By:
Danny Manimbo
July 16th, 2026
In 2020, Microsoft made a sweeping commitment to be carbon negative by 2030 and remove all the carbon it had ever emitted since 1975. It was ambitious, inspiring, and, as of 2025, slipping further out of reach. Microsoft leaders originally referred to their sustainability goals as a “moonshot,” and in their own words from their 2025 Environmental Sustainability Report, the moon has gotten further away.
By:
Douglas Barbin
July 14th, 2026
On July 13, 2026, the Department of War (DoW) immediately suspended CMMC Phase II — specifically, the requirement for third-party (C3PAO) certification assessments that had been set to take effect November 10, 2026. CMMC Phase I self-assessment requirements for CMMC Levels 1 and 2, and the related NIST SP 800-171 / DFARS 252.204-7012 obligation to safeguard federal data, are unchanged.
By:
Schellman
June 30th, 2026
Schellman, a leading provider of cybersecurity attestation and compliance services, announces that Sachin Bansal has joined the firm as Chief Operating Officer. Bansal leads global operations, global expansion, strategy, and transformation, partnering closely with Chief Executive Officer Avani Desai and the executive leadership team to support the firm’s next phase of growth.
FedRAMP | Federal Assessments | SOC 2
By:
Matt Hungate
June 29th, 2026
If you’ve heard “FedRAMP” and immediately thought “that’s a year-long, million-dollar project we’re not ready for” — this post is for you. A lot has changed. The program's new Class A certification tier was built specifically for companies that have already done the hard work of achieving SOC 2 Type II. Here’s what your SOC 2 actually gets you, and why the path to the federal marketplace may be shorter than you think.
FedRAMP | News | Federal Assessments
By:
Schellman
June 25th, 2026
Schellman, the nation's No. 1 FedRAMP Independent Assessor, breaks down the most significant restructuring of the federal cloud security program since its 2011 inception.
By:
Matt Hungate
June 25th, 2026
On June 24, 2026, FedRAMP published the Consolidated Rules for 2026, featuring a sweeping overhaul of the policies, requirements, and terminology that govern how cloud service providers (CSPs) obtain and maintain FedRAMP Certification. The rules are effective July 4, 2026, for 20x CSPs and replace a patchwork of legacy guidance documents, memoranda, and program policies with a single machine-readable, structured ruleset. For existing Rev5 CSPs, most requirements become mandatory on January 1, 2027, with optional early adoption available immediately.
Artificial Intelligence | ISO 42001
By:
Matthew Gierl
June 17th, 2026
ISO/IEC 42001:2023 is the first international standard for an Artificial Intelligence Management System (AIMS). Structured similarly to other ISO management system standards, like ISO 27001, with mandatory clauses 4 through 10 and an Annex A control set, it shares the same Plan-Do-Check-Act logic familiar to any management system practitioner.
By:
Matt Hungate
June 4th, 2026
This article was drafted based on a LinkedIn Live discussion between Schellman’s Matt Hungate (Managing Principal, Federal Practice) and Jacob Karp (VP of Strategic Sales). View their full conversation here.