Compliance

How to Determine a Quality Audit Report

By: Sara McLane, Senior Auditor at A-LIGN Service auditor reports are a great way for any service organization to showcase its compliance, to retain customers and to gain a competitive advantage. But how do you really know that your organization has just obtained a quality audit report? And why does quality matter as long as […]

Read More

4 Tips on How to Select a Quality Outsourced Vendor

By: Lori Crooks, Managing Consultant at A-LIGN As the popularity of outsourcing parts of information technology functions continue to grow, one common concern still remains: How do you know that you are partnering with a quality vendor? Below are a few tips that we have learned from our experience, in auditing third party companies, that […]

Read More

CSA Integrates Cloud Controls Matrix with SOC 2 Reports for Cloud Providers

By: Peter Clarke, Senior Consultant at A-LIGN The AICPA recently released an Illustrative Type 2 SOC 2 Report to assist auditors in reporting on the suitability of design and operating effectiveness on cloud security providers. The Cloud Security Alliance (CSA) Cloud Control Matrix (CCM) builds upon the AICPA’s Trust Services Principles (TSP) as the attest […]

Read More

5 Steps to Succeed in Your Next Compliance Audit

By: Jay Anthony, President of Audit Liaison, PA Your organization has determined that there is a need for a compliance audit. But you have so many questions or don’t know where to start? A-LIGN has asked us to put together a short guide to help you decide the correct course of action and the steps […]

Read More

A-LIGN Continues to Assist Clients in the Title Insurance and Settlement Services Industry

By: Neil Gonsalves, Director of Assurance and Compliance Services at A-LIGN Director of Assurance and Compliance Services Director of Assurance and Compliance Services We performed one of the very first SSAE 16 examinations for a Top 10 Land Title Underwriter in the U.S. and continue to work with Title Agencies to help them with their […]

Read More

7 New COSO Updates that Impact Your SSAE 16 Report

By: Scott Price, Managing Partner of A-LIGN The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released an updated version of its “Internal Control – Integrated Framework” in May, 2013. The changes are a progressive move to align its framework with today’s business operating environment, much like the change from SAS 70 to SOC 1/SSAE […]

Read More

Trust Services Principles Update and Impact on SOC 2

By: Sara McLane, Senior Auditor at A-LIGN In February of 2014, the AICPA released the new Trust Services Principles and Criteria (TSP) for Security, Availability, Processing Integrity, Confidentiality, and Privacy. The updated TSP will have a positive effect on our clients and other organizations obtaining a SOC 2 report by increasing the clarity for readers […]

Read More

Accredited vs Unaccredited ISO 27001 Certification – Does it Matter?

By: Gene Geiger, Partner of A-LIGN Security and Compliance Services ISO 27001, published by the International Organization for Standardization, is a comprehensive information security standard that defines processes and controls that should be in place for the information security management system (“ISMS”) to protect the sensitive data and technology in your environment. Once these processes and […]

Read More

Updating the SOC 1 System Description

By: Sue Wells, Senior Consultant at A-LIGN In preparation for a SOC 1 audit, a service organization’s management is required to provide a system description per the SSAE 16 auditing standards. Until recently, little guidance had been provided to assist service organization management in preparing the system description. In January 2014, the AICPA’s Information Management […]

Read More

A 3-Step Guide for Dealing with Consumer Complaints in the Collections Industry

By: Neil Gonsalves, Director One of the ongoing issues for the ARM and collections industry is the ever-present complaint process. Our clients ask themselves: Are we handling our complaints appropriately? Are the complaints legitimate? How do we resolve complaints? What are we really responsible for? Little overwhelming? Here at A-LIGN, we want our clients to […]

Read More