Services
- - - SOC Assessments
    - SOC 1
    - SOC 2
    - ISO Certifications
    - ISO 27001
    - ISO 27701
    - ISO 22301
    - ISO 42001
    - Healthcare Assessments
    - All Healthcare
    - HITRUST
    - HIPAA
  - - Federal Assessments
    - All Government
    - FedRAMP
    - GovRAMP
    - FISMA
    - CMMC
    - NIST 800-171
    - PCI Assessments
    - PCI DSS
    - PCI SSF
  - - Cybersecurity
    - Penetration testing
    - Red team services
    - Ransomware preparedness assessment
    - Social engineering
    - Vulnerability assessment service
    - Privacy
    - GDPR
    - CCPA/CPRA
  - - Additional Services
    - International Services
    - Multi-Framework
    - Microsoft SSPA
    - NIS2
    - C5
    - SOX 404
    - CSA STAR
    - Business Continuity & Disaster Recovery
    - Limited Access Death Master File
    - All Services
Platform
Company
- - - Tampa, Fla. – 10/1/2025 – A-LIGN, a leading provider in cybersecurity compliance, has added five…
      Learn more
Customers
Resources
- - - Quick links
    - Resource Center
    - Blogs
    - Case Studies
    - Videos
    - Events
  - - By service
    - SOC 2
    - ISO 27001
    - ISO 42001
    - CMMC
    - FedRAMP
    - HITRUST
    - PenTest
  - - Featured Resources

A-SCEND Login
Careers

Resource Center

2025 Compliance Benchmark Report

2025 Compliance Benchmark Report

A-LIGN’s Compliance Benchmark Report includes insights from over 1,000 compliance professionals and highlights industry benchmarks.

See More

Synthesia becomes first AI video platform to earn ISO 42001 certification

Synthesia becomes first AI video platform to earn ISO 42001 certification

ISO 42001

CMMC vs. FedRAMP: How to Know Which to Choose

CMMC vs. FedRAMP: How to Know Which to Choose

CMMC

ISO 27001: Everything You Need to Know

ISO 27001: Everything You Need to Know

ISO 27001

Jump to all resources

Compliance Center

Discover key insights, educational articles, helpful guides & more

SOC 2 ISO 27001 ISO 42001 CMMC Pen Test

What is SOC 2? Complete Guide to SOC 2 Reports and Compliance

What is SOC 2? Complete Guide to SOC 2 Reports and Compliance

SOC 2

SOC 2 Checklist: Preparing for a SOC 2 Audit

SOC 2 Checklist: Preparing for a SOC 2 Audit 

SOC 2

Boomi showcases cybersecurity dedication with 10+ compliance certifications and attestations

Boomi showcases cybersecurity dedication with 10+ compliance certifications and attestations

FedRAMP HIPAA ISO 22301 ISO 27001

What is a SOC 2 Report?

What is a SOC 2 Report?

SOC 2

Orbital leads the way in the European fintech & crypto market with SOC 2 compliance

Orbital leads the way in the European fintech & crypto market with SOC 2 compliance

SOC 2

Everything You Need to Know: SOC 2 Examination

Everything You Need to Know: SOC 2 Examination

SOC 2

SEE ALL SOC 2 RESOURCES

ISO 27001: Everything You Need to Know

ISO 27001: Everything You Need to Know

ISO 27001

ISO 27001 as a Strategic Foundation for EMEA Compliance

ISO 27001 as a Strategic Foundation for EMEA Compliance

EMEA ISO 27001

What’s the Difference Between ISO 27001:2022 and ISO 27001:2013?

What’s the Difference Between ISO 27001:2022 and ISO 27001:2013?

ISO 27001

ISO 27001 Buyer’s Guide

ISO 27001 Buyer’s Guide

Audit Quality Efficient Audits ISO 27001

The ISO 27001 Certification Process

The ISO 27001 Certification Process

ISO 27001

Butterfly Network embraces audit harmonization to strengthen global compliance program

Butterfly Network embraces audit harmonization to strengthen global compliance program

ISO 27001 StateRAMP

SEE ALL ISO 27001 RESOURCES

Understanding ISO 42001: The World’s First AI Management System Standard

Understanding ISO 42001: The World’s First AI Management System Standard

ISO 42001

The Ultimate Guide to ISO 42001 [Webinar]

The Ultimate Guide to ISO 42001 [Webinar]

ISO 42001

ISO 42001 Buyer’s Guide

ISO 42001 Buyer’s Guide

ISO 42001

Webdox becomes first CLM in LATAM to obtain ISO 42001 certification

Webdox becomes first CLM in LATAM to obtain ISO 42001 certification

ISO 27001 ISO 42001 SOC 2

The Intersection of ISO 42001 and ISO 27001

The Intersection of ISO 42001 and ISO 27001

ISO 27001 ISO 42001

Synthesia becomes first AI video platform to earn ISO 42001 certification

Synthesia becomes first AI video platform to earn ISO 42001 certification

ISO 42001

SEE ALL ISO 42001 RESOURCES

CMMC Buyer’s Guide: How To Choose a C3PAO

CMMC Buyer’s Guide: How To Choose a C3PAO

CMMC

Breaking Down the CMMC Assessment Process

Breaking Down the CMMC Assessment Process

CMMC

CMMC Checklist

CMMC

A-LIGN Issues CMMC Level 2 Certification to Quiet Professionals

A-LIGN Issues CMMC Level 2 Certification to Quiet Professionals

CMMC

CMMC Phase 1: Why Contractors Shouldn’t Bet Everything on Self-Attestation

CMMC Phase 1: Why Contractors Shouldn’t Bet Everything on Self-Attestation

CMMC

CMMC Corner: Your FAQs Answered

CMMC Corner: Your FAQs Answered

CMMC

SEE ALL CMMC RESOURCES

Why Are Penetration Tests Important?

Why Are Penetration Tests Important?

Cybersecurity Pen Test

Enhancing web application security with A-LIGN’s penetration testing expertise

Enhancing web application security with A-LIGN’s penetration testing expertise

Pen Test

Combining Penetration Testing & ISO 27001 Audit for Enhanced Security Assessment

Combining Penetration Testing & ISO 27001 Audit for Enhanced Security Assessment

ISO 27001 Pen Test

Penetration Testing’s Crucial Role in SOC 2 Audits for Security Assessment & Risk Mitigation

Penetration Testing’s Crucial Role in SOC 2 Audits for Security Assessment & Risk Mitigation

Pen Test SOC 2

A Comprehensive Checklist for Penetration Testing Readiness

A Comprehensive Checklist for Penetration Testing Readiness

Pen Test

Debunking Myths About Pen Testing with Your Audit Firm

Debunking Myths About Pen Testing with Your Audit Firm

Pen Test

SEE ALL Pen Test RESOURCES

Topics

SOC 2
ISO 27001
ISO 42001
HITRUST
FedRAMP
CMMC
Pen Test
PCI DSS
PCI SSF
SOC 1
HIPAA

Type

Blog
Case Study
Press Release
Video

All Resources

Your Guide to PCI DSS Certification

PCI DSS

Don't Let Regulatory Uncertainty Delay Your AI Governance

AI Governance ISO 42001

ISO 27701 Updates: What You Need to Know

A-LIGN Achieves Nine Years of Excellence on Seminole 100 List

A-LIGN

EU AI Act Compliance Simplified: Download Your Essentials Guide

EMEA

Simplifying Multi-Framework Readiness: How Modern Teams Prepare Smarter, Not Harder

Audit Consolidation Audit Quality

Breaking Down the CMMC Assessment Process w/ Michael Brooks

CMMC Compliance

What is AI Governance?

AI Governance

Avoiding CMMC compliance missteps w/ Jacob Horne

CMMC Compliance

SOC 2 Buyer's Guide

Audit Quality SOC 2

CMMC: What UK and European defense contractors need to know

CMMC EMEA

CISO insights: Empowering compliance teams through continuous compliance and smarter risk management

Compliance Cybersecurity

No resources found.

Upcoming Webinars

View All

Best Practices for Modernizing Multi-Framework Compliance

In this joint session with Drata and A-LIGN, discover how to minimize audit fatigue, improve collaboration, and quantify ROI.

Dec 11, 2025

Virtual Webinar

SAVE YOUR SPOT

Client Testimonials

“We have a very strong security DNA at the company. We decided very early on that it was critical to establish a robust security and governance program. We wanted to use our program to manage enterprise risk for the company and the product, but also to establish trust with our customers and in the marketplace.”

Client Image

Alfredo Hickman

CISO at Obsidian Security

“A-LIGN has proven to be a trusted partner and has become our go-to professional services firm for our audit and advisory needs. They consistently deliver expert and reliable services to help us manage risks and grow our business.”

Client Image

Jason Wheeler

VP of Cyber and Network Security at HealthBridge

“Holistically, this experience stands out from all the other experiences I’ve had in my career with compliance audits. I think that there’s some little magic sauce happening at A-LIGN that just makes it work.”

Client Image

Noe Ramos

VP of Operations at Agiloft

A lign Convergence background

Get the latest from A-LIGN

Sign up to our newsletter and don’t miss out!

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI.

Services
SOC 1
SOC 2
ISO 27001
ISO 42001
CMMC
HITRUST
FedRAMP
Penetration Testing
PCI DSS
HIPAA
International Services
Multi-Framework
All Services

Company
About us
Partners
Platform
Careers
Our Team
Contact Us

Resources
Resource Center
Blogs
Case Studies
Videos
Events

Customers
Customer Stories

Resource Hubs
SOC 2 Resources
ISO 27001 Resources
CMMC Resources
ISO 42001 Resources
Pen Test Resources

Guides
SOC 2 Compliance
ISO 27001 Certification
CMMC Compliance
ISO 42001 Compliance
HITRUST Certification

ISO Certificate Directory
Privacy Policy
Cookie Policy
Impartiality and Inquiries
Acceptable Use Policy
Sitemap

Price and Associates CPAs, LLC dba A-LIGN ASSURANCE is a licensed certified public accounting firm registered with the Public Company Accounting Oversight Board (PCAOB). A-LIGN Compliance and Security, Inc. dba A-LIGN is a leading cybersecurity and compliance professional services firm.

A-LIGN 2025. All rights reserved.

Services
Platform
Company
Customers
Resources
- Resource Center
- Blogs
- Case Studies
- Videos
- Events
- By Service
  - SOC 2
  - ISO 27001
  - ISO 42001
  - CMMC
  - FedRAMP
  - HITRUST
  - PenTest

A-SCEND Login
Careers