We are assessment professionals. We are IT professionals. We are Auditwerx.
Auditwerx is headquartered in Tampa, Florida. We have served clients throughout the U.S. and internationally since 2005, providing over 2,500 security compliance reports. As a division of Carr, Riggs & Ingram Capital, LLC (CRI), a top 25 accounting and advisory firm, our clients receive the resources, skills and experience of a much larger firm, but with the accessibility and attention of a smaller, niche, boutique firm.
By proceeding, you are agreeing to the terms and conditions in the Auditwerx Privacy Policy.
From start-ups to larger established organizations, we partner with clients of all sizes in a variety of industries, including:
Auditwerx is dedicated to offering the highest quality compliance reporting services. Our team is dedicated to exceeding your expectations with our policy of mutual respect and transparency.
Partnering with our team means that your company’s compliance initiatives are in experienced hands. Our team of assessors and cybersecurity advisors consists of highly specialized professionals, including Certified Information Systems Security Professionals (CISSPs) and Certified Information Systems Auditors (CISAs).
We can deliver the technical IT and assessment skills needed to clearly relay technical information to both the IT department and management. We are a true partner to our clients, building productive, long-term relationships that you can count on for years to come.
STACY MARTIN
PARTNER IN CHARGE, CHIEF EXECUTIVE OFFICER
Stacy has over 19 years of professional assessment experience in both financial reporting and internal control attestation services of companies in various industries including software and technology, healthcare, employee benefit administration, manufacturing, and various service industries. Stacy has extensive experience in the design of operational control environments and assessing the effectiveness of internal controls in various operating environments, and in performing privacy assessments. She has been involved with over 1,000 SOC* engagements with Auditwerx and is certified in applying the 2013 COSO Internal Control – Integrated Framework and has the Advanced SOC for Service Organizations Certificate.
For the past 8 years, she has focused on the growth of Auditwerx and adding security compliance services for our clients.
BRIDGET BOSWELL
PARTNER
Bridget has more than 20 years of professional assessment experience in both financial reporting and internal control assessments. Her industry expertise includes the software and technology, construction, manufacturing & distribution, service, and not-for-profit sectors.
For the past 6 years, Bridget has specialized in SOC 1®* and SOC 2®* engagements for service organizations, assessing operational control environments and evaluating the effectiveness of internal controls. She has extensive experience with assessing employee benefits administration clients.
In addition, Bridget has performed multiple HIPAA assessments and various other attestation engagements to meet her clients needs.
Michael Hammond
PARTNER
Michael brings over 30 years of experience in the public and private sectors to work for our clients. In a previous position, Michael was a Partner and Risk Advisory & Compliance Services Practice Leader. He was responsible for leading internal assessment services focused on financial, operational, and performance assessment services, process improvement, risk management and controls evaluation.
As a Partner at Auditwerx, Michael will focus on client experience regarding our SOC* services. With his extensive assessment experience, Michael will be an asset when it comes to supporting our team’s growth and continuing education.
Our virtual assessment process combines minimal hardware, collaborative software, and cameras to allow us to perform all or part of our assessment engagement virtually and in real time. This is neither a “remote assessment” nor a “desk review,” both of which often involve electronic file transfers and little interaction with management. Instead, the virtual assessment includes dialogue with process owners virtually, captures and shares information electronically, and integrates technology seamlessly. We also offer the possibility of performing a hybrid assessment, whereby we reduce our on-site presence by supplementing it with virtual resources.
Our goal is to provide you with the same high-quality assessment services through more focused planning, with reduced distraction, and at a more cost-effective price point. Our virtual assessment process provides you with more access to our specialists involved in your assessment – regardless of your location.
Auditwerx utilizes a web-based, third-party, Engagement Management Platform (EMP). This solution acts as a secure portal that provides project completion and deadline driven status of the requests needed to complete the testing. This tool provides great clarity to clients in where the process is and what items are outstanding. The portal is inter-active and provides a messaging center and restriction of access to specific requests to authorized users.
This intuitive solution standardizes the information collection process, enhances client experiences while securely exchanging the necessary information and automatically managing workflow. Our proven process increases efficiencies, in a secure platform that enhances the client experience.
You’ve put it off, you’ve ignored it, you’ve just been busy… whatever the case, PCI Version 4.0.1 new requirements are a reality as of April 1, 2025. Let’s dive into each new requirement.
The Department of Defense (DoD) has announced the final rule for Cybersecurity Maturity Model Certification (CMMC) 2.0, and contractors will be expected to meet these standards in 2025.
On October 15, 2024, the U.S. Department of Defense (DoD) published the final Cybersecurity Maturity Model Certification (CMMC) program rule in the Federal Register.
