Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

ESG

By: Tom Andresen Gosselin
March 28th, 2024

As part of the fight against the effects of climate change, a global effort has been kickstarted to reduce the use and production of hydrofluorocarbons (HFCs) due to their high global warming potential (GWP). For their part in this HFC phasedown, the Environmental Protection Agency (EPA) is asking organizations to report their HFC allowance, and the deadline to do so is May 31, 2024.

Blog Feature

Federal Assessments

By: Charles Turnbow
March 26th, 2024

If you’re considering undergoing a FedRAMP High Assessment, you must understand that this is the most rigorous baseline among the standard FedRAMP options, making it a daunting—if necessary—endeavor. What would likely help is knowing what’s coming in more detail so that you can better prepare.

Blog Feature

Payment Card Assessments

By: Roberto Davila
March 21st, 2024

Incident response has always been an important component of PCI DSS—in Requirement 12.10, the standard provides critical guidelines for the timeliness, preparedness, and continuous improvement of incident response management. That being said, new related requirements and clarifications have been introduced under v4.0 that add complexity and effort to the mandates from v3.2.1.

Blog Feature

ESG

By: Nisha Ellis
March 20th, 2024

As the scrutiny on environmental impact grows, more and more organizations are looking for ways that can help them both satisfy emerging regulations and customer concerns regarding the sustainability of their practices. And while there are a few options that may suit, ISO 14001 represents one particularly advantageous avenue.

Blog Feature

News

By: Schellman
March 19th, 2024

TAMPA, Fla. – March 19, 2024 – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, today announced the appointment of Christopher Kouzios as the company's new Chief Information Officer. With his exceptional expertise in information security initiatives, Kouzios is set to spearhead Schellman's technology initiatives including advancing the firm’s Artificial Intelligence endeavors.

Blog Feature

Penetration Testing | Artificial Intelligence

By: JOSH TOMKIEL
March 14th, 2024

Did you recently implement a new artificial intelligence (AI) feature within your application and now your customers are starting to ask for AI-specific penetration tests? Are you curious as to how an assessment like that would work? As with all these exercises, it starts with scoping.

Blog Feature

Cybersecurity Assessments | Artificial Intelligence

By: DANNY MANIMBO
March 13th, 2024

In a move that now positions the 27-nation bloc as a global leader in regulating artificial intelligence (AI), European Union lawmakers have granted final approval to the Artificial Intelligence (AI) Act, a pioneering legislation that sets a precedent for other jurisdictions grappling with the challenges of AI regulation.

Blog Feature

Compliance and Certification

By: Andrew Broderick
March 12th, 2024

As technology continues to evolve and become more robust, organizations have realized they need expertise and to be proactive in identifying risks and implementing controls. But even as new solutions are introduced, the backbone of many compliance and cybersecurity initiatives—including SOX— remains an organization’s internal technology general controls (ITGCs).

{