Blog

As technology continues to evolve and embed itself more into society, regulations to govern its use and protect consumers are struggling to keep up in parts of the world. But not so in the European Union (EU), where they’ve recently made progress on a wave of new cyber legislation—among those is the NIS 2 Directive.

This week marks the first anniversary of Schellman's Weekly Read—over the past year, we've sent a Friday email to subscribers containing links to our latest and greatest content. To mark the occasion—fifty-two straight weeks of thought leadership and compliance insight, we've put together the Schellman Weekly Read Top 5 Posts (as determined by most clicks).

Though society has, these days, moved firmly into the digital age where emails, texts, and the online world dominate both communication and cyber-attack vectors, it might not occur to people—or organizations—that some scams are still perpetuated over the phone in what’s called a vishing attack.

For those financial institutions involved in international transactions, compliance with the security requirements set forth by the Society for Worldwide Interbank Financial Telecommunication (SWIFT)—otherwise known as its Customer Security Programme (CSP), which aims to better secure the global financial community against cyber threats. One part of the Programme includes the SWIFT Customer Security Controls Framework (CSCF), which was updated in 2024 and now mandates controls around the protection of outsourced critical activity.

Ugh, it’s happened—during your SOC examination, your service auditor identified a deviation from your intended process, and that resulted in a testing exception. Given that your customers (and other stakeholders) are relying on your SOC report for reassurance regarding the effectiveness of your controls, you need to address that deviation—but how?

Among the growing concerns regarding climate change, social inequality, and corporate responsibility, (environmental, social, and governance) ESG reporting has become a tool for businesses to demonstrate their commitment to sustainability.

TAMPA, Fla. – July 10, 2024 – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is excited to announce the appointment of Alyson Young Castillo as its new Chief Growth Officer. Castillo, with her extensive experience in tech, advisory, and professional services, will spearhead Schellman’s accelerated growth initiatives.

For those wanting to acquaint themselves with StateRAMP, we’ve put together answers to some of the most frequently asked questions we receive as an experienced Third-Party Assessment Organization (3PAO).