Trust the top-issuer of SOC 2 reports in the world
SOC 2 compliance is the most popular form of a cybersecurity audit, used by a rapidly growing number of organizations to demonstrate that they take cybersecurity and privacy seriously.
In a SOC 2 audit, A-LIGN will review your policies, procedures, and systems that protect information across five categories called Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy). As your independent SOC 2 auditor, A-LIGN evaluates the evidence you supply for the controls in each category, resulting in a SOC 2 report.
The benefits of a SOC 2 report:
- Allows you to say goodbye to the 500-question security survey
- Demonstrates a commitment to corporate governance
- Provides assurance to your customers and partners that your systems are secure
- Satisfies requirements for organizational and regulatory oversight
SOC 2 services
- Readiness assessment
- SOC 2 Type 1 report
- SOC 2 Type 2 report
Readiness assessment
If you’re undergoing a SOC 2 audit for the first time, we highly recommend that you complete a readiness assessment which will identify high-risk control gaps, provide recommendations for improving controls, and allow you to remediate issues prior to the official SOC 2 audit. Get started with your SOC 2 readiness assessment today.
SOC 2 Type 1 report
A SOC 2 Type 1 report attests to the design of controls at a single point in time. A-LIGN’s SOC 2 auditors will review evidence from your systems as it exists at a “moment in time” and describe your organization’s system.
SOC 2 Type 2 report
A SOC 2 Type 2 report attests to both the design and the operating effectiveness of controls over a defined period of time, usually between 3-12 months. This type of SOC 2 audit provides assurance of not just how your systems are set up, but how they are used on a day-to-day basis.