<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">
Contact a Specialist
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Compliance Reliance
Compliance Reliance
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

Blog

The Schellman Advantage Blog

Stay up to date with the latest compliance news from the Schellman Advantage blog.

RYAN MACKIE

Ryan Mackie is a Principal and ISO Certification Services Practice Director at Schellman & Company, LLC. Ryan manages SOC, PCI-DSS, ISO, HIPAA, and Cloud Security Alliance (CSA) STAR Certification and Attestation service delivery and also oversees the firm-wide methodology and execution for the ISO certification services, including ISO 27001, ISO 9001, ISO 20000, and ISO 22301 as well as CSA STAR certification services. He has over 18 years of experience. Ryan also is an active member of the CSA and site on the Open Control Framework committee which is responsible for the CSA STAR Program methodology and execution.

Blog Feature

By: RYAN MACKIE
November 21st, 2018

The ability to identify and train IT managers is a key factor in establishing productive IT teams. Here’s what to look for and how to hone leadership talent when promoting from within. Newly forged IT managers face a daunting challenge: They need deep technical knowledge to oversee a technology team — along with a mix of specific soft skills that help them motivate their former peers.

Blog Feature

ISO 27001 / 27002

By: RYAN MACKIE
October 18th, 2016

Introduction ISO/IEC 27001:2015 (ISO 27001) certification is becoming more of a conversation in most major businesses in the United States. To provide some depth, there was a 20% increase in ISO 27001 certificates maintained globally (comparing the numbers from 2014 to 2015 as noted in the recent ISO survey). As for North America, there was a 78% growth rate in ISO 27001 certificates maintained, compared to those in North America in 2014. So it is clear evidence that the compliance effort known as ISO 27001 is making its imprint on organizations in the United States. However, it’s just the beginning. Globally, there are 27,563 ISO 27001 certificates maintained, of which only 1247 are maintained in the United States; that is 4.5% of all ISO 27001 certificates.

Blog Feature

ISO 27018

By: RYAN MACKIE
August 29th, 2016

According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information about customers—names, addresses and Social Security numbers.

Blog Feature

Cloud Computing

By: RYAN MACKIE
August 16th, 2016

Can an organization do a certification and an attestation? Yes. The certification has the prerequisite that you have gone through the ISO 27001 certification, but the attestation does not have any prerequisites. The attestation and certification are two separate examinations, but you can do both at the same time for efficiency.

Blog Feature

ISO 27001 / 27002

By: RYAN MACKIE
July 18th, 2016

An ISO 27001 certification can help your business stand out. It lets your customers and potential customers know you care about and will protect their information. It can also help you streamline internal processes.

Blog Feature

ISO 27018

By: RYAN MACKIE
April 25th, 2016

According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information about customers—names, addresses and Social Security numbers.

Blog Feature

SOC | ISO 27001 / 27002

By: RYAN MACKIE
April 21st, 2016

Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report?  Many organizations today are dealing with multiple needs or demands for various compliance assessments or certifications.  These organizations might wonder, “How can my ISO 27001 certification fit the needs for a SOC 2 report?” and vice versa.  Below we have outlined the similarities and differences between an ISO 27001 certification and a SOC 2 examination.

Blog Feature

By: RYAN MACKIE
February 12th, 2015

In the last 12 months, the Cloud Security Alliance (CSA) has made great strides in enhancing their CSA Security, Trust and Assurance Registry (STAR) Program. In brief, the STAR Program is a publicly available registry designed to recognize assurance requirements and maturity levels of cloud service providers (CSPs). Prior to issuing the guidance for STAR Certification and STAR Attestation, a CSP could only perform a self-assessment, which meant completing the Consensus Assessments Initiative questionnaire (CAIQ) and making the responses publicly available on the CSA Register. The CAIQ was completed in several different ways and the content varied from short answers to full-page responses. It was relevant information but not independently validated. This created a path for the STAR Certification and STAR Attestation Programs.