About Jenny Shen (CISA, CISSP, CCSFP)

Jenny Shen (Linford & Co Auditor)

Jenny has been in risk advisory and compliance since 2008. She spent 7 years at Ernst & Young where she was responsible for both audit and advisory engagements across financial services, energy, technology, and healthcare sectors. Since 2015, she has been focusing on serving SaaS-based companies, assessing their control environments as part of SOC reporting, HIPAA compliance, and HITRUST certification initiatives. She is a certified information systems auditor (CISA), HITRUST assessor (CCSFP), information systems security professional (CISSP), and AWS cloud practitioner. Jenny received her Bachelor of Science and Master’s degrees in Information Systems Management from Brigham Young University.

Corrective action plans for audit results

Corrective Action Plans 101: Guide for Managing Audit Findings

If your organization has gone through an audit against a compliance framework, whether it be SOC 1, SOC 2, HITRUST, FedRAMP, or HIPAA, you might shudder at the thought of the words “findings,” “gaps,” and “deficiencies.” However, even an audit with a favorable outcome (e.g. unqualified opinion, certification, authorization) could come with findings and recommendations […]

What is a security operations center (SOC)

What is a Security Operations Center (SOC) & Why Should You Invest in One?

In our increasingly digital world, cybersecurity is critical to ensure the security, availability, and confidentiality of customer data. Recent events around the world, such as the ransomware attack that forced the shutdown of the nation’s biggest fuel pipeline in May 2021, should be sufficient cause for all businesses to place cybersecurity as their top priority. […]