AICPA logo
AICPA logo
  • Home
SOC for Cybersecurity Certificate
Audit & Assurance

SOC for Cybersecurity Certificate

Learn how to perform SOC for Cybersecurity attestation examinations using the AICPA's new cybersecurity risk management reporting framework. Earn this certificate and be among the first to showcase your knowledge about the AICPA's profession-wide approach to cybersecurity.

MyCPE Manager Compatible
ShapeCreated with Sketch.Certificate Program
ShapeCreated with Sketch.Digital Badge



NASBA Field of Study




CPE Credits



Tony Chapman, Anurag Sharma


3 months

Learning Outcomes
  • Recognize the components and applicability of AICPA’s Cybersecurity Risk Management reporting framework
  • Apply the guidance in the AICPA guide – “Reporting on an Entity’s Cybersecurity Risk Management Program and Controls” to planning, executing and reporting scenarios related to a SOC for Cybersecurity examination.
  • Analyze and examine an entity’s cybersecurity risk management program
Key Topics
  • Cyberthreat landscape and the terminology used to describe various aspects of cybersecurity
  • Various SOC services
  • Components of cybersecurity risk management program
  • How to use the description criteria
  • How to use the control criteria to assess an entity's controls over cybersecurity
  • Key considerations prior to accepting a cybersecurity examination engagement and key planning considerations
  • Key steps involved in performing the cybersecurity risk management examination
  • Key factors to consider while forming the opinion and preparing the practitioner's report
Product Details

The state of cyber-threats and the measures against them

Cybersecurity threats are escalating, unnerving the boards of directors, managers, investors and other stakeholders of organizations of all sizes – whether public or private.

The result? Your clients are under pressure to demonstrate that they are managing threats. And that they have effective processes and controls in place to detect, respond to, mitigate and recover from cybersecurity events.

The framework for cybersecurity attestation

SOC for Cybersecurity meets a growing business need for attestation. It's a solution that builds upon the accounting profession's experience in auditing system and organization controls.

For clients whose cybersecurity risk management programs are mature, an independent CPA can perform an examination and express an expert opinion:

  • Is the program accurately described?
  • Are the controls effective?

Your opportunity as a cybersecurity adviser

This certificate helps you understand how to perform SOC for Cybersecurity attestation examinations using the AICPA's new cybersecurity risk management reporting framework.

As a certificate recipient, you'll be among the first to showcase your knowledge about the AICPA's profession-wide approach to cybersecurity.

Free eBook with purchase

Reporting on an Entity's Cybersecurity Risk Management Program and Controls - Attestation Guide is included with your certificate (an $90 value) and will automatically be added to your cart when you purchase this certificate.

Created by the AICPA, this authoritative guide provides interpretive guidance to enable CPAs to examine and report on an entity's cybersecurity risk management program and controls within that program.

The guide delivers a framework designed to provide stakeholders with useful, credible information about the effectiveness of an entity's cybersecurity efforts.

Digital badges: Your professional distinction

After you complete the three-part webcast series, you will be awarded a certificate in the form of a digital badge.

Proudly display it anywhere on the internet – a personal blog, a social site such as LinkedIn, Facebook or Twitter, Open Badges, a bio page on a company website or your email signature.

Who Will Benefit
  • Note: You must have either IT expertise or access to IT professionals who possess the skills to perform this work.
  • Public accounting practitioners interested in providing cybersecurity attestation services (SOC for Cybersecurity) and in building competencies in and understanding of this service
  • Professionals who already have SOC for Service Organizations practices and are looking to expand into cybersecurity attestation services
  • Management accountants and internal auditors who want to understand the SOC for Cybersecurity examination service available to their organizations related to their cybersecurity risk management program
Upcoming Webcast Dates
Do you have an AICPA membership? Log in to apply your member discount.

Looking for group pricing?

We can help with group discounts. Call us at 1-800-634-6780 (option 1) or email us at

Contact us
More Details
NASBA Field of Study
Knowledge of SOC reporting
This is a live event. You will have access on the date/time of broadcast and the archive for 3 months after the broadcast date.
Digital Badge
After completing the course, you will receive a digital badge that can be easily shared with your professional network
15.5 hrs
Tony Chapman
"Tony is a partner and the leader of Withum's System and Organization Controls (SOC) Practice. He has more than 25 years of experience and is one of our Firm's leading internal control assessment specialists. Tony is among the small group of professionals in the United States designated as a SOC 1® and SOC 2® specialist by the Oversight Task Force of the AICPA Peer Review Board. He is also a Certified Information Technology Professional (CITP). Tony concentrates his practice in the areas of System and Organization Controls consulting and auditing. He has extensive experience within a variety of industries including finance and banking, technology, unified communications, third party administration, healthcare and government programs on international, national and regional levels, and he has developed extensive expertise in assessing internal accounting control design and effectiveness. He has presented the first SOC for Cyber Certification Course for the AICPA. A graduate of the Luben School of Business of Pace University, Tony became a partner in the firm in 1994. He is a member of the American Institute of Certified Public Accountants (AICPA) and is licensed in the states of New York and New Jersey."
Anurag Sharma
"Anurag is a Principal of the Firm's Cybersecurity practice and System and Organization Controls (SOC) practice based out of our Princeton, NJ office. Anurag is a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), and Certified in Risk and Information Systems Controls (CRISC). He is also designated as a SOC 1® and SOC 2® specialist by the Oversight Task Force of the AICPA Peer Review Board. He developed and presented the first SOC for Cyber Certification Course for the AICPA. Anurag has over 19 years of experience and is one of Withum's leading Cybersecurity specialists. His areas of expertise include Cybersecurity Assessments (NIST Cybersecurity Framework), SOC Suite of Services (SOC 1, SOC 2 and SOC for Cybersecurity), Corporate Governance, Sarbanes-Oxley Section 404 compliance and ISO/IEC 27001 Consulting. Anurag has contributed a number of articles on IT audits focused on the small and medium businesses (SMB) and is a regular speaker on Cybersecurity and SOC related topics at PICPA, NJCPA, CTCPA and Withum's client seminars. He is a graduate of Symbiosis Center for Management & Human Resource Development (India), where he received his Master of Business Administration degree in Information Systems. Anurag is a member of Information Systems Audit and Control Association (ISACA) and International Information systems Security Certification Consortium (ISC)2."

The Association is dedicated to removing barriers to the accountancy profession and ensuring that all accountancy professionals and other members of the public with an interest in the profession or joining the profession, including those with disabilities, have access to the profession and the Association's website, educational materials, products, and services.The Association is committed to making professional learning accessible to all product users. This commitment is maintained in accordance with applicable law. For additional information, please refer to the Association's Website Accessibility Policy. As part of this commitment, this product is closed-captioned. For additional accommodation requests please contact and indicate the product that you are interested in (title, etc.) and the requested accommodation(s): Audio/Visual/Other. A member of our team will be in contact with you promptly to make sure we meet your needs appropriately.

SOC for Cybersecurity Certificate
This product is not available at the moment.

Related content