A-LIGN, the leading provider in cyber security compliance, has completed the globally recognised SOC 2 audit for Quorum Cyber. Established by the American Institute of Certified Public Accountants (AICPA), SOC 2 stands for System and Organisation Controls. The examination is designed for organisations of any size, regardless of industry and scope, to ensure the personal assets of their potential and existing customers are protected.

SOC 2 reports affirm that a company’s infrastructure, software, people, data, policies, procedures, and operations have been formally reviewed. This certification demonstrates our continued commitment to compliance and ensures customers with the confidence that required safeguards are in place to protect their data.

“Congratulations to Quorum Cyber for earning its SOC 2 attestation, which is a widely recognised signal of trust and security,” said Steve Simmons, COO of A-LIGN. “It’s great to work with organisations like Quorum Cyber who understand the value of expertise in driving an efficient audit and the importance of a high-quality final report.”

“SOC 2 Type II is evidence based, so we’re delighted to have passed this rigorous audit at our first attempt,” says Gill Barton, Compliance & Information Security Manager at Quorum Cyber. “While SOC 2 Type II audits typically take from six to 12 months, we achieved ours in only four months. We also moved up to ISO/IEC 27001 ahead of schedule and at the same time were audited at UKAS level to provide a full evidence-based audit.”

Achieving this certification in record time means our customers can gain confidence in our security controls sooner, enabling quicker onboarding, reducing delays in meeting compliance requirements, and speeding up their journey to robust cyber protection.

ISO/IEC 27001 is an information security management system standard published in October 2022 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The certification is another great way for us to demonstrate that we’re taking the necessary steps to protect our customers’ most valuable information to give them even more peace of mind.

About SOC 2

SOC 2 audits are voluntary assessments designed to evaluate how well an organisation manages and protects customer data. They are based on five trust service principles:

1. Security ensures that the system is protected against unauthorised access, both physical and logical
2. Availability ensures that the system is available for operation and use as committed or agreed
3. Processing Integrity ensures that the system processing is complete, valid, accurate, timely, and authorised
4. Confidentiality ensures that information designated as confidential is protected according to the organisation’s commitments and agreements
5. Privacy ensures that personal information is collected, used, retained, disclosed, and disposed of in accordance with the organisation’s privacy notice and applicable laws and regulations.

About A-LIGN

A-LIGN is the leading provider of high-quality, efficient cyber security compliance programmes. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and a leading HITRUST and FedRAMP assessor.