Compliance

Are You Ready for the DOE Annual Audit? 6 Steps to Ensure Compliance

As the digital landscape evolves and transforms the way organizations run their operations, many experience unprecedented opportunities as well as new challenges. In recent years, universities and colleges have experienced a higher number of cyber-attacks and security breaches due to a lack of a proper security infrastructure to secure student information, including financial aid. For […]

Read More

[Webinar] A-LIGN Presents: Using HITRUST CSF v9 to Meet Your Compliance Requirements

A-LIGN, a global information security and cyber risk advisory, and compliance solutions provider, is committed to staying current on emerging regulations and changes in security frameworks. On September 19, A-LIGN Managing Consultant and HITRUST CCSFP, Blaise Wabo, will host a HITRUST webinar called Using HITRUST CSF v9 to Meet Your Compliance Requirements, to educate healthcare […]

Read More

FedRAMP: Understanding the Fundamentals (FAQ)

Any organization seeking to provide cloud products or solutions to a federal agency will need to go through a FedRAMP Readiness Assessment and then a full FedRAMP assessment to receive an Authorization to Operate (ATO) which ensures the security of its hosted information meets FedRAMP requirements. The Federal Risk and Authorization Management Program (FedRAMP) is […]

Read More

The Perfect Match: Benefits of Adding SOC for Cybersecurity to Your SOC 2 Audits

Security efforts continue to change as industries evolve introducing new procedures, processes, and tools. To mitigate these new challenges, governing bodies continue to release new standards and guides to help organizations validate specific controls. As the number of audit options increase, understanding the capabilities and functions are critical. It’s important to understand that each examination […]

Read More

Preparing for HITRUST CSF v9 Enhancements

Ahead of its late August/early September 2017 release, HITRUST has released details around HITRUST CSF v9. To address the evolving information security landscape to include new threat profiles and updates in standards, HITRUST has expanded its framework and enabled NIST Cybersecurity Certification. HITRUST removed 10 controls required for CSF v8.1 certification and added 19 controls […]

Read More

The Advantages of Accredited ISO 27001 Certifications

To protect the sensitive data within an information security management system (ISMS), organizations should consider the comprehensive information security standard, published by the International Organization for Standardization, ISO 27001. This audit is a standardized-industry approach used to define and validate the processes and controls of an ISMS. Before conducting the ISO 27001 audit, an organization […]

Read More

PCI DSS: Updated Penetration Testing Requirements – Frequently Asked Questions

pci-dss

Is your organization prepared for the upcoming PCI DSS requirement going into effect? To prepare your organization for this change, our team has assembled an FAQ to address any of your potential questions. Read now: What to Expect from PCI DSS 3.2 What is the new penetration testing requirement? Requirement 11.3.4.1 requires that organization perform […]

Read More

SOC 2 vs SOC for Cybersecurity: 3 Main Differences

Organizations want to ensure that the personal assets of potential and existing clients are protected. To do so, organizations can validate their controls through a variety of assessments, but choosing the right one for your organization’s specific needs can be a difficult process. Through the new SOC for Cybersecurity examination, organizations can now demonstrate the […]

Read More

SOC 2 vs. ISO 27001: Which is the Right Assessment for Your Organization?

Companies continue to struggle with the decision between selecting the SOC 2 examination or ISO 27001 certification.  Often customer contracts require either audit or competitors have one or the other.  Although these security standards serve a similar purpose, there are some key decision factors that may help your organization determine the appropriate assessment based on […]

Read More

AICPA’s New SOC for Cybersecurity Examination

As the data breach occurrences increase, organizations continue to struggle to demonstrate and maintain security of their data. To ensure that all appropriate measures are being taken, executives and senior management have begun requesting that their organizations demonstrate the effectiveness of their cybersecurity risk management programs through third party assessments In response to this challenge […]

Read More