About Richard Rieben (CISSP, PMP, CCSFP)

Richard Rieben | Auditor at Linford & Co

Richard is a leader in the HITRUST practice with Linford & Company and performs a variety of other assessments including SOC, HIPAA and NIST. He has guided more than 100 clients on their compliance journeys and holds a variety of certifications including the PMP, CISSP, GSNA and CCSFP as well as the CASP+, CySA+, Security+ and others from CompTIA, which he supports actively as a member of the Subject Matter Expert Governance Committee. He also holds an MBA from Western Governors University.

CONTACT AUDITOR
ALL ARTICLES BY Richard Rieben (CISSP, PMP, CCSFP):
What is HITRUST?

What is HITRUST? A Practical Guide to Certification

Our firm has been a HITRUST External Assessor Organization for several years and in that time we have successfully helped dozens of organizations obtain and maintain HITRUST certifications. We have identified common pitfalls and other barriers to success and we’ve also learned some keys to success. In this article, I’ll break down some of the […]

How to score HITRUST CSF controls

How to Score HITRUST CSF Controls?

Preface: It is important to note that HITRUST changed the scoring mechanisms for HITRUST in early 2020. These changes increased the focus on the implementation of controls as is demonstrated through the increased weighting of the implementation criteria (40 vs. 25) and decreased weighting of policy criteria (15 vs. 25). In order to perform a […]

Five AWS security tools for SOC 2 compliance

How to Simplify SOC 2 Compliance with AWS Security Tools

Amazon Web Services (AWS) is an ever-evolving cloud services platform that continues on its path to remaining the market leader in cloud infrastructure. If you use AWS services, you have an idea of what we’re talking about. However, are you sure you’re using all the AWS tools possible for SOC 2 compliance? Do you know […]

HITRUST Framework

An Expert’s Guide to the HITRUST Framework

“What is HITRUST?” is typically the first question asked of Linford by organizations exploring HITRUST for the first time. Formerly, HITRUST stood for Health Information Trust Alliance but recently it rebranded to simply HITRUST to align with changes to the “framework” making it industry agnostic (more below). HITRUST is an organization and a security framework. […]