What Does Your Supply Chain Look Like?

With the severity of COVID-19’s impact around the world, there has been a marked increase in the need for critical resources and supplies. Unfortunately, not all suppliers were prepared for such a spike in demand. Continue reading “What Does Your Supply Chain Look Like?”

SOC 2 Examinations for Colocation Service Providers

The framework and criteria for a SOC 2 examination are flexible and can be applied to many entities, including service organizations who work with an entity to provide a particular type of services (e.g. data backup services, cloud hosting services, managed IT services, incident management services, change management services, network security services, etc.). Continue reading “SOC 2 Examinations for Colocation Service Providers”

Take An In-Depth Look at the SOC 2 Audit Process

Understanding the purpose and examination process of a SOC 2 audit can be confusing for first-time users and experienced customers alike. A simple Google search can give you the basics of a SOC 2 audit, but that generalized knowledge is only the beginning.

Continue reading “Take An In-Depth Look at the SOC 2 Audit Process”

SOC 2 for Startups: Boosting Your Startup with SOC 2

SOC 2 for startups may seem like a difficult endeavor given the moving parts involved in launching and maintaining a successful startup. From funding to revenue, it can be easy to neglect compliance examinations like a SOC 2 Examination – or delay completing one until a future date. Continue reading “SOC 2 for Startups: Boosting Your Startup with SOC 2”

Featured CLIMBER:
Emily Schuckman

At A-LIGN, integrity is everything. Being accountable for your work is a value celebrated through our annual value awards at CLIMB, A-LIGN’s annual employee team-building event. This year, Emily is the winner of the “Do the Right Things, Always” award. Continue reading “Featured CLIMBER:
Emily Schuckman”

Everything You Need to Know About Bridge Letters

Bridge letters are an important element of SOC 1 and SOC 2 examinations that you may not be aware of and can help provide your clients with additional confidence regarding the effectiveness of your organization’s controls environment at no additional cost or time.

Continue reading “Everything You Need to Know About Bridge Letters”

Leveraging Your Compliance Report

Compliance examination reports are more than an attestation of your commitment to quality and security; they can drive revenue, build client trust and position your organization as a cybersecurity leader in your industry.

Continue reading “Leveraging Your Compliance Report”

Why do my clients ask me for a SOC 1/SSAE 16 Report?

Let’s spend a few minutes getting back to basics. Why do your clients ask for a SOC 1/SSAE 16 report to be provided?  Your clients ask because their auditors probably asked for it.  So why do your auditors ask for this report?  The roots for SSAE 16 can be traced back to SAS 70 and even further to SAS 55.  The understanding of internal controls is a fundamental component of performing a financial audit.  I spent time early in my career in the financial audit department which helps me explain to companies why a SOC 1/SSAE 16 report would be applicable or not to the company.  In performing a financial audit, the auditor makes inquires of the company regarding their internal controls. Having an understanding of the internal control over financial reporting is a required component for the auditor to perform.  If a service has been outsourced to another company, the auditor is required to understand the internal controls. This is so that they can understand the internal controls and assess control risk accordingly. Continue reading “Why do my clients ask me for a SOC 1/SSAE 16 Report?”