Consulting, Investigations
and International

ALTA Best Practices

Consulting, Investigations and International (CI&I):


ALTA Best Practices

Our consultants can help with every aspect of ALTA Best Practices compliance, from implementing the necessary policies and procedures to conducting the assessments for certification.

ALTA, the American Land Title Association, is the national trade association of the abstract and title insurance industry, with more than 4,600 members who search, review, and insure land titles for real estate settlements. Nearly all title insurance companies are members of ALTA, as well as many abstracters and title agents.

ALTA publishes a framework of best practices members can voluntarily implement to protect consumers, promote quality service, provide for ongoing employee training, and meet legal and market requirements. Compliance is entirely voluntary, but ALTA’s Best Practices certification is tangible evidence companies can use to demonstrate their professionalism to lenders. ALTA’s Best Practices include the following 7 pillars:

  1. Licensing
  2. Escrow Accounting Procedures
  3. Privacy and Information Security*
  4. Settlement Procedures
  5. Title Policy Production & Delivery
  6. Professional Liability Insurance Coverage
  7. Consumer Complaints

Within each pillar, there are multiple controls to be implemented. These controls are referred to by ALTA as “policies.” For each policy, there are a number of associated procedures that must be followed to be certified compliant with the Best Practices. The Consulting, Investigations and International team at Andrews International can assist every step of the way with implementing ALTA’s Best Practices, including helping to draft formal procedures for each policy.

Our team’s experience and knowledge of best practices in Privacy and Information Security is important. Privacy and Information Security, the third pillar of ALTA’s Best Practices, is the most costly and challenging of the 7 pillars to implement, and is critically important in the eyes of lenders. Privacy and Information Security focuses on protection of Non-Public Information (NPI) and includes the 11 key controls/policies below.

  1. Develop a written Privacy and Information Security Policy and distribute to your employees.
  2. Conduct 5 year Background Checks on all employees who have access to NPI.
  3. Conduct Third-party vendor background checks on vendors who have access to NPI. 
  4. Maintain a Clean Desk Policy.
  5. Establish an NPI Security Risk Assessment that ranks risks including locations, systems, and methods used to store, process, transmit, and dispose of NPI.
  6. Develop Physical, Logical, and Network Access Controls Policy.
  7. Develop Acceptable use of Information Technology Policy.
  8. Ensure that there is a Customer Privacy Policy in place.
  9. Develop and maintain a Record Retention and Disposal Policy based on securing NPI.
  10. Develop a Data Breach Reporting Policy that helps you monitor, investigate, and respond to data breach attacks/intrusions.
  11. Develop and maintain a Business Continuity and Disaster Recovery Plan to protect your critical business processes from the potential effects of failures or disasters.

Our team has identified 27 procedures to complement these 11 controls/policies, leveraging the collective expertise of consultants enterprise-wide, including many of today’s foremost authorities in security and risk management solutions. With these procedures already defined, we can help clients optimize costs and expedite implementation, rather than “reinvent the wheel.”   

To assist clients in determining readiness for assessment, our consultants have designed a customized, comprehensive Self-Assessment Guide and Tool. We provide this self-assessment resource to help clients achieve compliance and certification as cost-effectively as possible. Being fully prepared for the assessment is key to optimizing the costs associated with compliance and certification.

When a client is ready, our on-site consulting team works hand-in-hand with our long-time strategic partner, CPA firm GlassRatner, to perform the assessment for Best Practices certification. GlassRatner conducts the requisite independent third party SSAE 16 attestation.

ALTA’s Best Practices certification differentiates title companies in the marketplace, mitigates their liability, and validates the integrity of their business practices for protecting consumers, promoting quality service, providing for ongoing employee training, and meeting legal and market requirements. Implementing Alta’s Best Practices and achieving certification requires a significant investment of time and resources, but Andrews International effectively positions clients to realize maximum return on that investment.
To learn more about how we can assist with ALTA assessment and certification, please contact:

Russ Owens, Executive Director
Consulting, Investigations & International Division

3600 Mansell Road, Suite 275, Alpharetta, GA  30022

About Andrews International, Inc.

Andrews International, Inc., headquartered in Los Angeles, California, is an industry-leading full service provider of security and risk mitigation services. Through local offices in the United States and Latin America and nearly 150 strategic partners around the world, the company provides security services to a wide range of business sectors in all 50 states and internationally to many of the Fortune 500. The firm's portfolio of services includes uniformed security, consulting and investigations, personal protection, special event security, training, alarm monitoring and response, and disaster and emergency response services. For more information, please visit the Andrews International website at

Andrews International. Inc.
455 N. Moss Street
Burbank, CA 91502
Tel: 818-487-4060
Fax: 818-487-4061


Apply Now