Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Schellman

Schellman is a leading provider of attestation and compliance services. We are the only company in the world that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body, HITRUST CSF Assessor, a FedRAMP 3PAO, and most recently, an APEC Accountability Agent. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Our approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives through a single third-party assessor.

Blog Feature

Artificial Intelligence | ISO 42001

By: Schellman
September 30th, 2024

ISO/IEC 42001:2023 has rapidly become the global standard for Artificial Intelligence (AI ) governance. While it is a close cousin of ISO/IEC 27001:2022, ISO 42001—rather than focusing primarily on cyber and information security—takes a more holistic approach to risk management for AI systems.

Blog Feature

Privacy Assessments | ISO Certifications | ISO 42001

By: Schellman
September 26th, 2024

Within a few months of their latest update to their Data Protection Requirements (DPR) to address a coding incident (version 9.1), Microsoft released a draft or “pre-read” for their version 10 requirements that will be utilized for its Supplier Security and Privacy Assurance (SSPA) process as of the 2025 fiscal year. Arguably the largest update to the DPR since September 2018, v10’s new mandates address artificial intelligence (AI) and include important references to ISO 42001 that suppliers may want to take advantage of during their next compliance cycle.

Blog Feature

News | ISO Certifications | Artificial Intelligence

By: Schellman
September 24th, 2024

Underscoring the firm's commitment to responsible AI, this accreditation enables Schellman to certify organizations against the first global AI standard of its kind

Blog Feature

Healthcare Assessments

By: Schellman
September 24th, 2024

In the healthcare industry, artificial intelligence (AI) is being used to save lives—using data sets, these systems are being trained to examine imaging and successfully detect potential health risks, like cancer. However, as with every technological development and shift in its use, new risks have also emerged related to the use of AI, as have measures to help mitigate them—one of which is the HITRUST AI Risk Management Assessment.

Blog Feature

Cybersecurity Assessments

By: Schellman
August 27th, 2024

Back in March 2022, the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was signed into law as yet another regulation aiming to enhance federal cybersecurity by requiring critical infrastructure entities to report cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA). Two years later, on April 4, 2024, CISA published its proposed rule to codify CIRCIA’s specific mandates, which are expected to take effect in 2026.

Blog Feature

News

By: Schellman
August 21st, 2024

TAMPA, Fla. – August 21, 2024 – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is excited to welcome six distinguished leaders to its inaugural Advisory Board, marking a significant move to bolster leadership.

Blog Feature

Healthcare Assessments

By: Schellman
August 20th, 2024

Ever been to a water park and gone down one of those enormous slides? If so, you likely remember there being a park lifeguard at the top of the slide and near the bottom to ensure your continued safety. But imagine if those employees weren’t trained in safety and first aid—of course, the ride was likely designed well and with other safeguards, but it would make for a serious oversight by the park to do all that while not also ensuring their employees keep guests safe.

{