Jon Long

Greater Atlanta Area United States

Director, Compliance Solutions

Accounting / Auditing

I believe that organizations should not have to spend time and resources proving to auditors that they are compliant year after year without knowing in advance whether they will pass or fail. We should be able to say with confidence; “We have a compliance program that is followed by everyone in our organization, and here’s the proof.” This is peace of mind. I believe that no single security standard is the perfect fit for every organization’s business, and compliance does not ensure security. The International Standards Organization (ISO) says that ISO 27001 is for general IT security, the AICPA says that SOC 2 is for specifically defined services, the Payment Card Industry sa...