What Does Your Supply Chain Look Like?

soc for supply chain

With the severity of COVID-19’s impact around the world, there has been a marked increase in the need for critical resources and supplies. Unfortunately, not all suppliers were prepared for such a spike in demand.

Read More

SOC 2 Examinations for Colocation Service Providers

soc-2-examinations-colocation-providers

The framework and criteria for a SOC 2 examination are flexible and can be applied to many entities, including service organizations who work with an entity to provide a particular type of services (e.g. data backup services, cloud hosting services, managed IT services, incident management services, change management services, network security services, etc.).

Read More

SOC 1 or SOC 2: Which Is Right for My MSP?

SOC 1 or SOC 2: Which Is Right for My MSP?

Managed service providers (MSPs) provide a valuable service by enabling companies of all sizes to outsource their key information technology processes. Many of those companies who look to engage an MSP ask whether a SOC 1 or SOC 2 Examination has been completed to assess the MSP’s security posture.

Read More

SOC 2 for Startups: Boosting Your Startup with SOC 2

SOC 2 for startups may seem like a difficult endeavor given the moving parts involved in launching and maintaining a successful startup. From funding to revenue, it can be easy to neglect compliance examinations like a SOC 2 Examination – or delay completing one until a future date.

Read More

The SOC 1 Examination Process

Do you understand the SOC 1 examination process? Our assessors take you from scoping through report delivery to understand all of the steps needed to complete an examination.

Read More

Everything You Need to Know About Bridge Letters

Bridge letters are an important element of SOC 1 and SOC 2 examinations that you may not be aware of and can help provide your clients with additional confidence regarding the effectiveness of your organization’s controls environment at no additional cost or time.

Read More

Why You Should Conduct a SOC for Cybersecurity Examination to Manage Your Organization’s Cyber Risk

SOC for Cybersecurity Examination Blog A-LIGN

In response to the increase in cyber threats, the American Institute of CPAs (AICPA) issued the Cybersecurity Risk Management Reporting Framework, also known as System and Organization Controls (SOC) for Cybersecurity, a flexible and voluntary framework for organizations in any industry to take a proactive approach to cybersecurity risk management.

Read More

Cloud Security for CSPs: It’s Up to You AND Your Clients

Cloud Security for CSP Blog A-LIGN

How can you as a Cloud Service Provider (CSP) improve the security your clients are demanding of you? 

Read More

SOC Reports: Type 1 vs Type 2 vs Readiness Assessment

Type-1-vs-Type-2-vs-Readiness-Assessment

Your client requested a SOC report, but what’s next? For organizations seeking a SOC 1, SOC 2, or ISAE 3402, there are two attestation options available: Type 1 and Type 2. Additionally, a readiness assessment can be performed to prepare your organization for the attestation.

Read More

Understanding Microsoft SSPA Attestation

Microsoft-sspa

About Microsoft SSPA Attestation The Microsoft Supplier Security and Privacy Assurance Program (SSPA), formerly known as the Vendor Privacy Assurance Program, is an initiative designed to standardize and strengthen how Microsoft’s customer, partner, and employee information is handled by Microsoft vendors worldwide. 

Read More