Photo of Josh Deitch
Josh Deitch
Principal
CISA, HITRUST CCSFP
joshua.deitch@mossadams.com
(503) 478-2154
My Profile

Industry Expertise

Financial Services Health Care Technology Transportation & Logistics

Practice Focus

Cybersecurity IT Compliance Process & Internal Controls Risk & IT Compliance SOC Examinations

Biography

Josh has practiced public accounting since 2008. He has over ten years of experience with System and Organization Controls (SOC) and HITRUST readiness assessments and audits, business process and IT consulting, compliance audits, attestation examinations, and internal controls evaluations.

Josh serves clients across a variety of industries, such as technology, health care, transportation and logistics, telecommunications, and financial services. He also serves various business structures, including publicly traded entities, private businesses, third-party administrators, and government agencies. Josh performs oversight of audit and assessment teams, IT and business process controls evaluation, and quality assurance reviews of reports.

Josh is an active member in the firm’s Technology Communications & Life Sciences and Health Care groups, and regularly provides educational training and insights on SOC 1-2-3, HITRUST, and privacy topics. He helps companies understand the scope of their business needs so they can navigate the complexities of IT compliance, regulations, standards, and frameworks.

External Publications

  • Reduce Risk and Due Diligence Effort With a SOC for Supply Chain Examination (Portland Business Journal, August 2020)

Selected Speaking Engagements

  • SOC 2 Criteria (Security, Availability, Confidentiality, Privacy and Processing Integrity)
    (YouTube, June 2021)
  • How to Select the SOC Audit That is Right for You
    (YouTube, June 2021)
  • SOC for Supply Chain
    (YouTube, June 2021)
  • SOC for Cybersecurity
    (Portland IIA & ISACA Chapter, November 2017)

Professional Affiliations

  • Member, Information Systems Audit and Control Association

Education

  • BBA, accounting, Harding University

Insights from Josh Deitch

Article
How to Address Data Risk in Transportation Subservice Organizations
Prevent risks from valuable transactional data and other proprietary information transportation subservice organizations require.
Article
Webcast
SOC 2 Criteria and Examination Process
Explore how SOC 2 examinations emphasize system reliability by measuring the effectiveness of internal controls.
Webcast
Webcast
How to Select the Right SOC Report for Your Organization
Learn about the differences between each SOC report, their use cases, and how to determine which one is right for you.
Webcast

Baker Tilly US, LLP, Baker Tilly Advisory Group, LP and Moss Adams LLP and their affiliated entities operate under an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable laws, regulations and professional standards. Baker Tilly Advisory Group, LP and its subsidiaries, and Baker Tilly US, LLP and its affiliated entities, trading as Baker Tilly, are members of the global network of Baker Tilly International Ltd., the members of which are separate and independent legal entities. Baker Tilly US, LLP and Moss Adams LLP are licensed CPA firms that provide assurance services to their clients. Baker Tilly Advisory Group, LP and its subsidiary entities provide tax and consulting services to their clients and are not licensed CPA firms. ISO certification services offered through Moss Adams Certifications LLC. Investment advisory offered through either Moss Adams Wealth Advisors LLC or Baker Tilly Wealth Management, LLC.