Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Video
Video
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Schellman Training
Schellman Training
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Subscribe to Weekly Updates

DANNY MANIMBO

Danny Manimbo is a Principal with Schellman based in Denver, Colorado. As a member of Schellman’s West Coast / Mountain region management team, Danny is primarily responsible for co-leading Schellman's ISO practice as well as the development and oversight of Schellman's SOC practice line as well as specialty practices such as HIPAA. Danny has been with Schellman for eight years and has over 11 years of experience in providing data security audit and compliance services.

Blog Feature

SOC & Attestations | SOC Reports

By: DANNY MANIMBO
January 21st, 2016

Formerly known as Service Organization Controls (SOC) reports, what are now known as System and Organization Controls reports help companies establish trust and confidence in their services or products, including their delivery and business processes and their controls.

Blog Feature

By: DANNY MANIMBO
March 2nd, 2015

When conducting an audit, an auditor must obtain an understanding of a client’s internal control environment, including the use, applicability and nature of any manual and automated controls, in order to design appropriate procedures to test such controls.

Blog Feature

By: DANNY MANIMBO
January 5th, 2015

NOTE: Schellman has since updated and expanded this content in a more recent article here. During the course of an audit, there are instances when findings can come to the auditor’s attention. If the finding is discovered prior to the report date (Type 1 reports) or end of the report period (Type 2 reports), a client will have the opportunity to remediate the finding.

Blog Feature

SOC & Attestations

By: DANNY MANIMBO
December 8th, 2014

From a compliance standpoint, documented policies and procedures are very important and can sometimes be required, depending on the scope of services Schellman is providing.

Blog Feature

HIPAA

By: DANNY MANIMBO
May 5th, 2014

The HIPAA Omnibus Rule which took effect on September 23, 2013, has led to the evolution of the HIPAA Compliance environment. Now more than ever it is important to understand what the security and privacy obligations are of a business associate (BA) or a subcontractor of a BA. BA’s are now mandated to comply with the HIPAA Privacy and Security rule requirements. Below are some high level requirements that BA’s need to be aware of when assessing their compliance environment:

Blog Feature

SOC & Attestations

By: DANNY MANIMBO
April 7th, 2014

When auditors begin to test procedures for compliance examinations (i.e., SOC 1, SOC 2), there are cases where the clients are performing certain tasks; however, they are not documented, which puts the auditors in a precarious position.