Anurag-Sharma_Web

Anurag Sharma

CISA, CISSP Partner, Market Leader, Risk Advisory and Assurance Services
Contact Anurag
(609) 945 7985 Princeton, NJ – Corporate Headquarters

Get to Know Me

Anurag Sharma is a Partner at Withum with over 19 years of experience and is the Market Leader of Withum’s Risk Advisory and Assurance Services practice.

His areas of expertise include Cybersecurity Assessments (NIST Cybersecurity Framework), SOC Suite of Services (SOC 1, SOC 2 and SOC for Cybersecurity), Corporate Governance, Sarbanes-Oxley Section 404 compliance, and ISO/IEC 27001 Consulting.

Anurag helps lead the Firm’s System and Organization Controls (SOC) practice based out of the Princeton, NJ office. He is a regular speaker on Cybersecurity and SOC-related topics at many State CPA Societies, including NJCPA, PICPA, CTCPA, FICPA, the AICPA and other organizations.

Anurag has authored many articles dealing with Cybersecurity challenges faced by small and medium businesses (SMB) and has been frequently quoted in NJBIZ, Boston Business Journal and PEI Private Fund Management Magazine. He is also designated as a SOC 1, SOC 2 and SOC for Cybersecurity specialist by the Oversight Task Force of the AICPA Peer Review Board.

Industry Expertise

Government Healthcare Real Estate Technology and Emerging Growth Services

Service Expertise

Advisory Risk Advisory and Assurance Services Cybersecurity Consulting Services Contract Compliance Services Internal Audit and Process Control Improvement Services Sarbanes Oxley (SOX) Compliance Systems and Organization Controls (SOC) Audit Services SOC for Cybersecurity Audit Report Services

Learn More About My Story

Learn more about my professional experience and how I spend my time outside the firm.

Education:

  • MBA, Symbiosis Center for Management & Human Resource Development

Professional Affiliations:

  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified, Risk and Information Systems Controls (CRISC)
  • Member, Information Systems Audit and Control Association (ISACA)
  • Member, International Information systems Security Certification Consortium (ISC)2.

Authored Insights

View More Insights
Read more
social-intranet.jpgwidth250ampnamesocial-intranet
What is SOC 1 Certification?

Share What is a SOC 1 Certification? Unlike ISO 27001, SOC1 is not a certification but is a type of audit report issued by a Certified Public Accounting (CPA). SOC (System and Organization Controls) audits are Internal Control Audit engagements that are performed for Service Organizations (organizations that provide certain functions for other entities on…

Read more
SOC Audit Services
Is SSAE 18 the same as SOC 1?

Share What is the Difference Between SSAE 18 and Soc 1? Is there a difference? How do these two compare? SSAE 18 is the auditing standard applicable for both SOC 1 and SOC 2 reports. SOC (System and Organization Controls) audits are Internal Control Audit engagements that are performed for Service Organizations (organizations that provide…

Read more
What is a SOC Report?
SOC for Cybersecurity FAQs

Share As you may have heard, the AICPA’s Assurance Services Executive Committee (ASEC) released the Guide – Reporting on an Entity’s Cybersecurity Risk Management Program and Controls on May 1, 2017. Since this is a relatively new type of SOC audit, we thought we’d provide some clarity into the frequently asked questions we get around…