ISSA Monthly Meetings

Monthly Meeting - August 27, 2018


SOC for Cybersecurity and Evolving SOC 2 Reporting

Download the Slide Deck Here

Presenters: Phil Nemmers & Robb Ullrich



Ernst & Young LLC will be presenting on the Service Organization Control report process. 


Phil Nemmers, Partner Cybersecurity

Phil is a Partner in the Cybersecurity practice with over 30 years of experience supporting clients across various sectors including financial services, health care, telecommunications, retail, consumer products, and aerospace and defense.

Phil is responsible for overseeing EYs compliance and regulatory-related activities
impacted by cybersecurity risk; including:

  • The growing impact of cyber risks on external audits, internal audit activities, and
    third-party attestation activities
  • EY’s outreach activities with various federal regulators across key sectors and
    the legislative branch.

Phil is a Certified Public Accountant, a Certified Information Systems Auditor, and a
Certified Information Technology Professional

Robb Ullrich, Manager
FSO Advisory Services

Robb Ullrich is a Manager in the Financial Services Office - Advisory Services practice of Ernst & Young LLP. He has over eight years of experience in providing IT assurance, service organization control (SOC)
reporting, and advisory services to a broad range of large and middle-market and privately held clients in primarily the insurance, financial services, technology, and healthcare industries.

He has coordinated numerous projects relating to SOC reporting (including both pre-assessment and attestation), cyber security, and IT risk management and assurance, where he has worked with clients to develop effective means to assess, control, monitor, and measure current and emerging IT and cyber risks. Robb has experience in managing large internal control-related projects and currently serves as the engagement
manager on 18 annual SOC 1 and SOC 2 examinations, which focus extensively on the assessment and testing of application controls, IT general computer controls, and alignment with cyber security frameworks. A majority of his clients operate using both mainframe and distributed systems.


Holmes Murphy & Associates 
2727 Grand Prairie Pkwy 
Waukee, IA 50263

We will meet at the new Holmes Murphy building on Grand Prairie Parkway in Waukee.  Please check in at the security desk at the front entrence and follow the signs to the auditorium. 

If you can't physically attend, you can use our webcast. Below is the information for connecting.

Monthly ISSA Chapter Meeting

Please join my meeting from your computer, tablet or smartphone. can also dial in using your phone. United States +1 (872) 240-3412 Access Code: 247-310-853