About Hilary Stavrakas (CISA)

Hilary Stavrakas | Linford & Co

Hilary has eight years of IT audit and assurance experience. Prior to starting at Linford & Co, Hilary worked for Deloitte managing audit readiness assessments, Sarbanes-Oxley 404 and SOC examinations, and complex remediation procedures. Hilary is a certified information systems auditor (CISA), holds a Master’s Degree in Accounting from the University of Colorado-Denver and a Bachelor’s in Business Administration from Colorado State University.

CONTACT AUDITOR
ALL ARTICLES BY Hilary Stavrakas (CISA):
Covered entities vs. business associates under HIPAA

HIPAA Business Associate vs. Covered Entity: Differences & Expectations

In order to properly assess the relevance of HIPAA compliance to your organization, it is important to understand what a Covered Entity (CE) and a Business Associate (BA) are. In this blog we’ll talk about what these items are, the differences between them, and how they are handled differently when assessing HIPAA compliance. Differences Between […]

Audit deficiency analysis 101

Assess, Remediate, & Prevent Audit Deficiencies – The Internal Control Deficiency Lifecycle

Are you interested in SOC services but unsure what will be asked from you if internal control deficiencies are found? We all know the scary words “qualification” or “misstatement”, but what about the less scary but still important term: deficiency? This is also known as a “finding” or “gap” and a deficiency can also be […]

SOC 2 for healthcare audit compliance

SOC 2 in Healthcare: Why Do Soc Reports Matter for Audit Compliance?

An audit is intended to build trust, decrease risk and encourage efficiency in business practices. While these traits are important for all businesses, they are critical for entities within the healthcare industry. No company is immune to risk, but those in the healthcare industry have a higher inherent risk based on the types of data […]

Operating System Hardening & Benefits

Operating System Hardening: Benefits, Importance, & Other Considerations

In the following paragraphs we’ll discuss what hardening means, the benefits and disadvantages it brings, and where to begin in the process of securing an operating system. Let’s first understand what the hardening process is. The concept of hardening, in relation to computing, is when the system is made more secure through the use of […]

Data migrations and SOC 2 reports

Data Migrations & Their Impact on a SOC 2 Report

Service organization environments are ever-changing. As the organization adapts, the systems used by the service organization change in alignment. This process of migrating to a new application or migrating your infrastructure to the cloud can be significant, not just to the organization, but to the service organization’s users. What is a Data Migration & When […]

SOC 2 section 5: The unaudited section

What is Section 5 of the SOC 2? The Unaudited Section of a SOC Report

Section 5, the unaudited section, of the SOC 2 report can vary significantly between reports. It may contain a lot of details about the service organization or it may only contain a response from management for a deficiency. So what can go in this section? There are various topics that can be included that can be […]