About Nicole Hemmer (PARTNER | CISSP, CISA)

Nicole Hemmer started her career in 2000. She is the co-founder of Linford & Co., LLP. Prior to Linford & Co., Nicole worked for Ernst & Young in Indianapolis, Chicago, and Denver. She specializes in SOC examinations and royalty audits and loves the travel and challenge that comes with clients across all industries. Nicole loves working with her clients to help them through examinations for the first time and then working together closely after that to have successful audits.


What is Containerization? Security & Benefits

Containers and the concept of containerization has been growing rapidly over the past few years, and many organizations are struggling to keep up with the new technology and keeping their systems secure. If you and your organization are considering trying to use or moving to containers, many of your current security processes and procedures will […]

Audit Sampling in SOC examinations

Audit Sampling in SOC Examinations

In completing SOC 1 and SOC 2 examinations (and most other types of audits), there is testing involved to determine the operating effectiveness of controls. There are different types of tests that can be applied to testing controls (for more information on the five types of tests refer to our article, Five Types of Testing Methods […]

Soc 2 audit security trust services criteria

SOC 2 Security Trust Services Criteria

The Trust Services Criteria (TSC) were developed by the AICPA Assurance Services Executive Committee (ASEC). The available TSCs for a SOC 2 audit include: Security (also known as common criteria). This is the only required TSC and is included to demonstrate that systems at a service organization are protected against unauthorized access and other risks […]

Confidentiality trust services criteria

Confidentiality Trust Services Criteria in a SOC 2

The available Trust Services Criteria (TSC) as defined by the American Institute of Certified Public Accountants (AICPA) that are options to be included in a SOC 2 audit are the following: Security (also known as common criteria). Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could […]