Leadership Team

Newel has over 20 years of internal control and audit, IT assurance and advisory, and accounting experience; 9 of those years were with a “Big Four” accounting firm. During his career, he has been responsible for a significant number of SOC 1 audits and SOC 2 audits for companies spanning a variety of industries. Newel has developed SOC training content, led SOC training, and acted as the SOC quality leader for an entire “Big Four” region within the United States. He has also guest lectured at several universities on various topics related to advancements in information technology accounting. He is a certified public accountant (CPA) in the state of Colorado, a certified information systems auditor (CISA), and a member of both the American Institute of Certified Public Accountants (AICPA) and the Colorado Society of CPAs. Newel holds a Bachelor of Science in Accounting and Information Systems degree from Brigham Young University.

Nicole Hemmer started her career in 2000. She is the co-founder of Linford & Co., LLP. Prior to Linford & Co., Nicole worked for Ernst & Young in Indianapolis, Chicago, and Denver. She specializes in SOC examinations and loves the challenge that comes with clients across all industries. Nicole loves working with her clients to help them through examinations for the first time and then working together closely after that to have successful audits.

Rob started with Linford & Co., LLP in 2011 and helps lead the HITRUST and ISO practices as well as performs SOC audits, NIST 800-171, and HIPAA assessments. He has spoken at Data Center World on compliance-related topics and has completed over 800 SOC examinations. He started his career as an IT auditor in 2003 with PwC in the Systems and Process Assurance group, and has worked in a variety of industries in internal audit as well as for the City and County of Denver.

Ray Dunham started his career as an Air Force Officer in 1996 in the field of Communications and Computer Systems. Following his time in the Air Force, Ray worked in the defense industry in areas of system architecture, system engineering, and primarily information security. Ray leads L&C’s FedRAMP practice but also supports SOC examinations. Ray enjoys working with clients to secure their environments and provide guidance on information security principles and practices.

Isaac Clarke is a partner at Linford & Co., LLP. He began his career with Ernst & Young in 2003 where he developed his audit expertise over a number of years. Isaac specializes in and has conducted numerous SOC 1 and SOC 2 examinations for a variety of companies—from startups to Fortune 100 companies. Isaac enjoys helping his clients understand and simplify their compliance activities. He is attentive to his clients’ needs and works meticulously to ensure that each examination and report meets professional standards.

Jaclyn Finney started her career as an auditor in 2009. She started with Linford & Co., LLP. in 2016 and is a partner with the firm. She is a CISA with a special focus on SOC, HITRUST, FedRAMP and royalty examinations. Jaclyn works with her clients to provide a process that meets the needs of each customer and generates a tailored report that is useful to the client and the users of the report.

Megan Kovash specializes in SOC audits with experience in financial audit, internal audit, and data analytics as well. Megan started her career in 2012 after completing her Masters of Accountancy with the University of Denver. She is a CPA that specializes in IT security audits and started her career at Ernst & Young in Denver, then moved to the Internal Audit Data Analytics group at Charles Schwab. She started with Linford & Co., LLP in 2019 and is a partner with the firm. Megan enjoys working with clients to find and implement solutions that better her client’s business while also meeting audit requirements.

Maggie has over 15 years of experience in Risk Management and IT Compliance. She spent nearly 10 years in KPMG’s IT Advisory and Attestation practice before joining a financial technology company as the Risk and Compliance Director. She has overseen numerous SOC 1 / SOC 2 audits and other IT Compliance audits and has vast experience implementing risk management and IT compliance solutions. She is Certified in Risk and Information Systems Control (CRISC) and obtained a Bachelor of Science in Business Administration, Finance, from the University of Colorado at Boulder.

Mark Larson started working in the technology industry in 1998 where he worked in a number of different roles prior to transitioning to the public accounting world in 2004 with Ernst & Young (EY). During his 6 years at EY, Mark provided both assurance and advisory services that spanned multiple industries for both public and private companies. After leaving EY, Mark filled leadership roles within Internal Audit, Technology, and Security functions for several companies. Mark specializes in SOC examinations and enjoys helping clients establish, formalize, and report on effective control environments while strengthening their security risk profile.

Lois started with Linford & Co., LLP in 2020. She began her career in 1990 and has spent her career working in public accounting at Ernst & Young and in the industry focusing on SOC 1 and SOC 2 and other audit activities, ethics & compliance, governance, and privacy. At Linford, Lois specializes in SOC 1, SOC 2, HIPAA, ISO, and CMMC audits. Lois’ goal is to collaboratively serve her clients to provide a valuable and accurate product that meets the needs of her clients and their customers all while adhering to professional standards.

Rhonda is a Partner at Linford & Co. delivering risk services, compliance attestations, and certification engagements. Rhonda has her CPA, CISSP, CISA, ISO Lead Auditor Certification, and her PMP certification. Previously, Rhonda was a Managing Director at Deloitte, and brings a wealth of expertise in the areas of risk management and compliance and delivers excellent client service. Rhonda actively supports clients in all industries and focuses on compliance frameworks such as SOC 1, SOC 2, HIPAA, HITECH, ISO/IEC 27001:2022, ISO/IEC 27017, ISO/IEC 27018, NIST 800-171, and HITRUST.

Kevin has over ten years of experience in internal controls, audit, and advisory work. Kevin started his career in public accounting at Deloitte focusing on internal controls, SOC audits, and IT assurance work. After Deloitte, Kevin filled a leadership role in the SOX Compliance group at a financial services company. Kevin is a CPA and holds a Bachelor of Science degree in Accounting from Brigham Young University and a Master of Business Administration degree from Ohio University.

Becky McCarty has extensive experience in internal controls, audit, and advisory services. She specializes in SOC, HIPAA, and ISO/IEC 27001:2022 examinations for Linford & Co., LLP. Becky completed a Bachelor’s degree in Business Administration (Accounting) and a Master of Science degree in Management Information Systems. She worked 6 years with KPMG LLP commencing in 1999, worked many years in the energy industry, and joined Linford & Co., LLP in 2018. Becky also served 9 years on the Board of Directors for a home healthcare nonprofit. She works closely with clients so that the examinations are performed efficiently and with minimal disruption while ensuring performance in accordance with professional guidance. She enjoys helping clients successfully achieve the requirements for their security compliance reporting needs.

Hilary’s career in IT audit and assurance spans more than a decade, giving her the opportunity to work with start-ups who are newer to compliance and large corporations with well-established audit programs. During her time at Linford, and previously at Deloitte, she has developed extensive experience with SOC reporting, HIPAA compliance, NIST audits, readiness assessments, Sarbanes-Oxley (SOX) 404 examinations, and complex remediation projects. Hilary is a Certified Information Systems Auditor (CISA), an ISO 27001 Lead Auditor, and holds a Master’s Degree in Accounting from the University of Colorado–Denver and a Bachelor’s Degree in Business Administration from Colorado State University.

Jenny has been in risk advisory and compliance since 2008. She spent 7 years at Ernst & Young where she was responsible for both audit and advisory engagements across financial services, energy, technology, and healthcare sectors. Since 2015, she has been focusing on serving SaaS-based companies, assessing their control environments as part of SOC reporting, HIPAA compliance, ISO 27001 and HITRUST certification, and PCI compliance initiatives. She is a certified information systems auditor (CISA), HITRUST assessor (CCSFP), information systems security professional (CISSP), PCI QSA, ISO 27001 Lead Auditor, and AWS cloud practitioner. Jenny received her Bachelor of Science and Master’s degrees in Information Systems Management from Brigham Young University.

Danielle started her information systems compliance career in 2003 at PricewaterhouseCoopers in their Systems and Process Assurance group, followed by the Internal Audit Department of a financial services company and the IT compliance group for a large healthcare organization. She has experience in IT general control reviews, SOC audits, HIPAA compliance, Sarbanes-Oxley section 404 attestation engagements, and Payment Card Industry Data Security Standards (PCI DSS) compliance. Danielle is a Certified Information Systems Auditor (CISA) and received her Bachelor of Science degree in Management Science & Information Systems from Penn State University.

Richard Rieben is a Partner and HITRUST practice lead at Linford & Co., where he leads audits and assessments covering various frameworks including HITRUST, SOC, CMMC, and NIST. With over 20 years of experience in IT and cybersecurity and various certifications including PMP, CISSP, CCSFP, GSNA, and CASP+, Richard is skilled in helping growing organizations achieve their information security and compliance goals. He holds a Bachelor of Science in Business Management and an MBA from Western Governors University.

Ben Burkett is a partner at Linford & Company, where he specializes in IT compliance and risk management audits. With more than twenty years of technology and audit experience that began at KPMG in 2002, Ben has led IT risk management initiatives, directed an IT Project Management Office and a Technology Business Management function, and served in finance and technology leadership roles. He holds certifications as a CPA, CISA, CISSP, CRISC, and as a Lead Auditor for ISO/IEC 27001 and ISO/IEC 42001.

At Linford & Co., Ben guides clients through HIPAA, SOC 2, SOC 1, and ISO readiness and attestation engagements, with a focus on efficient, risk‑based audits that deliver actionable insights.