IT Audit & Compliance Blog

The Linford & Company Blog is written by our very own auditors, who are experts in IT audits, information security, and compliance topics. Their auditing experience encompasses a broad spectrum of industries and organizations, and their specialized expertise can help your company or organization make the right decision for your auditing needs. Our specific areas of focus in our IT Audit & Compliance Blog include SOC 1 reports, SOC 2 reports, HIPAA reports, HITRUST and FedRAMP assessments.

What is an internal auditor?

What Is An Internal Auditor & Why Should You Hire One?

What is an Internal Audit? The Institute of Internal Auditors (IIA) defines internal audit as the “independent, objective assurance, and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and […]

HITRUST readiness assessment pitfalls

Avoiding HITRUST Readiness Assessment Pitfalls

Healthcare is a complicated topic. When the term is raised, the altruists among us focus on helping their fellow man. But like any endeavor managed by people, there is a business aspect to it. The business of healthcare faces the same problems as other types of businesses. It must operate efficiently, securely, and offer something […]

IT audit guide

IT Audits 101: Professional Guidance From an IT Auditor

In the ever-evolving landscape of technology, organizations rely heavily on their information systems and digital infrastructure to operate efficiently and securely. However, with technological advancements come new risks and vulnerabilities. To determine the integrity, availability, and confidentiality of data, organizations turn to Information Technology (IT) audits—a systematic evaluation of their IT systems and controls. In […]

VPN encryption benefits

What are the Benefits of Using VPN Encryption?

In today’s digital world and with many individuals working remotely and executing transactions over the internet, you may wonder how secure your connection is and if your information and that of your employer remain private. Unscrupulous individuals want your sensitive private data such as your personally identifiable information (PII) and your electronic protected health information […]

SOC for supply chain reports

SOC for Supply Chain: Professional Guidance for Supply Chain Audits

Software supply chain attacks increased by 650% during 2021.  In addition, Gartner® predicts that by 2025 “45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.” The need for users to understand supply chain processes and the controls that exist to minimize risks around supply chain activities […]

What is a SOC 1 report?

What is a SOC 1 Report? Expert Advice for Audit Compliance

We frequently are asked by our clients and prospective clients, “What are SOC 1 reports and when they should be considered?” Our response is usually a question, “Can your service impact the financial statements of your clients?” In some cases, the prospective client has an immediate answer and describes the financially relevant process. In other […]