Go Through a Gap Analysis Without the Stress

by Sarah Harvey / June 14, 2023

At KirkpatrickPrice, our goal is to partner with our clients to help them achieve their challenging compliance objectives. While many other CPA firms solely focus on performing audits and delivering reports, our dedicated team of experienced Audit Support Professionals and Information Security Specialists are there to guide you through the audit process so that you leave the engagement feeling confident in your organization’s security hygiene and are prepared to tackle…

CellarStone Completes GDPR Audit

by Sarah Harvey / April 12, 2023

Independent Audit Reviews CellarStone’s Controls in Support of GDPR Half Moon Bay, CA – CellarStone, a provider of systems, solutions, and services focused on incentive management, PaaS application development, and data integration, today announced that it has completed its GDPR audit. This audit verifies that CellarStone, in its role as a processor, has implemented safeguards that meet the protections required by GDPR and its data protection program is operating with…

Onsite Visits vs. Remote Audits

by Joseph Kirkpatrick / June 15, 2023

When you start an audit, you’re looking for a quality experience in a timely manner. One of the biggest aspects of an audit is the onsite visit - but what if an auditing firm that you're considering working with offers to skip the onsite visit in order to deliver your report faster? What if they say your internal controls don't require an onsite visit? What if you have an entirely…

What is Mobile Application Penetration Testing?

by Sarah Harvey / December 15, 2022

So often, mobile devices are assumed to be the causes of security incidents or breaches, but mobile applications usually serve as the attack vector. In 2018, one in 36 mobile devices had high risk apps installed. There were 2,328 variants of mobile malware. Only about 50% of mobile apps were running on the newest, major iOS version and 19% for Android. Mobile applications and their risks aren’t something you can avoid.…

How to Scale Your Information Security Program as You Grow

by Sarah Harvey / June 15, 2023

It’s a great accomplishment for startups to meet compliance goals, like gaining SOC 2 attestation or becoming HITRUST CSF certified – but what happens after you receive your report? How do you continue to implement the lessons you learned and the controls you developed? What happens when a CISO or an IT director leaves the company? Will your information security program withstand your projected growth? These are all things to…