Payroll Processing

Illusion of Insignificance: Cybersecurity and the Small Business

Author: Stuart Rorer, Senior Consultant at A-LIGN. “Big Box Store ABC Has Been Hacked, Customer Card Information Exposed!” “E-Commerce Giant Acme Inc., Suffers Cyber Intrusion” Headlines like these are appearing each day, most of which seem to apply to big box stores…

Read More

More Passwords, More Problems: A Look into Biometric Authentication

What’s your password? Studies show that you likely use more than 15 different passwords, but more than half of you admit to using a weak password. So how do companies fare with inconsistent password usage and standardization? Even companies with incredible security practices can become vulnerable due to a forgetful employee who…

Read More

2015 Data Breaches – The Year In Review

Author: Greg Johnson, Vice President of Business Development at A-LIGN. Data breach was alive and well in 2015 with some of the largest breaches in history occurring last year. The Office of Personnel Management (OPM), or in other words our Federal Government, was hacked to the tune of 21.5 million…

Read More

The Do’s and Don’ts of Bridge Letters (SSAE 16 Reporting)

You finally received your SOC 1/SSAE 16 report, only to realize that your coverage does not cover the entire year. So what happens in the remaining months of the year beyond the coverage of the report? Is it necessary that you receive another report to cover the remainder of the…

Read More

It’s Time For An Upgrade: Switching from ISO 27001:2005 to 2013

As a reminder a new version of ISO 27001 has been issued and the deadline for updating your company’s ISO 27001 program from 2005 to 2013 is quickly approaching.  There are some significant changes to ISO 27001 in the newest 2013 edition.  Utilizing the guidelines in ISO…

Read More

How SOC Audits Can Help Save on Errors & Omissions Insurance

As many companies look to reduce costs, one cost that continues to rise as the company grows is Errors and Omissions (E/O) insurance premiums. Both company liability and personal liability of the board of directors and owners is a topic that continues to be a focus of litigation. One of the ways a company can demonstrate they have sound controls over their control environment (which includes the tone at the top, board of directors’ participation, management oversight, etc) is to have a SOC audit conducted by a third-party auditing firm such as A-LIGN. 

Read More

Nine Payroll Pain Points

 Dr. Daniel Selby, PhD, CPA, CISA has written a whitepaper for A-LIGN entitled, “Nine Critical Payroll Pain Points and What Payroll Professionals Should Do About Them?”  An excerpt from Dr. Selby’s summary on LinkedIn:

Read More

The Connected World: A Look At Mobile Security?

Smartphones are a truly extraordinary technology.  Like an electronic Swiss Armor Knife, they are seemingly magical devices that provide a ton of services in the palms of our hands.  Each day, it seems, a new feature emerges enabling them to do even more.  Using a smartphone a person can video conference, navigate through the perils of rush hour traffic, and download a new recipe for beef stroganoff, just hopefully not at the same time!

Read More

SOC Vendor Due Diligence for Title Agencies

The American Land Title Association (ALTA) Best Practices Framework has been developed to assist lenders in satisfying their responsibility to manage third party vendors. ALTA members advocate a safe and efficient transfer of real estate and have high standards when searching land title records and preparing insurance documents. To provide the best possible chance of avoiding land title problems, risk should be eliminated prior to insuring. As such, effective safeguards should be in place.

Read More

The State of Cybersecurity: How to Prepare For 2015

2014 was a cybersecurity eye opener for all individuals using technology.  The public and many corporations had to personally face the repercussions of the cybersecurity weaknesses throughout all technology.  The whole world was watching this year as cyber-attacks hit one after the other, arguably the worst cybersecurity incident happening in November to Sony Pictures Entertainment.  Not as popular but certainly as devastating, Heartbleed was part of the worst vulnerabilities made public and possibly the worst vulnerability ever released.

Read More