Cyber Risk and Privacy

01.28.2021

Go Beyond the Privacy Policy

Go Beyond the Privacy Policy

Each year, Data Privacy Day is an opportunity for organizations of all sizes to think about their privacy posture.

Read More

12.22.2020

AWS Audit Manager: Accelerating the Audit Lifecycle

AWS-Audit-Manager-blog

Earlier this month, Amazon Web Services (AWS) announced a new offering: AWS Audit Manager. This product was built to simplify the risk and compliance process for AWS customers – which is a big deal these days as cybersecurity audits take up more and more time from CISOs and IT Security teams.

Read More

12.14.2020

4 Miscellaneous HITRUST Regulatory Factors to Consider

4 Miscellaneous HITRUST Regulatory Factors to Consider

Over the last few blogs, we have provided a comprehensive overview of the HITRUST landscape, from the authoritative sources at its core, to the optional regulations, or regulatory factors, that are commonly added on to a HITRUST assessment for industry-specific purposes.  

Read More

12.08.2020

How European Companies Can Accelerate International Expansion with SOC 2 Compliance

WS EMEA Accelerate Expansion SOC2

The United States represents an attractive market for many European companies, but international expansion can be fraught with risk because of a completely different regulatory landscape. 

Read More

09.15.2020

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

The A-LIGN Advantage: Unify Your Audit Experience with a Single-Provider Approach

“Don’t swap horses in the middle of the stream.” – Abraham Lincoln The emergence of automated security and compliance solutions still leaves organizations with a problem: these point solutions are unable to provide independent third-party certification.

Read More

08.13.2020

Privacy Shield and the GDPR: Inadequate Protection for Cross-border Data Transfers

Privacy Shield and the GDPR

On July 16, 2020, the Court of Justice of the European Union (CJEU) issued a landmark judgement that Privacy Shield is “invalid” because it does not provide “adequate protection” under Article 45 of the General Data Protection Regulation (GDPR) for transfers of personal data of individuals located in the European Union to the United States.

Read More

07.20.2020

ISO 27701 Streamlines Data Privacy, Incorporates GDPR and CCPA concepts into Certifiable Standard

ISO 27701 Streamlines Data Privacy A-LIGN GDPR CCPA

Let A-LIGN guide your journey from Information Security Management System (ISMS) to Privacy Information Management System (PIMS)

Read More

06.04.2020

Myth-Busting
Strategic Compliance:
Fact and Fiction

myth-busting-strategic-compliance

The most profound change that IT leaders need to make in their approach to strategic compliance is to their own mind. There are many self-imposed limiting beliefs that must be overcome.

Read More

05.19.2020

Transforming Compliance to Enable Digital Transformation

transforming-compliance-digital-transformation

Business has been transformed from the PC and corporate networks to mobile devices and cloud computing. Digital transformation is readily available to every organization but requires cybersecurity and compliance.

Read More

05.07.2020

The Apex of Strategic Compliance

apex-of-strategic-compliance

There is no denying that we have entered a new zeitgeist with strategic compliance. Organizations have been thrust into thinking about how to securely enable the productivity of a remote workforce.

Read More