My Account
Get Started

SOC 2 Assessment Capstone

22 Lessons
CPEs 5.5
Information Technology

The SOC 2 Assessment Capstone guides you through a complete SOC 2 examination from start to finish. You’ll learn how auditors evaluate system controls, test operating effectiveness, interpret the Trust Services Criteria, and assemble a full SOC 2 report using a real-world case study. Ideal for professionals looking to deepen their IT audit and information security skills.

Course video preview

Current Status

Not Enrolled

Get Started

View Pricing & Plans
Access all courses starting at $25/m

Course Description

Course 9 of 9 in our IT Audit Learning Path! The SOC 2 Assessment Capstone provides an immersive, end-to-end walkthrough of the SOC 2 examination process using real-world examples and a comprehensive case study. Designed for learners with foundational knowledge of information security or IT audit, this course pulls together concepts from across the InfoSec discipline and demonstrates how they are applied in an actual audit environment.

Through detailed instruction and hands-on demonstrations, you’ll explore how SOC 2 reports are structured, how the Trust Services Criteria shape control expectations, and how auditors perform key activities such as reviewing system descriptions, evaluating control design, testing operating effectiveness, assessing exceptions, and drafting the final audit report. You’ll also follow an example organization through each stage of the SOC 2 lifecycle, gaining practical insight into audit planning, evidence collection, control testing, and reporting.

Whether you work in compliance, information security, internal audit, or a related field, this capstone course equips you with a deeper understanding of how SOC 2 assessments are conducted and how organizations prepare for and succeed in them.

In this course, you'll learn...

Course Objectives

To explain the purpose, structure, and key components of a SOC 2 report, including the Trust Services Criteria (TSC), system description, management assertion, control activities, and the auditor’s opinion.

To differentiate between SOC 1 vs. SOC 2 vs. SOC 3 and Type I vs. Type II engagements.

To describe the full SOC 2 audit lifecycle from planning to reporting.

To evaluate a service organization’s system description for completeness, accuracy, and alignment.

To design and perform SOC 2 control testing procedures and document results consistent with professional audit standards.

To identify common SOC 2 control deficiencies and determine their impact on audit conclusions.

To develop a SOC 2 audit testing plan and execute test steps within practical demo scenarios, using sample evidence, control walkthroughs, and technology tools commonly applied in SOC examinations.

To interpret SOC 2 findings and draft key elements of the final SOC 2 report.

How you'll apply these skills...

Evaluate SOC 2 Control Design: Review system controls against the Trust Services Criteria to determine whether they are suitably designed to meet audit expectations

Test Control Operating Effectiveness: Inspect evidence, analyze samples, and validate whether controls functioned properly throughout the audit period

Assess System Descriptions: Examine system architecture, boundaries, and processes to confirm accurate and fair presentation within the SOC 2 report

Analyze Audit Evidence: Review configurations, policies, logs, and tickets to verify compliance with stated control activities

Identify and Interpret Control Exceptions: Document deviations, assess severity, and understand their impact on service commitments and audit outcomes

Support SOC 2 Reporting: Translate test results into clear, concise audit documentation that aligns with professional standards

Course Instructor

Michael Carroll, CPA, CISA, CISM

Michael is an accounting and information security professional. He is also an Adjunct Professor at several higher education institutions, where he is responsible for teaching various accounting and information technology courses.

Michael earned his MBA in Accounting and B.S. in Accounting / Accounting Information Systems from Canisius University. Additionally, Michael is a Certified Public Accountant (CPA) and a Certified Information Systems Security Professional (CISSP). Michael is a current member of the NYCPA’s Education Committee and has been an Advisory Board Member for the Academy of Finance (AOF) since 2020.

Michael enjoys traveling, hiking, and watching the Buffalo Bills. He has also participated in several marathon events.

Course Content

Course Summary 1 Topic
Lesson Content
0% Complete 0/1 Steps
Final Exam: SOC 2 Assessment Capstone

Additional Info

Format

5-20 min. videos, 2 quizzes, and a final assessment

Field of study

Information Technology

CPE Credits

CPEs 3.0

Prerequisites

Completion of prior courses in Wisdify’s IT Audit Learning Path is recommended.

Corey

Corey is the owner of Wisdify.  He is passionate about learning and development, he loves helping people achieve their professional and personal goals. Corey is a big believer in the power of online learning and community with 15 years of finance and accounting experience.

Joe

Joe is the owner of Wisdify.  He is passionate about learning and development, he loves helping people achieve their professional and personal goals. Joe is a big believer in the power of online learning and community with 20 years of finance and accounting experience.

 

Kelsey Murphy

Kelsey is Wisdify’s expert content developer. Taking feedback from our students, Kelsey creates extremely relevant blog posts and leads the development of Wisdify’s other free resources.

Prior to Wisdify, Kelsey worked as a business technology strategy consultant for Forrester, a global research and advisory firm. While there, she acted as project manager for numerous research-based consulting projects.

Kelsey earned a BA in Economics and Mathematics from Wellesley College.

Madison Bess

Madison oversees the social media strategy at Wisdify and makes sure we stay closely connected with our students, receive their feedback, and provide our students with valuable information.

Prior to Wisdify, Madison successfully ran the social media accounts for multiple companies. She also found time to start her own personal training company (which she still runs).

Madison earned a BA in English from Brigham Young University.

Maryn Coughran

Maryn is a co-founder and leads the marketing and outreach efforts at Wisdify. She ensures we are connecting with our customers, hearing their feedback, and then implementing their suggestions.

Prior to Wisdify, Maryn co-founded (along with Nate) BostonExcel, a Microsoft Excel training company that worked with dozens of companies in virtually every industry. Maryn’s clients included numerous Fortune 1000 companies, prestigious universities, startups and everything in between. She also happened to write and illustrate a children’s book. Let’s just say she’s a woman of many talents.

Maryn earned a BA in Economics from Wellesley College.

The Buckaroos

Gwyn, Jack, and Kate are the adorable tow-heads that lead up Wisdify’s campaigns on cuteness, energy, and sleep-deprivation.