Page 29 - GS180901
P. 29

CompanyProfile






                                                                                        ISO/MLS contact:
                                                                                            Jason Torgler
                                                                                    Chief Revenue Officer
                                                                                 1-888-702-5446, ext. 368
                                                                                  jason.torgler@a-lign.com
                                                                                          www.a-lign.com


                            Cybersecurity compliance experts




                  ince launching in 2009,  A-LIGN has assisted   automation, document management and auditing history.
                  diverse enterprises navigate the complexities   "As an assessor who actively engages with our partners
                  of regulatory and business-driven security and   to work through these assessments, A-SCEND as a tool, is
        S compliance. It has done so by providing com-           not only vital, but it's unlike anything I've worked with,
        prehensive assessments, audits, and cyber risk advisory   and I've worked in the industry for a number of years,"
        and testing services. The Tampa, Fla.-based firm employs   said Patrick Sullivan, Senior Consultant at A-LIGN. "This
        more than 100 assessors and auditors dedicated to work-  tool actually creates a structure, a system that allows us
        ing with clients in business, healthcare and government.  to partner with our customers to create the assessment as
                                                                 opposed to just demanding cold evidence."
        In 2017, A-LIGN was named to the Inc. 5000 list of fastest-
        growing privately held U.S. companies. With the recent   The firm believes that within this framework, it achieves
        infusion of $54.5 million in growth funding by FTV       greater consistency in both how data is collected and
        Capital, it plans to further expand its service offerings,   meeting  client  expectations,  since a  collaborative
        technology platform and expert team to meet increased    approach pinpoint each client's end goals and provides
        client demand to streamline cybsersecurity.              the steps necessary to achieve them. "When I ask for a
                                                                 specific piece of evidence, they already have the context
        According to A-LIGN CEO Scott Price, evolving            set up so that the client doesn't have the uncertainty they
        security frameworks and the continual release of new     would normally have with an auditor request," Sullivan
        regulations and compliance requirements necessitate      said.
        that company executives constantly examine their data
        privacy practices. "Organizations across all industries   Holistic approach to compliance
        are conducting critical assessment and audits not only   Entities often mistakenly view compliance as a siloed
        for mandated compliance, but also to deepen trust among   journey, isolating GDPR without considering the potential
        customers  and  users  which  has  a direct  impact on  the   operational side effects, for example. A-LIGN's stance on
        bottom line," he said.                                   compliance is all encompassing.

        Mark Sokol, A-LIGN vice president of marketing, added    "When we start to actively partner, we have an opportunity
        that established and new organizations need to have a    to hit the brakes, to think about things holistically, and
        third-party review and assess their controls on a variety   then with that partner, begin focusing on what's most
        of technologies. "Whether in the financial and payments   important," Sokol said. "In some organizations, it might
        space, healthcare, or related to GDPR internationally,   be some specific compliance obligation. In others, we
        companies that work with others, including software and   might find that there are bigger issues, and we have an
        service providers, want that validation," he said.       opportunity to help bridge gaps that exist."

        A-LIGN prides itself on its validated qualifications.  It   A-LIGN endeavors to evaluate, direct and monitor all
        is  a  CPA  firm,  Qualified  Security  Assessor  company,   clients according to known industry standards. "We
        accredited ISO 27001 certification body, certified HITRUST   direct or prioritize where effort needs to be focused to
        Assessor firm and accredited FedRAMP 3PAO. "We're one    remedy any gaps found and generally continuously
        of a handful or organizations that offer the services we   monitor through the lifecycle of the assessment with our
        provide for alerting, IT security and compliance," Sokol   partner," Sokol noted.
        said.
        Portal to compliance                                     While the firm does not offer a channel program, per se,
                                                                 it does offer merchant PCI security standard readiness
        According to A-LIGN, its proprietary A-SCEND platform    and compliance assessments, as well as privacy and risk
        has received high marks for helping customers streamline   assessments, penetration testing, and mobile and web
        the complex audit and certification process via workflow   app testing, among other services.

                                                                                                                27
   24   25   26   27   28   29   30   31   32   33   34