Lois started with Linford & Co., LLP in 2020. She began her career in 1990 and has spent her career working in public accounting at Ernst & Young and in the industry focusing on SOC 1 and SOC 2 and other audit activities, ethics & compliance, governance, and privacy. At Linford, Lois specializes in SOC 1, SOC 2, HIPAA, ISO, and CMMC audits. Lois’ goal is to collaboratively serve her clients to provide a valuable and accurate product that meets the needs of her clients and their customers all while adhering to professional standards.
The AICPA Auditing Standards Board issued Statement of Quality Management Standards (SQMS) No. 1 in June 2022 for CPA firms having an accounting or auditing practice, with an effective date of December 15, 2025. SQMS No. 1 supersedes Statement on Quality Control Standards No. 8, A Firm’s System of Quality Management. As a reader of […]
Some of our clients occasionally ask us when it is a good idea to get a SOC 3 report. The answer for most companies is that a SOC 3 is not necessary.
A common concern being expressed by the general public and the United States government is the state of cybersecurity and the strength of the country’s ability to protect itself against a cybersecurity attack from within and without the United States. In response to this concern, the Department of Defence (DOD) has been working on the […]
Auditors performing financial statement audits are already aware of the Public Company Accounting Oversight Board (PCAOB) auditing standard AS 3101, The Auditor’s Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion effective for audits of fiscal years ending on or after December 15, 2017. Within this standard are the requirements […]
With the rise of organizations providing artificial intelligence (AI) or machine learning (ML) tools and services, one has to wonder about the risks associated with those services and the security, at the very least, of the data used for and created as a result of the AI and ML services. Data considerations include the makeup […]
There are five Trust Service Principles (TSPs) that can be included in the scope of a SOC 2 examination.
In September 2020, the AICPA issued a new Statement on Standards for Attestation Engagements (SSAE) labeled as SSAE No. 21, Direct Examination Engagements. You might ask, “Why do we care about it now?” We care about it now because it is effective for all practitioners’ reports dated on or after June 15, 2022. A date […]
Consider this, an organization has an internal or external audit about to start or an incident has occurred that needs to be investigated. These activities each require evidence to support the who, when, what, where, and why of the activity. One way this can be done is by tracing the activity through an audit trail. […]
Over the last several years there has been a growth in the offering of SOC 2 software tools or, also thought of as SOC 2 compliance monitoring tools (of which these terms will be used interchangeably throughout this article). These tools provide functionality and support designed to help a service organization attain SOC 2 compliance. […]
In today’s world, great importance and attention are placed on personal privacy and, importantly, privacy over an individual’s personal information and data. The highly electronically connected world and easy availability of information on the internet and through information sharing between organizations raise the concern as to how individuals’ personal information and data are protected. There […]
