Sarbanes-Oxley (SOX) is an act originally signed into law in 2002. The act is named after Senator Paul Sarbanes and Representative Michael Oxley, who were the main architects of the act.
About Nicole Hemmer (PARTNER | CISSP, CISA)
Nicole Hemmer started her career in 2000. She is the co-founder of Linford & Co., LLP. Prior to Linford & Co., Nicole worked for Ernst & Young in Indianapolis, Chicago, and Denver. She specializes in SOC examinations and royalty audits and loves the travel and challenge that comes with clients across all industries. Nicole loves working with her clients to help them through examinations for the first time and then working together closely after that to have successful audits.
SOC 2 Vendor Management: Managing Key Vendors as Part of SOC 2 Compliance
In today’s day and age, most organizations rely on vendors for portions of the services they provide or to assist with the security and integrity of their technology and data. Managing the relationships with these vendors is important, in addition to monitoring the ongoing performance of the services provided by these vendors. When pursuing a […]
Choosing a SOC 2 Audit Firm
At Linford & Company, we fully understand that there are all sizes of companies that complete the kind of audits we do, which include SOC 1 (f. SSAE 16), SOC 2, HIPAA and royalty audits.
Understanding Audit Procedures: A Guide to Audit Methods & Test of Controls
Type II SOC engagements (for both SOC 1 audits and SOC 2 audits) require walkthroughs and testing of the controls in place at the service organization to be able to opine on the suitability of the design and the operating effectiveness of controls during the period under review. Each control objective or criteria has a […]
SOC 1 vs. SOC 2 – How They Are Different & Which Report You Need
Many of our clients and prospects get asked for a “SOC report” from their clients or customers without any further clarification. Also, many get asked for a SOC 1 and a SOC 2… so how do they know what they need? Do they need both? Just one? We get these questions all the time, and […]
SOC Readiness Assessments: Recommended Guidance for Audit Readiness
Linford & Company specializes in helping service organizations go through their Service Organization Control (SOC) review the first time.
SOC Audit Report Overview: The Definitive Guide
A SOC (System and Organization Controls) report is a report on controls at a service organization related to various types of subject matter, for example: controls that affect user entities’ financial reporting; controls that affect the security, availability, and processing integrity of the systems; or the confidentiality or privacy of the information processed for user entities’ clients.
Maintaining Optimal Cybersecurity with Remote Staff Working from Home During Coronavirus Outbreak
With COVID-19 requiring nonessential workers to work from home or social distance, many organizations are trying to navigate having their workers not in the office and still maintaining the optimal security methods from their home offices. Keep reading for some recommendations on how to maintain optimal cybersecurity with remote staff. How Do You Keep Up […]
What is Containerization? Security & Benefits
Containers and the concept of containerization has been growing rapidly over the past few years, and many organizations are struggling to keep up with the new technology and keeping their systems secure. If you and your organization are considering trying to use or moving to containers, many of your current security processes and procedures will […]
What is Upstream and Downstream Testing in Auditing?
Clients will often ask why we complexify certain types of audit procedures.