Compliance

Take An In-Depth Look at the SOC 2 Examination Process

Understanding the purpose and examination process of a SOC 2 audit can be confusing for first-time users and experienced customers alike. A simple Google search can give you the basics of a SOC 2 audit, but that generalized knowledge is only the beginning. A-LIGN has taken numerous looks at what a SOC 2 is, what […]

Read More

HITRUST Changes PRISMA Weights and Scoring Rubric

On September 3, 2019 HITRUST announced that they will be updating the HITRUST PRISMA Weights (HAA 2019-007) and the Scoring Rubrics (HAA 2019-009). These new guidelines will go into effect for any HITRUST certifications submitted and accepted on December 31, 2019 or later.

Read More

Which Compliance Audit is Right for Me?

How to choose the best compliance audit

When it comes to compliance audits, one should never follow the “one-size-fits-all” mentality. The type of audit you need often depends on your organization’s industry, specific client requests or type of data stored. With this in mind, we’ve broken down the basics of our top compliance audits in an effort to help you identify the […]

Read More

SOC 1 or SOC 2: Which Is Right for My MSP?

SOC 1 or SOC 2: Which Is Right for My MSP?

Managed service providers (MSPs) provide a valuable service by enabling companies of all sizes to outsource their key information technology processes. Many of those companies who look to engage an MSP ask whether a SOC 1 or SOC 2 Examination has been completed to assess the MSP’s security posture.

Read More

Top Tips for Effective Audit Preparation

Top Tips for Effective Audit Preparation

For any organization that stores, interprets and manages sensitive data, complying with cybersecurity requirements is of utmost importance. The most comprehensive way to test the strength and effectiveness of these systems is through a compliance assessment. Beginning this process, however, is no easy feat.

Read More

ISO 27701: ISO Meets the GDPR

ISO 27701: ISO MEETS THE GDPR

What is ISO 27701? The ISO/IEC 27701:2019 standard was published on August 6, 2019, and provides the requirements and guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) as an extension of ISO/IEC 27001:2013 and ISO/IEC 27002:2013. This extension replaces the development standard ISO 27552.

Read More

SOC 2 for Startups: Boosting Your Startup with SOC 2

SOC 2 for startups may seem like a difficult endeavor given the moving parts involved in launching and maintaining a successful startup. From funding to revenue, it can be easy to neglect compliance examinations like a SOC 2 Examination – or delay completing one until a future date.

Read More

Blockchain: Increasing Security In Telehealth (Electronic Health Reporter)

While telehealth allows doctors and patients to speak using virtual connections in place of face-to-face visits, the use of the technology raises concerns over data collection. Blaise Wabo, Associate Director at A-LIGN, says blockchain combined with a robust security plan can help healthcare providers mitigate risks in Electronic Health Reporter.

Read More

A-LIGN Becomes an ISO 22301 Accredited Certification Body

A-LIGN ISO 22301 Accreditation Certified Body

TAMPA, Fla. ­– July 23, 2019 – A-LIGN, a global cybersecurity and privacy solutions provider that specializes in providing high-quality and innovative cybersecurity solutions for organizations to  demonstrate trust and respect to their stakeholders, received its ISO 22301 accreditation from the ANSI-ASQ National Accreditation Board (ANAB) on June 6, 2019.

Read More

Protecting the Nation: How to Achieve Federal Compliance

FedRAMP, FISMA and NIST Federal Compliance A-LIGN

Federal assessments like FedRAMP, FISMA and NIST 800-171 help mitigate the risk of data breaches to important federal government agencies and departments, making them mandatory assessments used for federal security standards.

Read More