The New Normal:
Fully-enabled Remote Audits

The new normal is anything but normal, but before we join in the chorus of “uncertain times” let’s take a moment to reflect on how standards organizations have responded to COVID-19 to enable remote audits so that organizations can continue to demonstrate trust. Continue reading “The New Normal:
Fully-enabled Remote Audits”

Which Compliance Audit is Right for Me?

When it comes to compliance audits, one should never follow the “one-size-fits-all” mentality. The type of audit you need often depends on your organization’s industry, specific client requests or type of data stored. Continue reading “Which Compliance Audit is Right for Me?”

SOC 1 or SOC 2: Which Is Right for My MSP?

Managed service providers (MSPs) provide a valuable service by enabling companies of all sizes to outsource their key information technology processes. Many of those companies who look to engage an MSP ask whether a SOC 1 or SOC 2 Examination has been completed to assess the MSP’s security posture.

Continue reading “SOC 1 or SOC 2: Which Is Right for My MSP?”

Top Tips for Effective Audit Preparation

For any organization that stores, interprets and manages sensitive data, complying with cybersecurity requirements is of utmost importance. The most comprehensive way to test the strength and effectiveness of these systems is through a compliance assessment. Beginning this process, however, is no easy feat. Continue reading “Top Tips for Effective Audit Preparation”

Featured CLIMBER:
Emily Schuckman

At A-LIGN, integrity is everything. Being accountable for your work is a value celebrated through our annual value awards at CLIMB, A-LIGN’s annual employee team-building event. This year, Emily is the winner of the “Do the Right Things, Always” award. Continue reading “Featured CLIMBER:
Emily Schuckman”

Don’t Undergo an Audit or Assessment Before Reading This Guide

Cybersecurity examinations are an important undertaking for your organization, its health and projected future. With no shortage of firms and examination types to choose from, preparing to undergo an audit or assessment can feel like a massive undertaking. Is the firm cutting corners reliable? Is the accessor able to deliver on their lofty promises? And how can you tell if they’re providing quality work?

Continue reading “Don’t Undergo an Audit or Assessment Before Reading This Guide”

Everything You Need to Know About Bridge Letters

Bridge letters are an important element of SOC 1 and SOC 2 examinations that you may not be aware of and can help provide your clients with additional confidence regarding the effectiveness of your organization’s controls environment at no additional cost or time.

Continue reading “Everything You Need to Know About Bridge Letters”

Compliance Doesn’t Have to be Scary

Every October during National Cybersecurity Awareness Month, we show you why cybersecurity is vital to protecting your organization from outside threats – but that’s only one side of the coin when it comes to defense. Continue reading “Compliance Doesn’t Have to be Scary”

SOC Reports: Type 1 vs Type 2 vs Readiness Assessment

Your client requested a SOC report, but what’s next? For organizations seeking a SOC 1, SOC 2, or ISAE 3402, there are two attestation options available: Type 1 and Type 2. Additionally, a readiness assessment can be performed to prepare your organization for the attestation.

Continue reading “SOC Reports: Type 1 vs Type 2 vs Readiness Assessment”