Jerry Hughes

Jerry Hughes

Jerry Hughes, a founding member of Compass IT Compliance, LLC, has over 35 years of experience helping companies become compliant with internal, industry and government regulations such as PCI-DSS, Sarbanes-Oxley, HIPAA, and GLBA. Mr. Hughes, a Certified Information Systems Auditor (CISA), Qualified Security Assessor (QSA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), and Certified Data Privacy Solutions Engineer (CDPSE) has extensive IT auditing experience, especially within the financial industry and the retail sector. He carries an undergraduate degree in Applied Mathematics for Engineers and a minor in Computer Science from the University of Rhode Island. Mr. Hughes has helped develop Compass IT Compliance, LLC into one of the nation's premier consulting firms in the areas of IT governance, assurance, security, and compliance services.

Posts by Jerry Hughes

Your SOC 2 Audit Is Complete – What Comes Next?

by Jerry Hughes on December 11, 2024 at 1:00 PM

SOC 2 Audit Completed

Congratulations on achieving SOC 2 compliance! At Compass, we understand the effort it takes to meet the rigorous Trust Services Criteria and successfully navigate the audit process. Securing your SOC 2 attestation is a significant milestone, demonstrating your organization’s commitme …

Read Story

Topics: Vendor Management Compliance SOC 2

What Is a SOC 1 Audit? A Guide to the Report

by Jerry Hughes on December 5, 2024 at 4:18 PM

SOC 1 Reports

When it comes to demonstrating trust and reliability to clients, few tools are as powerful as a SOC 1 report. These reports play a pivotal role in showcasing an organization’s commitment to safeguarding financial data and maintaining robust internal controls.

Read Story

Topics: Vendor Management Compliance SOC 1

The Importance of SOC 1 Reports in 401(k) Audits

by Jerry Hughes on November 22, 2024 at 12:00 PM

SOC 1 Report 401(k)

401(k) plan administrators manage crucial financial transactions, including contributions, distributions, loans, and account reconciliations. Errors or fraud in these activities can have significant financial implications for plan sponsors (employers) and participants (employees). A S …

Read Story

Topics: Compliance Finance SOC 1

Year-End Audit Crunch: Preparing for SOC 2 When Everyone Else Is

by Jerry Hughes on November 13, 2024 at 4:46 PM

SOC 2 End of Year

As the calendar edges toward year-end, companies everywhere ramp up their efforts to complete their SOC 2 compliance audits. This time of year often brings a rush to get SOC 2 attestation ready, and for those with ambitious end-of-year goals, timing and preparedness become critical. W …

Read Story

Topics: Compliance SOC 2

What Happens if You “Fail” a SOC 2 Examination?

by Jerry Hughes on October 25, 2024 at 9:43 AM

SOC 2 Failure

We understand that the SOC 2 audit process is a complex and vital step for businesses looking to demonstrate their commitment to data security, privacy, and trust. But what happens if you “fail” a SOC 2 examination? What does failure even mean in this context?

Read Story

Topics: Compliance SOC 2

What Is a SOC 2 Bridge Letter?

by Jerry Hughes on October 22, 2024 at 2:45 PM

SOC 2 Bridge Letter

In today’s business environment, trust and transparency are components of building lasting relationships with clients and stakeholders. As organizations turn to third-party vendors and service providers, demonstrating compliance with industry standards has never been more crucial. One …

Read Story

Topics: Compliance SOC 2
1 2 3 4 5

See all

See all

Subscribe by email