top of page
Agenda Header.png

What Is Missing in the SOC Examination Reports You Receive?

April 10, 2024

4:10 - 5:00 PM

Valley of the Sun D

Join the leaders of the SOC & HITRUST Practice at FORVIS for an industry-agnostic webinar to learn the purpose of SOC reports, how to read and understand SOC reports, and identify third-party risks that require further evaluation. SOC reports are a critical component of internal controls over financial reporting. Join us as we discuss our approach to evaluating these critical reports.

Jennifer Jones | Principal, National SOC & HITRUST Practice Leader | FORVIS LLP

Jennifer is a Principal within FORVIS’ Advisory division and is the National Practice Leader of the SOC and HITRUST Practice. She works with public and private companies within various industries while focusing on the financial services, technology, and healthcare industries.


Her more than 20 years of experience includes leading third-party risk-related engagements issued under the AT-C 105, 205, 215, 315, and 320 standards (SOC 1, SOC 2, Compliance Examinations, General Examinations, Agreed-Upon Procedures), and HITRUST engagements focusing on both IT and business process controls and the underlying general computer controls supporting those processes.


Jennifer has had experience in a variety of industries including technology, financial services, asset management, supply chain, fintech, healthcare, and real estate.

Ryan Boggs | Principal | FORVIS LLP
Ryan is a Principal within the SOC and HITRUST Practice. Ryan has over 15 years of experience in the areas of third-party risk-related audits and specializes in system and controls (SOC) and, HITRUST engagements. He has experience managing both engagements for small, private domestic clients, and large, public, international clients. Ryan has guided numerous clients through the SOC and HITRUST engagement life cycles, from Readiness Assessments, consulting on compliance gaps, and advising on internal control and cybersecurity frameworks, to performing the examination or validated assessment. Ryan has had experience in a variety of industries including financial services, insurance, healthcare and technology organizations.

bottom of page