# A-LIGN (a-lign.com) > A-LIGN is the leading cybersecurity compliance partner, trusted by over 1000s of organizations worldwide to navigate the complexities of compliance, audit, and risk. Founded in 2009, A-LIGN delivers high-quality, efficient audits across frameworks including SOC 2, ISO 27001, FedRAMP, CMMC, ISO 42001, PCI, and HITRUST. ## Services - [SOC 1](https://www.a-lign.com/service/soc-1) - [SOC 2](https://www.a-lign.com/service/soc-2) - [ISO 27001](https://www.a-lign.com/service/iso-27001-certification) - [ISO 27701](https://www.a-lign.com/service/iso-27701-certification) - [ISO 22301](https://www.a-lign.com/service/iso-22301) - [ISO 42001](https://www.a-lign.com/service/iso-42001) - [Healthcare Compliance Services](https://www.a-lign.com/healthcare) - [HITRUST](https://www.a-lign.com/service/hitrust) - [HIPAA](https://www.a-lign.com/service/hipaa) - [Federal Compliance Services](https://www.a-lign.com/government) - [FedRAMP](https://www.a-lign.com/service/fedramp) - [StateRAMP](https://www.a-lign.com/service/stateramp) - [FISMA](https://www.a-lign.com/service/fisma) - [CMMC](https://www.a-lign.com/service/cmmc-certification) - [NIST 800-171](https://www.a-lign.com/service/nist-800-171) - [PCI DSS](https://www.a-lign.com/service/pci-dss) - [PCI SSF](https://www.a-lign.com/service/pci-ssf) - [Penetration testing](https://www.a-lign.com/service/penetration-testing) - [Red team services](https://www.a-lign.com/service/red-team-services) - [Ransomware preparedness assessment](https://www.a-lign.com/service/ransomware-preparedness) - [Social engineering](https://www.a-lign.com/service/social-engineering) - [Vulnerability assessment service](https://www.a-lign.com/service/vulnerability-assessment) - [GDPR](https://www.a-lign.com/service/gdpr) - [CCPA/CPRA](https://www.a-lign.com/service/ccpa-cpra) - [International Compliance Services](https://www.a-lign.com/service/international-compliance-services) - [Multi-Framework Audit Services](https://www.a-lign.com/service/multi-framework) - [Microsoft SSPA](https://www.a-lign.com/service/microsoft-sspa) - [NIS2 Directive](https://www.a-lign.com/service/nis2) - [C5](https://www.a-lign.com/service/c5-attestation) - [SOX 404](https://www.a-lign.com/service/sox-404) - [CSA STAR](https://www.a-lign.com/service/csa-star) - [Business continuity & disaster recovery](https://www.a-lign.com/service/business-continuity-disaster-recovery) - [Limited Access Death Master File](https://www.a-lign.com/service/death-master-file) ## Technology > With A-SCEND, evidence is mapped to multiple audit frameworks, allowing you to tackle multiple audits in a single motion. If you’ve completed a SOC 2, you’ve already submitted much of the required evidence for additional common frameworks. - [Maximize audit efficiency with an audit management platform](https://www.a-lign.com/a-scend) ## Key Resources ### SOC 2 - [What is SOC 2? Complete Guide to SOC 2 Reports and Compliance](https://www.a-lign.com/articles/what-is-soc-2-complete-guide-audits-and-compliance) - [SOC 2 Checklist: Preparing for a SOC 2 Audit](https://www.a-lign.com/articles/soc-2-checklist) - [A Guide to SOC 2 Reporting: What Is a SOC 2 Report?](https://www.a-lign.com/articles/soc-2-reporting) - [Everything You Need to Know: SOC 2 Examination](https://www.a-lign.com/resources/everything-you-need-to-know-soc-2-examination) ### ISO 27001 - [ISO 27001: Everything You Need to Know](https://www.a-lign.com/articles/blog-everything-you-need-to-know-about-iso27001-certification) - [What’s the Difference Between ISO 27001:2022 and ISO 27001:2013?](https://www.a-lign.com/articles/blog-whats-the-difference-between-iso-27001-2013-and-iso-27001-2022) - [ISO 27001 Buyer’s Guide](https://www.a-lign.com/articles/iso-27001-buyers-guide) - [The ISO 27001 Certification Process](https://www.a-lign.com/resources/iso-27001-certification-process) ### ISO 42001 - [Understanding ISO 42001: The World’s First AI Management System Standard](https://www.a-lign.com/articles/understanding-iso-42001) - [The Ultimate Guide to ISO 42001 Webinar](https://www.a-lign.com/resources/the-ultimate-guide-to-iso-42001-webinar) - [ISO 42001 Buyer’s Guide](https://www.a-lign.com/articles/iso-42001-buyers-guide) - [The Intersection of ISO 42001 and ISO 27001](https://www.a-lign.com/articles/iso-42001-vs-iso-27001) - [ISO 42001 Checklist – Prepare for AI Compliance](https://www.a-lign.com/articles/iso-42001-checklist) ### CMMC - [CMMC Buyer’s Guide: How To Choose a C3PAO](https://www.a-lign.com/articles/cmmc-buyers-guide) - [Breaking Down the CMMC Assessment Process](https://www.a-lign.com/articles/cmmc-assessment-process) - [CMMC checklist Your guide to preparing for CMMC certification](https://www.a-lign.com/resources/cmmc-checklist-download) - [CMMC Phase 1: Why Contractors Shouldn’t Bet Everything on Self-Attestation](https://www.a-lign.com/articles/cmmc-phase-1-contract-requirements) - [CMMC Corner: Your FAQs Answered](https://www.a-lign.com/articles/cmmc-faq) ### Penetration Testing - [Why Are Penetration Tests Important?](https://www.a-lign.com/articles/blog-why-are-penetration-tests-important) - [Combining Penetration Testing & ISO 27001 Audit for Enhanced Security Assessment](https://www.a-lign.com/articles/combining-penetration-testing-iso-27001) - [Penetration Testing’s Crucial Role in SOC 2 Audits for Security Assessment & Risk Mitigation](https://www.a-lign.com/articles/penetration-testings-soc-2-audits-security-assessment-risk-mitigation) - [A Comprehensive Checklist for Penetration Testing Readiness](https://www.a-lign.com/articles/penetration-testing-checklist) - [Debunking Myths About Pen Testing with Your Audit Firm](https://www.a-lign.com/articles/debunking-myths-about-pen-testing-with-your-audit-firm) ## Contact - [Contact us](https://www.a-lign.com/contact)