Andrew Mathieson

All Topics

SOC Report 2022 Revised Points of Focus

SOC Report 2022 Revised Points of Focus

In late 2022, the AICPA updated its guidance on performing System and Organization Controls (SOC) attestations with revised points of focus that offer enhanced context for meeting the criteria in your report. Organizations and their auditors should be aware of the updates and go through an exercise to actively incorporate these revised points of focus […]

A Startup’s First Steps to SOC Readiness
A Startup’s First Steps to SOC Readiness

A Startup’s First Steps to SOC Readiness

Early-stage companies have a lot to contend with, including funding, staffing, infrastructure, product development, and marketing, which can create a chaotic environment. Those that collect personal identifiable information or health information as part of their business model also must add earning their SOC (System and Organization Control) certification to the list. The SOC Report has […]

SOC Report: Why are our Sales & Marketing Teams Insisting we have one?

SOC Report: Why are our Sales & Marketing Teams Insisting we have one?

Prospects may ask for a SOC report as a way to assess the controls and processes in place at an organization before doing business with them. Many organizations, particularly in regulated industries or those that handle sensitive information, are required to demonstrate compliance with relevant regulations and industry standards. A SOC report can be an […]

SOC 2 Meets Death Master File Certification Requirements
SOC 2 Meets Death Master File Certification Requirements

SOC 2 Meets Death Master File Certification Requirements

The System and Organization Controls (SOC) framework may be mapped to achieve requirements of the National Technical Information Service’s (NTIS) Limited Access Death Master File (LADMF) certification. When choosing SOC 2 to achieve your LADMF certification, businesses may also benefit from the marketing value of their SOC 2 attestation, which demonstrates your commitment to access […]

Strong Password Policy Requirements Protect Data, Systems
Strong Password Policy Requirements

Strong Password Policy Requirements Protect Data, Systems

It remains a critical and ever-evolving challenge to protect your organization’s data and operations from destructive forces such as unauthorized users, cyberattacks, and data breaches. The first level of security from such attacks is the implementation of strong password policies as a line of defense for an organization’s data security. Balancing risk and user-friendliness is […]

Growth in AAFCPAs’ Business Process & IT Consulting Practice

Growth in AAFCPAs’ Business Process & IT Consulting Practice

Boston, MA (8/3/2022) – AAFCPAs, a best-in-class CPA and consulting firm known for tax, assurance, accounting, wealth management, business process, and IT advisory solutions, today announced the addition of Andrew Mathieson and Brenna Mellen. These professionals join the firm’s growing Business Process & IT Consulting Practice, which provides business intelligence & productivity, information risk management & cybersecurity, […]