About Becky McCarty (CPA, CISA, CRISC, CIA, CFE)

Becky McCarty

Becky McCarty (CPA, CISA, CRISC, CIA, CFE) specializes in SOC 1 and SOC 2 examinations for Linford & Co., LLP. She completed her Master’s degree in Information Systems in 1996, started working with KPMG in 1999, and joined Linford & Co., LLP in 2018. She works closely with clients so that the examinations are performed efficiently and with minimal disruption while ensuring performance in accordance with professional guidance. She enjoys helping clients successfully achieve the requirements for their SOC audit reports based on their applicable trust services criteria.

VPN encryption protocols

Guide to VPN Encryption Protocols: How Does Encryption Work?

In today’s digital world and with many individuals working remotely and executing transactions over the internet, you may wonder how secure your connection is and if your information and that of your employer remain private. Unscrupulous individuals want your private data and your company’s data. Nonpublic data is valuable and if it can be sold […]

vendor vs subservice organization

Vendor vs Subservice Organizations: Understanding the Difference & How it Affects You

A service organization may have a number of vendors and subservice organizations engaged to assist them in meeting their objectives or achieving the service commitments to their user entities along with the system requirements necessary to do so. This article will explain the difference between a vendor and a subservice organization and provide some tips […]

Coronavirus security threats

Coronavirus Security Threats: Tips to Mitigate Cybersecurity Risks

As if the COVID-19 pandemic isn’t enough to deal with already, coronavirus security threats are erupting as nefarious individuals use this crisis to target organizations and individuals for their own financial gain. This article addresses some of the coronavirus scams out there today that threaten your security and how you may protect yourself. Stimulus Payments […]

What is PCI compliance

What is PCI Compliance?

PCI Compliance deals with the Payment Card Industry (PCI). If your entity is a merchant that is involved in processing payment card transactions, then the standards apply to your entity and your entity should be compliant with the PCI Data Security Standard (DSS) in order to protect cardholder data. While the PCI DSS is not […]

SOC 2 privacy audit

The SOC 2 Privacy Audit

The trust services criteria applicable to a SOC 2 privacy audit covering the privacy criteria applies only to personal information such as health records, payment card information, or other personally identifiable information (PII). This is different than for the confidentiality criteria which applies to various types of sensitive information such as customer lists, product specifications, […]

What is data security

What is Data Security?

Data security refers to the controls implemented by a company to protect its data from unauthorized access and corruption. A good control environment around data security isn’t built on trust, it’s built on controls that are operating effectively allowing verification and adequate oversight. The implementation of mature data security protocol and measures by which individuals […]

How COSO principles & trust services criteria align

How the COSO Principles & Trust Services Criteria Align

In 2013, the Committee of Sponsoring Organizations of the Treadway Commission, better known as COSO, enhanced their internal control framework that has been widely adopted globally by a large number of organizations. This internal control framework is made up of five COSO components and 17 COSO principles that is used by many organizations to comply […]