers
  • Chief Compliance Officers
  • Chief Risk Officers
  • Internal Auditors
  • Chief Financial Officers
  • Accountants
  • Corporate Counsel


Shabbir Hassanali, CPA, CITP, CISADirector
Mazars USA LLP
Steve Guarini, CPA, CGMAPartner
Cohen & Company



View Details


View Details


View Details

Join Over 150,000 Professionals Empowering Their Careers

Learn anywhere from over 1900+ live and recorded CLE, CPE & Technology Webcasts.