Cyber Risk and Privacy

A-LIGN Delivers Industry’s Most Comprehensive Ransomware Preparedness Assessment Service

New offering identifies gaps in cybersecurity posture, helps organizations prepare for future events

Read More

ISO 27701 and GDPR Compliance: What You Need to Know

ISO 27702 and GDPR compliance

Can ISO 27701 guarantee GDPR compliance?  ISO 27701 can well position any organisation for future GDPR compliance.  While one is a management system and the other is a technically a legal framework, ISO 27701 helps to create a path on your journey to GDPR.

Read More

Privacy Shield, GDPR and the New Standard Contractual Clauses: What You Need to Know

Privacy Shield, GDPR

The ruling that the EU-U.S. Privacy Shield is no longer a valid data transfer mechanism under GDPR accelerated the timeframe for new SCCs, but there’s still work to be done. Here’s what you need to know to stay compliant. 

Read More

How HITRUST Certification Can Satisfy Your SOC 2,
ISO 27001, and FedRAMP Requirements 

How HITRUST Certification Can Satisfy Your SOC 2, ISO 27001, and FedRAMP Requirements 

The HITRUST CSF pulls from many major pre-existing frameworks to provide a complete, certifiable security standard.  Learn about the many different cybersecurity frameworks that can be incorporated into your organization’s HITRUST assessment to help streamline your approach to compliance.  

Read More

What is Zero Trust?

Zero Trust

There is no one-size-fits-all solution for security so the best way to lessen the threat surface is to implement a zero trust architecture.  To determine if pursuing a zero trust architecture is the right move for your organization, you need to understand its purpose, benefits and challenges. 

Read More

Survey Says: Compliance Programs Largely Immune to the Pandemic

Survey Says: Compliance Programs Largely Immune to the Pandemic

The business and compliance landscape seems to constantly evolve. Between new cybersecurity threats and the increasing use of a distributed workforce, it’s hard for organizations to ensure they’re staying on top of compliance requirements. And the COVID-19 pandemic made this more challenging. At least that’s what we thought. 

Read More

CPRA vs. CCPA: What’s the Difference? 6 Key Changes to Understand

CPRA-vs-CCPA

Less than one year after the CCPA took effect, California passed another consumer privacy law: the CPRA. Here are six changes to help you understand the differences between CPRA vs. CCPA. 

Read More

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

The emergence of automated security and compliance solutions still leaves organizations with a problem: these point solutions are unable to provide independent third-party certification.

Read More

Three Best Practices to Prevent a Supply Chain Attack at Your Organization

Three Best Practices to Prevent a Supply Chain Attack at Your Organization

The SolarWinds supply chain attack rocked governments and businesses alike in late 2020. Help keep your organization safe with these three key steps.

Read More

Go Beyond the Privacy Policy

Go Beyond the Privacy Policy

Each year, Data Privacy Day is an opportunity for organizations of all sizes to think about their privacy posture.

Read More