A 3-Step Guide for Dealing with Consumer Complaints in the Collections Industry

By: Neil Gonsalves, Director One of the ongoing issues for the ARM and collections industry is the ever-present complaint process. Our clients ask themselves: Are we handling our complaints appropriately? Are the complaints legitimate? How do we resolve complaints? What are we really responsible for? Little overwhelming? Here at A-LIGN, we want our clients to comply with the guidelines established by the Consumer Financial Protection Bureau (CFPB) and have created a simple step-by-step guide to help initiate a process to control complaints effectively.

Read More

What Everyone Should Take Away from the Recent Retail Breaches

By: Gene Geiger, Partner of A-LIGN Recent Retail Breaches – What Should You Do When news of the Target breach was announced, in the middle of the holiday shopping season, it made headlines and re-kindled the debate on payment card data security and more specifically, the effectiveness of the PCI Data Security Standard (“PCI DSS”), which was established to protect payment card data. This debate has only intensified as news of breaches at other major retailers has surfaced. So what went wrong? How were millions of records exposed? You don’t have to go very far to find the finger pointing and criticism of everyone involved, including Target, the PCI Security Standards Council (“PCI SSC”) and the core infrastructure used in the payment card industry. These discussions will continue and additional guidance may be produced, but at the end of the day, the clients I speak with want to know one thing “What should we do?” Outlined below are some thoughts I would like to share on how to increase the security in your environment.

Read More

A-LIGN Becomes Data Privacy Day Champion

This year A-LIGN is participating as a Data Privacy Day (DPD) Champion. As a DPD Champion, A-LIGN recognizes and supports the principle that organizations, businesses, and government all share the responsibility of proper data management by ensuring the privacy and safeguarding of their data. Data Privacy Day is observed annually on January 28 as an international awareness effort to encourage internet users to consider the privacy implications of their online actions, motivating all companies to make the protection of privacy and data a greater priority.

Read More

A-LIGN Implements Center of Excellence Program to Improve Audit Experience

By: Scott Price, Managing Partner of A-LIGN With the start of the new year, we introduce a new program: A-LIGN’s Center of Excellence (CoE), which was developed to build upon our strong client relationships and high quality service delivery. In our efforts to continually improve upon our current assessments and reporting procedures, we are implementing the CoE program as a new tool to foster our growth and continued involvement within our clients’ industries along with remaining current on new and upcoming compliance needs. The program will enable us to proactively develop educational materials for our clients, explaining or outlining any updates or authoritative developments to current regulations, which may affect their business. A-LIGN is already an active participant within professional and trade associations, but the focus of the CoE program will allow A-LIGN personnel to participate in leadership roles both within professional and trade associations.

Read More

5 Benefits of Annual Compliance Reports

By: Scott Price, Managing Partner of A-LIGN As a leading provider of assurance, security, and compliance services, A-LIGN is often asked why clients should or should not have an annual examination performed. Below is a list of the (5) five benefits we have found that provide the most value for our clients when considering the annual scheduling of their compliance assessment(s).

Read More

Understanding FedRAMP: Cloud Service Provider’s Top 4 Questions Answered

By: Gene Geiger, Partner of A-LIGN Security and Compliance Services As an information security and audit firm focused on the compliance needs of service providers, A-LIGN’s accreditation as a FedRAMP third party assessment organization (“3PAO”) is a natural fit with our existing service offerings. Since becoming a FedRAMP 3PAO, we have noticed a trend in client calls stating their customers are inquiring about FedRAMP or that FedRAMP is being discussed during the sales cycle with prospective customers. With that being said, I thought it would be beneficial to outline the most common FedRAMP questions we have received with detailed responses.

Read More

Webinar: “Countdown to Compliance: What you need to know for PCI 3.0”

A-LIGN to present, "Countdown to Compliance: What you need to know for PCI 3.0" on Tuesday, December 10, 2013, from 2:00-3:00 pm EST. Gene Geiger, Director of A-LIGN Security and Compliance Services, will provide highlights of the changes in the standard from PCI DSS Version 2.0 to 3.0, the required implementation timeline and how organizations should approach these changes.

Read More

How Subservice Organizations Impact SSAE 16 Reports

By: Scott Price, Managing Partner of A-LIGN Determine whether your SSAE 16 Report is saving your client money or costing them! With year-end financial audits fast approaching, your clients will soon be requesting your SSAE 16 report. Why? This is because your SSAE 16 reports will allow your client’s financial auditors to determine if they need to perform additional testing or if they can utilize the report for their year-end financial audit. If the latter option happens to be this case, your SSAE 16 report will save your clients both time and money. Now, aren’t you efficient?

Read More

PCI Data Security Standard Version 3.0 – Breakdown of Changes to Anticipate

By: Gene Geiger, Partner of A-LIGN Following the 36 month lifecycle the PCI Security Standards Council (“Council”) has established for the published standards, Version 3.0 of the PCI Data Security Standard is in the final stages before it will be released on November 7, 2013. Through several webinars and documents provided to stakeholders, the Council has provided information on the final draft in order to receive feedback at the 2013 Community that will be held in Las Vegas September 24 – 26. The core twelve requirements remain the same, but after a review of the changes and guidance provided by the Council, the change to Version 3.0 is more comprehensive than we experienced with previous version changes. However, due to the impact of these changes and the time it may take to fully comply with the requirements of Version 3.0, Version 2.0 may be used for assessment until December 31, 2014. Nonetheless, the Council encourages adoption of Version 3.0 as soon as practical.

Read More

Webinar: “CFPB Examination – Getting Your Agency Ready!”

A-LIGN to present webinar entitled, “CFPB Examination - Getting Your Agency Ready!” on Tuesday, October 1, 2013, from 1-2 p.m. EST. The presentation will provide a high-level overview of the key areas that collection agencies should focus on as they prepare for the CFPB Examination.

Read More