About Maggie Cheney (Partner | CRISC)

Maggie has over 15 years of experience in Risk Management and IT Compliance. She spent nearly 10 years in KPMG’s IT Advisory and Attestation practice before joining a financial technology company as the Risk and Compliance Director.  She has overseen numerous SOC 1 / SOC 2 audits and other IT Compliance audits and has vast experience implementing risk management and IT compliance solutions. She is Certified in Risk and Information Systems Control (CRISC) and obtained a Bachelor of Science in Business Administration, Finance, from the University of Colorado at Boulder.

ALL ARTICLES BY Maggie Cheney (Partner | CRISC):
Understanding the limitations of internal control

Understanding the Limitations of Internal Controls – Learning to Mitigate Your Risk

You just received the draft SOC 1 or SOC 2 report from your auditor and as you’re scrolling through the opinion, you notice a reference to “Inherent Limitations.”  Inherent Limitations? Is your SOC report suggesting your controls are inadequate? Your auditor is not telling the world you have weak controls; however, every auditor opinion will reference […]

SOC audit failure

SOC Audit Failure: Common Audit Mistakes to Avoid

In performing SOC audits for Linford & CO, the clear majority of organizations do a great job providing reasonable assurance they are meeting all their controls. But I wanted to hit on a list of seven common mistakes that seem to pop up to hopefully help your organization identify them before they become