Market Overview

Enterprise Risk Management, Inc. Expands SOC Practice to Meet Market Needs


Enterprise Risk Management, a leading cybersecurity company, is pleased
to announce the expansion of its System and Organization Controls (SOC)
practice group.

SOC is an auditing framework developed by the American Institute of
Certified Public Accountants that assures the effectiveness of an
organization's controls over sensitive data. Under the framework, CPAs
with IT Security expertise perform a detailed examination of how
organizations protect the availability, integrity and confidentiality of
data and systems.

"We're seeing a growing demand for SOC services,'' said ERM founder and
president Silka Gonzalez. "Organizations want to achieve a clean SOC
report so that they can demonstrate their IT security competency to
regulators, customers and stakeholders.''

Joining ERM are:

  • Karen Livingstone, a CPA with more than 25 years of experience
    in risk management and compliance. Prior to joining ERM, she was the
    Chief Audit Executive for Heico Corporation (NYSE:HEI). She also
    served in various audit and compliance roles at the Institute of
    Internal Auditors, Electronic Data Systems, Knight Ridder, Office
    Depot, FPL and Arthur Anderson. She has multiple audit and IT security
    certifications including: CPA, CISA, AMCLA, CIA and CRMA. She joins
    the company full-time.
  • Dr. Antoinette Smith, a CPA and Professor of Accounting at
    Florida International University. Prior to joining the FIU faculty,
    she served in audit, information system and forensic investigation
    roles for NASA, the Department of Defense and various private
    accounting and consulting companies. As a tenured professor, she
    conducts research and teaches courses in data analytics, system
    controls, cloud computing, blockchain accounting and other IT specific
    areas. She joins the company as a contractor.

The practice group is led by Ms. Gonzalez, a CPA with extensive
experience in Information Security, along with ERM Director of
Consulting Esteban Orlando Farao, who has led cybersecurity assignments
around the world for ERM and PwC. They are supported by our highly
trained group of security consultants.

"With cyberattacks now commonplace, it's imperative for organizations to
subject themselves to independent and rigorous examinations of how well
they are protecting their data,'' Gonzalez said. "SOC gives companies
assurance that they and their vendors are properly protecting sensitive

About ERM

ERM is a leading Information Security & Training Company. Services
include Information Security strategy, cybersecurity assessments,
remediation solutions, digital forensics and security awareness
training. Founded in Miami in 1998, ERM has served more than 300 clients
globally in over 25 industries.

About SOC

For more information about SOC, download our Free Guide to Understanding
SOC Assessments at

View Comments and Join the Discussion!