Compliance

What is SOC 2? 8 Common SOC 2 Questions Answered

8 Common SOC 2 Questions  If you are new to a SOC 2 audit, you must be wondering what information will be audited, what employees are involved in the audit, and what is included in the overall audit process. Considering the complexity of undergoing a SOC 2 audit, we have provided answers to eight common […]

Read More

How do the HITRUST Assurance Advisories Affect Your Program?

How do the HITRUST Assurance Advisories Affect Your Program?

Three new HITRUST Assurance Advisories were released in June, ahead of the CSF v9.5 update.  Learn how the Assurance Advisories will impact the program stakeholders, affect scope and timing, and have an impact on your current and future HITRUST assessment.  

Read More

After Thousands of Audits; the Truth About the So-Called “14-Day SOC 2”

After Thousands of Audits; the Truth About the So-Called “14-Day SOC 2”

A SOC 2 in 14 days? We’ve completed thousands of them and we can say with authority that this is misleading. As auditors, we believe in accuracy, so we wanted to share what it really takes to complete a SOC 2 and how to get it done as quickly as possible. 

Read More

What Is StateRAMP and How Does It Relate to FedRAMP?

How Does It Relate to FedRAMP?

StateRAMP provides a comprehensive security framework designed to improve cloud security for state and local governments. Learn the ins and outs of the StateRAMP compliance framework, its relationship with FedRAMP and how StateRAMP could impact your business. 

Read More

How HITRUST Certification Can Satisfy Your SOC 2,
ISO 27001, and FedRAMP Requirements 

How HITRUST Certification Can Satisfy Your SOC 2, ISO 27001, and FedRAMP Requirements 

The HITRUST CSF pulls from many major pre-existing frameworks to provide a complete, certifiable security standard.  Learn about the many different cybersecurity frameworks that can be incorporated into your organization’s HITRUST assessment to help streamline your approach to compliance.  

Read More

5 Reasons Why You Need SOC 2 Compliance

Why You Need SOC 2 Compliance

Many organizations outsource their business operations and services to third-party vendors, possibly putting client data at risk. Therefore, organizations request that their vendors achieve SOC 2 compliance to demonstrate IT security standards. Let’s review additional reasons you need SOC 2 compliance now.

Read More

The Do’s and Don’ts of Getting Started with HITRUST

HITRUST

A-LIGN created a list of the do’s and don’ts to better prepare you for the HITRUST assessment. 

Read More

What is FedRAMP and Why Does My Organization Need It?

What is FedRAMP and Why Does My Organization Need It?

It’s a common practice to shorten long and complicated organizational names to more digestible acronyms. However, navigating these acronyms and the programs behind them can sometimes feel like sifting through alphabet soup.  That’s why I’m here to help decode one of the most-well known federal programs: the Federal Risk and Authorization Management Program—otherwise known as FedRAMP.  

Read More

Arti Lalwani Honored with Women Leaders in Technology Award

Arti-Lalwani-Women-Leadership

Did you know Consulting Magazine created an award in 2020 that honors women working in consulting leadership positions?  I am excited and proud to announce that A-LIGN’s very own Arti Lalwani, Associate Director of ISO Markets and Accreditation, was one of the amazing leaders who earned the Consulting Women Leadership in Technology 2021 award!

Read More

How to Share Your Cybersecurity Assessment with Your Professional Community

Cybersecurity Assessment with Your Professional Community

A-LIGN’s SVP of Marketing, Brian Gladstein, has been sharing ideas and best practices for getting the word out about your cybersecurity assessment. As the final post in this series, Brian discusses sharing your cybersecurity assessment with your professional community and how to promote your commitment to their security.

Read More