Compliance

Five Steps in Your CMMC Compliance Checklist

Five Steps in Your CMMC Compliance Checklist

CMMC is coming in 2021. Take care of these five steps on your CMMC checklist to get ready.

Read More

Five Easy Steps to Get Started With Your SOC 2 Audit

SOC 2 Audit

A SOC 2 audit may seem intimidating, but companies can take steps to make the process smoother. We break down five key steps to start on SOC 2 compliance today.

Read More

Top Tips for Effective Audit Preparation

Top Tips for Effective Audit Preparation

For any organization that stores, interprets and manages sensitive data, complying with cybersecurity requirements is of utmost importance. The most comprehensive way to test the strength and effectiveness of these systems is through a compliance assessment.

Read More

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

The emergence of automated security and compliance solutions still leaves organizations with a problem: these point solutions are unable to provide independent third-party certification.

Read More

Set Reminders and Stay On Track with this PCI DSS Timeline

Set Reminders and Stay On Track with this PCI DSS Timeline

Many organizations struggle to keep up with the PCI compliance. We walk through three key areas and share a resource with over 57 requirements to check off and the related timeframes prescribed by the PCI DSS that you need to adhere to.

Read More

CMMC Expert Tony Bai on the DFARS Interim Rule, Rollout Timelines, Certification, and More

CMMC-Expert

With questions surfacing around CMMC and the changing regulatory landscape, Tony Bai, Federal Practice Lead at A-LIGN, offers his expert advice on a variety of federal compliance topics to help you understand what frameworks your organization should care about, how you can prepare and what is on the horizon for federal compliance.

Read More

How SOC 2 Automation Will Streamline Your Audit

SOC 2 Audit

Automation is fundamentally changing the way cybersecurity audits operate. Whether you are conducting your first audit or have been running them for years, it’s important to know what automation can and can’t do, and how it will help you through the compliance process. 

Read More

Benchmark Your Compliance Program Against Your Peers – Survey Now Open

Benchmark Your Compliance Program Against Your Peers

A-LIGN’s 2021 Compliance Benchmark Survey is now open! It’s designed for IT compliance and security professionals who want to compare their compliance programs against those of similar companies. We invite you to take the 10-minute survey today before it closes at the end of February.

Read More

What are the SOC 2 Trust Services Criteria?

SOC-2-Trust-Services

The SOC 2 audit process includes 5 categories of Trust Services Criteria: Security, Availability, Confidentiality, Processing Integrity, and Privacy. These categories each cover a set of internal controls related to different aspects of your information security program. 

Read More

What’s The Difference Between SOC 2 Type I and Type II?

What’s The Difference Between SOC 2 Type I and Type II?

The difference between a SOC 2 Type I audit and a SOC 2 Type II audit is how the controls are evaluated – at a single point in time, or over a period of time. This decision can be driven by budget, timing, resources available, and what customers are asking for. 

Read More