System & Organization Controls (SOC) Part VII

Course ID: CO00507
  1. Home
  2. Cybersecurity

Objective

SOC stands for “System and Organization Controls” and is the agreed-upon control procedures set by the American Institute of Certified Public Accountants (AICPA). These defined set of controls are a series of standards or benchmarks designed to help measure how well a given service organization conducts and regulates its information. The training is focused on the "Do it yourself" ("DIY") concept.  The  SOC DIY training series is designed to educate learners in implementing SOC. The training will help organizations to have the in-house skill and end-to-end knowledge in deciding the type of certification, type of documentation, type of skills, and type of controls required to certify. 

Part VII trains the learner on how to prepare SOC Trust Service Criteria Control Documentation and  how to write corporate SOC controls using suggested controls for each service criteria and category:  
Criteria: Security, Availability, Processing Integrity, Confidentiality, Privacy 
Category: Control Environment, Communication, and Information, Risk Assessment, Monitoring Activities, Control Activities, Logical and Physical Access Controls, System Operations, Change Management, Risk Mitigation, Additional Criteria for Availability, Additional Criteria for Confidentiality, Additional Criteria for Processing Integrity, Additional Criteria for Privacy
You will learn the real-life example of how to write the controls. 

In this course, you will be asked to read through lessons, participate in learning activities, and partake in knowledge checks designed to reinforce learning followed by the end of the course final assessment.
Price: $31.98 $74.99
Add to Cart For Corporate
  • Category: Cybersecurity
  • Duration: 60 Mins
  • CPE: 1 HR
  • Course Type: e-Learning

What you will learn:

    • Learn about trust service criteria and SOC reports
    • Learn how trust service criteria is organized
    • Learn how to prepare SOC Trust Service Criteria Control Documentation 
    • Detailed understanding of requirements
    • Learn how to write controls using suggested controls for each service criteria and category
    • Security, Availability, Processing Integrity, Confidentiality, Privacy 
    • Control Environment, Communication and Information, Risk Assessment, Monitoring Activities, Control Activities, Logical and Physical Access Controls, System Operations, Change Management, Risk Mitigation, Additional Criteria for Availability, Additional Criteria for Confidentiality, Additional Criteria for Processing Integrity, Additional Criteria for Privacy
    • Study the real-life example on how to write controls

Related Courses

Breach Notification Part I - Awareness

  • Course ID: CS00301
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • What is the importance of a breach notification?
  • What is a data breach?
  • In what circumstances would notification of a data breach be required and to whom?
  • When and how should notification of a data breach be provided?
  • Framework for Effective Data Breach Notification Legislation
  • Timing of Notification to Affected Individuals
  • Post Data Breach Immediate Action Items
  • Breach Notification to Authorities

Breach Notification Part II - Advanced

  • Course ID: CS00302
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • Breach Management
  • Effective Breach Response
  • Data Breach Checklist
  • Breach Notification Notice Content
  • Notification Timelines
  • Lifecycle of a Data Breach
  • Public Relations Strategy

Business Continuity & Disaster Recovery (BCP / DR) Part I - Awareness

  • Course ID: DR00101
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • Disaster
  • Business Continuity and Disaster Recovery
  • Use Cases
  • Risks Covered by DR
  • Driving Factors
  • Challenges in Developing DR Plan
  • Technical Challenges
  • Key Factors in DR Plan

Business Continuity & Disaster Recovery (BCP / DR) Part II - Awareness

  • Course ID: DR00102
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • Business Continuity Plan (BCP) vs Disaster Recovery (DR)
  • Disaster Recovery Architecture
  • Drivers for DR Architecture
  • Architectural Elements
  • Disaster Recovery Plan
  • Backup Strategy
  • Disaster Recovery Emergency Procedures

Business Continuity & Disaster Recovery (BCP / DR) Part III

  • Course ID: DR00103
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • BCP DR Frameworks and Standards
  • What is the Framework?
  • What are the different BCP frameworks?
  • Frameworks Explained
  • ISO 22301
  • National Fire Protection Association (NFPA) 1600
  • FFIEC Business Continuity
  • NIST 800-34
  • ISO 27301
  • BCP
  • Good Practice Guidelines (GPG)
  • Ready Gov
  • COBIT

Business Continuity & Disaster Recovery (BCP / DR) Part IV

  • Course ID: DR00104
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • Learn about what is a backup and recovery strategy
  • Understand and learn to apply best practices for backup
  • Learn eight different backup methods and backup hardware
  • Understand what recovery is and learn about methods of recovery
  • Learn about the challenges with recovery process and prioritization

Business Continuity & Disaster Recovery (BCP / DR) Part V

  • Course ID: DR00105
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

·      What is cloud-based disaster recovery andits key features?

·      The “Recover from the Cloud“ vs “RecoverRight in the Cloud”

·      The different cloud-based recovery options:

·      Bare Metal Recovery (BMR)

·      Physical-to-virtual (P2V) Recovery

·      Virtual-to-virtual (V2V) Recovery

·      The benefits of cloud-based recovery

·      To build a cloud disaster recovery plan

 

Cloud Security Awareness

  • Course ID: CS00102
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • Cloud Security
  • Cloud Basics - Cloud Concepts, Architecture and Design
  • Cloud Service Models
  • Cloud Risk Landscape
  • Cloud Security Domains
  • Cloud Data Security
  • Cloud and AWS
  • Cloud and Azure
  • Cloud Application Security Basics

Cybersecurity Maturity Model Certification (CMMC) - Part I

  • Course ID: CS00801
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • Understand the need for Cybersecurity Maturity Model Certification 

  • Why the third-party contractors are the weakest cyber link?

  • Interpret the NIST SP 800-171 Controls 

  • Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI)

  • Understand Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 for protecting Controlled Unclassified Information (CUI)

  • Understand NIST SP 800-171 Protecting Controlled Unclassified Information in Non-Federal Systems and Organizations

  • Learn about the essential differences between CMMC vs. NIST 800-171

  • Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes

Cybersecurity Maturity Model Certification (CMMC) - Part II

  • Course ID: CS00802
  • CPE: 1 HR
  • Course Type: e-Learning
  • Duration: 60 mins
Course Details

What you will learn:

  • Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes

  • Understand the CMMC five Process Maturity levels and five Technical Practices levels

  • Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI)

  • Learn about the control compliance and certification requirements for level 1 to level 5

  • Learn about the CMMC capabilities

  • Understand the 14 points of NIST 800-171 and create security protocols for 14 key areas. 

  • Learn about the CMMC Levels 2 and 3 Practices Beyond NIST 800-171

  • Learn about the implementation challenges

  • Learn about becoming a CMMC Certified Supplier

  • Understand the CMMC Scoring methodology

  • Knowledge Check
Need us to design a course for you? Contact Now
Copyrights © 2020 All Rights Reserved by SecuRetain.
Terms of Service / Privacy Policy / Cookies Policy / Refund Policy / Accessibility Policy