business people walking

Auditing Basics: How Does Sampling Work?

by Joseph Kirkpatrick / April 5, 2023

Why is Sampling Used During an Audit? When an organization undergoes an audit, there’s often a large amount of internal controls that an auditor has to review. However, to make this process more efficient, auditors are likely to use sampling whenever the population being tested is uniform and there’s standards that are applied across the board. How Do Auditors Use Sampling? At KirkpatrickPrice, our auditors will sample a size of…

Auditing Basics: Auditor’s Test of Controls

by Joseph Kirkpatrick / April 5, 2023

How Do Auditors Perform Tests of Controls? In order for an audit firm to be able to provide reasonable assurance and issue an opinion on an organization’s compliance with SOC 1 or SOC 2 audits, they have to test the internal controls that each organization has in place and verify that they are working as intended. To do this, auditors typically perform three types of tests of controls: interviews, reviews,…

Secure Your City: Correctional Facilities

by Sarah Harvey / June 14, 2023

As technology advances, it touches every facet of society – and that includes correctional facilities. There’s an obvious need and investment in physical security at correctional facilities, but cybersecurity is presenting new areas of risk in prisons and detention centers. New technology makes it possible for inmates to send messages, read e-books, download music, participate in video visitation, and receive money transfers. What happens if that technology is compromised by…

7 Deadly Sins of a HITRUST CSF Assessment

by Shannon Lane / October 11, 2023

 7 Deadly Sins of HITRUST At KirkpatrickPrice, we’ve worked with clients of all sizes – from startups to enterprise-level organizations. By working with so many organizations of varying sizes and industries, we’ve been able to identify seven primary pitfalls that make for a challenging audit environment, all of which represent initial difficulties that often lead to a failed or very drawn out HITRUST validated assessment attempts. In recognizing how significant…

Auditing Basics: Audit Risk, Control Risk, and Detection Risk

by Joseph Kirkpatrick / February 15, 2023

What Types of Risk Impact SOC 1 and SOC 2 Audits? SOC 1 and SOC 2 audits are largely impacted by various types of risk. During a SOC 1 and SOC 2 audit, an auditor will be focused on limiting the following types of risk: audit risk, control risk, and detection risk. So, how are those risks different? How to they affect an auditor while performing SOC 1 or SOC…