SOC1/SOC2/SOC3 are reports issued by third-party auditors that provide assurance to customers and stakeholders that their service provider has sound controls in place to protect their data. SOC1 (also known as ISAE 3402) focuses on financial controls of service providers, while SOC2/3 (reported under the international ISAE 3000 standard) is applicable to non-financial service providers and focuses on controls related to security, availability, processing integrity, confidentiality, and privacy.
In this seminar, we will provide an in-depth overview of SOC1/SOC2/SOC3 assurance engagements and how they can benefit service organisations. We will discuss the differences between each type of assurance engagement, their respective requirements, and the common challenges that service organisations faced when obtaining such attestations.
Don't miss this chance to learn more about our SOC1/SOC2/SOC3 assurance services and how they can benefit your service organisation!
Speakers
POKIT LOK, Principal of Risk Advisory, BDO
Pokit possesses over 20 years of extensive experience in IT Audit & Risk Advisory and Enterprise Applications (eg RPA, S&OP, PLM, CRM and ERP) Implementation gained in sizable organisations and business technology consultancy firms. He specialises in providing IT related advisory services including IT Governance, IT General Controls & IT Application Controls and business process re-engineering for various types of clients.
In professional area, he has been a CRISC RM SME Reviewer of ISACA and a public course instructor of Hong Kong Productivity Council and Vocational Training Council.
Currently, he provides the consultancy services, such as: ITGC / ITAC review, System Risk Assessment and Audit, Information Security Management Assessment (based on ISO27001, C-RAF and etc), Privacy Impact Assessment, IT system Vulnerability Scan, Advisory on IT Governance, Policies and Procedures, Advisory on Data Management and Analysis and Advisory on Digital Transformation.
Pokit is a Certified Information Systems Auditor, Certified Information Systems Security Professional, Certified Data Privacy Solutions Engineer, Certified ISO27001 Lead Auditor, Certified Lead Forensic Examiner, Certified in Production and Inventory Management, Automation Anywhere Certified Advanced RPA Professional (V11), UiPath RPA Developer Foundation and Solution Architect and SAP Certified Development Associate (ABAP). He also has SAP Consultant Certification (FI/CO) and Certificate in Business Accounting.
IVAN SO, Manager of Risk Advisory, BDO
Ivan So is the Manager of Risk Advisory Services at BDO. Leveraging on his 8 years of professional experience in managing various assurance and advisory engagements, he is responsible for providing AML/ CFT advisory, regulatory compliance review, risk assessment and corporate governance review services for financial services and other clients of the firm.
His clientele covers different sectors including professional practices, banking, securities dealing and advisory, asset management, online payment gateway, money service operator and stored value facility in Hong Kong, PRC, Singapore and other Asian countries/ jurisdictions.
Ivan has an in-depth understanding of AML/ CFT, compliance and internal control best practices. In particular, he was in charge in projects on reviewing AML/ CFT process of banks, securities firms, money service operators and money lenders. He is a trainer for senior management of the financial services clients on compliance and AML/ CFT best practices.
Ivan is a Hong Kong Certified Public Accountant, Member of Institute of Chartered Accountants in England and Wales, Member of Association of Chartered Certified Accountants, EFFAS Certified ESG Analyst and Associate Anti-Money Laundering Professional.
Further information
This event will incorporate slides which you can view on a PC and audio broadcast technology which requires only the speakers in your device. Therefore, on the day, please ensure the audio volume of your device is turned up. You are recommended to log in the webinar (which will be provided by email after your successful registration) a few minutes before the webinar starts to make sure you have no problem with the connection.
Details are as follows:
| Date |
: |
Monday, 10 July 2023 |
| Time |
: |
16:00 - 17:00 |
| Venue |
: |
BDO Limited |
| |
|
25th Floor, Wing On Centre, 111 Connaught Road Central, Hong Kong |
|
|
| |
|
(Sheung Wan Wing On Department Store's building) |
| Language |
: |
Cantonese, supplemented with English materials |
| Fee |
: |
Free of charge |
| CPD unit* |
: |
1 hour (*The recognition of CPD hours by your professional organisations is subject to their CPD policies.) |
| Remarks |
: |
1. For any enquiries, please contact contact Ida Cheung at +852 2218 3714 or idacheung@bdo.com.hk. |
| |
|
2. Confirmation will be sent to you by email after successful registration. |
| |
|
3. BDO reserves the final right of acceptance of registration. |