ERMProtect Expands SOC Practice to Meet Market Needs

MIAMI - Enterprise Risk Management, a leading cybersecurity company, is pleased to announce the expansion of its System and Organization Controls (SOC) practice group.

“We’re seeing a growing demand for SOC services,’’ said ERMProtect founder and president Silka Gonzalez. “Organizations want to achieve a clean SOC report so that they can demonstrate their IT security competency to regulators, customers and stakeholders.’’

SOC is an auditing framework developed by the American Institute of Certified Public Accountants that assures the effectiveness of an organization’s controls over sensitive data. Under the framework, CPAs with IT Security expertise perform a detailed examination of how organizations protect the availability, integrity and confidentiality of data and systems.

“We’re seeing a growing demand for SOC services,’’ Gonzalez said. “Organizations want to achieve a clean SOC report so that they can demonstrate their IT security competency to regulators, customers and stakeholders.’’

Joining ERM:

  • Karen Livingstone, a CPA with more than 25 years of experience in risk management and compliance. Prior to joining ERM, she was the Chief Audit Executive for Heico Corporation (NYSE: HEI). She also served in various audit and compliance roles at the Institute of Internal Auditors, Electronic Data Systems, Knight Ridder, Office Depot, FPL and Arthur Anderson. She has multiple audit and IT security certifications including: CPA, CISA, AMCLA, CIA and CRMA. She joins the company full-time.

The practice group is led by Ms. Gonzalez, a CPA with extensive experience in Information Security, along with ERM Director of Consulting Esteban Orlando Farao, who has led cybersecurity assignments around the world for ERM and PwC. They are supported by our highly trained group of security consultants.

“With cyberattacks now commonplace, it’s imperative for organizations to subject themselves to independent and rigorous examinations of how well they are protecting their data,’’ Gonzalez said. “SOC gives companies assurance that they and their vendors are properly protecting sensitive data.’’


About ERMProtect

ERM is a leading Information Security & Training Company. Services include Information Security strategy, cybersecurity assessments, remediation solutions, digital forensics and security awareness training. Founded in Miami in 1998, ERM has served more than 300 clients globally in over 25 industries.


About SOC

For more information about SOC, download our Free Guide to Understanding SOC Assessments at



Judy Miller, 305-447-6750
Managing Director, Communications & Forensics

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Recent News

City of Coral Gables Honors ERMProtect Cybersecurity Solutions

The city of Coral Gables today presented ERMProtect Cybersecurity Solutions with a Certificate of Recognition for contributing to the economic growth and success of the “City Beautiful.” …

ERMProtect Cybersecurity Solutions Launches Stingray, An Automated, Simulated Phishing Tool

We have launched Stingray, an easy-to-use, fully automated phishing simulation tool that helps organizations harden their defenses against phishing attacks …

ERMProtect Expands Privacy Practice as Data Protection Concerns Rise

ERMProtect is pleased to announce the expansion of its Privacy Practice to help clients comply with an ever-changing regulatory landscape. The Privacy group will focus on developing, implementing and reviewing data protection practices at client …