IT Audit & Compliance Blog | Linford & Company LLP

What is a Third Party Administrator (TPA) Audit?

By Rob Pierce Published on April 14, 2017

A Third Party Administrator (TPA) is a service organization that provides a variety of services to the insurance industry in accordance with a service agreement. [...]

How Is Your (Cyber) Hygiene?

By Ray Dunham Published on February 21, 2017

When most people think of hygiene, I would venture to say that technology or computer systems are not part of the mental picture. There are interesting parallels, however, between what we think of as “normal” hygiene and cyber hygiene. [...]

What Period Is Covered In A Type II SOC Examination?

By Nicole Hemmer Published on January 10, 2017

A type II SOC 1 (f. SSAE 16) or SOC 2 report (versus a Type I) is the most useful for a service organization to provide to a client. Most reports cover a 12 month period, but can be as short as six months [...]

What is FISMA?

By Ray Dunham Published on October 25, 2016

The Federal Information Security Management Act (FISMA) was originally released in December 2002 and established the importance of information security principles and practices within the Federal Government, noting that information security was “critical to the economic and national security interests of the United States. [...]

What Is COBIT®?

By Ray Dunham Published on September 6, 2016

COBIT® stands for Control Objectives for Information and Related Technology. What is it? Put simply, it is a framework for enterprise wide governance to include business functions, information and information technology resources. The COBIT® framework provides a structure upon which to build an enterprise governance program. [...]

The HIPAA Contingency Plan

By L&Co Staff Auditors Published on February 3, 2016

One of the areas we review on all audits and assessments of the HIPAA Security Rule is HIPAA’s requirements concerning contingency plans. [...]

Data Analytics as an Audit Tool

By Rob Pierce Published on March 15, 2012

Data analytics is defined as the process of inspecting, cleaning, transforming, and modeling data with the goal of highlighting useful information, suggesting conclusions, and supporting decision making. Common uses of data analytics: Customer resource management (CRM) – Analytics can help companies monitor and understand customer actions and create more targeted advertising and services. Business intelligence [...]