About Jason Canlas (CISA, CDPSE)

Jason Canlas | Linford & Co Auditor

Since 2004, Jason has performed and managed global IT SOX and operational audits including IT General Controls and SDLC audits, ISO 27001 internal assessments, and cybersecurity and privacy compliance audits. At HP Inc., he was involved in developing SOC report review training and guidance. Jason began his IT audit career in 2004 at PwC in the Systems and Process Assurance team and focused on internal and external SOX audits for various clients in the oil & gas, chemical, pipeline, electrical, and medical industries, in the Greater Houston area. Jason holds a Bachelor’s degree in Business Administration (Information Systems) and a Master’s degree of Information Systems Management.

Risk matrix 101

When, How, And Why To Use A Risk Matrix

All SOC 2 examinations must include security common criteria. This includes reviewing a company’s (i.e. entity’s) risk assessment process (risks identified, risk matrix, controls in place to address the risks, etc.). However, one of the challenges that the AICPA has found when it comes to doing risk assessments is that companies are unclear on what […]