Compliance

5 Steps to ISO Certification

What are the steps to ISO certification? Our assessors have completed assessments against several International Organization for Standardization (ISO) standards, and can provide your organization on insights on the process for achieving ISO certification. Choosing the Appropriate ISO Certification Standard Organizations can comply with many different ISO certification standards, depending on the specific needs and […]

Read More

A-LIGN’s Commitment to Quality

Commit-to-quality

What does it mean to be committed to quality? Through our quality assurance process and team, and accreditations, A-LIGN ensures that your organization receives a quality report that meets the guidelines set by the relevant audit standard. Our reports satisfy third-party inquiries and exceeds customer expectations by upholding the highest standard of work.

Read More

SOC Reports: Type 1 vs Type 2 vs Readiness Assessment

Type-1-vs-Type-2-vs-Readiness-Assessment

Your client requested a SOC report, but what’s next? For organizations seeking a SOC 1, SOC 2, or ISAE 3402, there are two attestation options available: Type 1 and Type 2. Additionally, a readiness assessment can be performed to prepare your organization for the attestation.

Read More

Understanding Microsoft SSPA Attestation

Microsoft-sspa

About Microsoft SSPA Attestation The Microsoft Supplier Security and Privacy Assurance Program (SSPA), formerly known as the Vendor Privacy Assurance Program, is an initiative designed to standardize and strengthen how Microsoft’s customer, partner, and employee information is handled by Microsoft vendors worldwide. 

Read More

FFIEC Cybersecurity Assessment Tool: Frequently Asked Questions

FFIEC-image

What is the FFIEC Cybersecurity Assessment Tool? In response to the current cybersecurity landscape, the Federal Financial Institutions Examination Council (FFIEC) has developed the Cybersecurity Assessment Tool (Assessment).

Read More

The HITRUST Third Party Assurance Summit Recap

On February 20-21, A-LIGN sponsored and attended the 2018 HITRUST Third Party Assurance Summit in Chicago, Illinois. The summit focused on third-party risk management, providing information on best practices and effective third-party risk management strategies leveraging the HITRUST CSF Assurance Program. As third-party assurance remains a crucial component of an organization’s risk management program, it’s important […]

Read More

Updates to the AICPA’s SOC 2 Framework

SOC 2-Aicpa

The American Institute of Certified Public Accountants (AICPA) recognizes the growing demand for transparency and strengthened controls within multifaceted risk environments. The SOC 2 framework continues to improve the security measures that should be implemented to protect organizations against emerging threats.

Read More

SECURETexas Certification – Is It Right for Your Organization?

SecureTexas

SECURETexas was created per Texas House Bill 300 in 2011 to help covered entities in Texas demonstrate that they have met privacy and security standards to reduce regulatory penalties, mitigate risk, and increase business partner and consumer confidence in the protection of protected health information (PHI).

Read More

A-LIGN Completes SOC 2 Type 2 Audit for A-SCEND

SOC 2-keyboard

A-LIGN, a global cybersecurity, cyber risk and privacy, and compliance firm has announced the successful completion of the Service Organization Control (SOC) 2 Type 2 audit for its GRC software, A-SCEND.

Read More

HITRUST CSFBASICs: A New Framework Designed for Smaller Healthcare Organizations

HITRUST-CSF-Basics

As the data breach landscape in the healthcare industry evolves, so do organizations and their compliance with regulatory requirements. Doing ‘nothing’ to protect healthcare data is no longer an acceptable approach for small healthcare entities.

Read More