About Olivia Refile (Manager, CISSP, CISA)

Olivia Refile | Linford & Company

Olivia Refile (CISSP, CISA, CRISC, GSEC, ISO lead Auditor) specializes in SOC examinations for Linford & Co., LLP. She completed her Bachelors of Business Administration, with a concentration in Management Information Systems from Temple University’s Fox School of Business in 2010. Olivia started her career in IT Risk Management in 2010 specializing in internal, external audits as well as IT security risk assessments. Following her time in risk management Olivia moved solely into external IT Audit and is currently dedicated to performing SOC 1 and SOC 2 examinations.

CONTACT AUDITOR
ALL ARTICLES BY Olivia Refile (Manager, CISSP, CISA):
Types of penetration tests and tools

Types of Penetration Tests: A Look at Different Pentest Techniques & Tools

We have a few blogs written on penetration testing. These blogs include information on the steps or phases to properly conduct a penetration test, how penetration tests relate to satisfying SOC 2 requirements, information on how penetration testing compares to vulnerability assessments, and more. Feel free to check out these related blogs: External Penetration Testing […]

SOC 2 Data Centers: Becoming compliant

How to Become a Compliant SOC 2 Data Center: Auditor Guidance

When determining a cloud hosting or colocation provider, customers want to have assurance that they are utilizing a safe, secure, and competent provider. As such, data center providers can undertake a number of IT audits or examinations in order to demonstrate to customers and prospects that they have controls in place to protect client data […]

Importance of vulnerability scans for SOC 2 audits

Vulnerability Scanning: Importance of Vulnerability Scans in SOC 2 Audits

In light of prevalent and ongoing public data breaches, understanding where an organization’s vulnerabilities are is of great importance for prevention and security. Conducting vulnerability scans are a key component in helping prevent successful external adversary attacks. In this article, I will discuss briefly what vulnerability scans are, the common types, and how they help […]

benefits of hitrust certification

The Benefits of HITRUST Certification: Understanding HITRUST vs HIPAA

In previous blog articles, we have covered HITRUST certification and compliance requirements, understanding the HITRUST certification process, and scoring HITRUST CSF controls, but one question we hear constantly is, “What is the benefit of getting HITRUST certified?” Additionally, we hear a lot of “How does a HITRUST certification differ from HIPAA compliance?” This blog will […]

De-identification of personal data

De-Identification of Personal Information: What is It & What You Should Know

Many organizations may be retaining personal data and it is important for this information to be properly protected and or anonymized. One method to ensure personal information is appropriately anonymized is through de-identification. This article will explain what de-identification is, how to go about de-identifying personal data, and why it is important. To start, a […]

Third party risk management

Vendor/Third-Party Risk Management: Best Practices

How to Appropriately Select Vendors and Also Manage and Monitor Their Associated Risks In this article, I will discuss what vendor risks are and the importance of why risk associated with vendors, in support of your business, should be identified and then monitored on an ongoing basis. Further, I will discuss how organizations can actually […]