Upcoming Webinar | AI Meets ISO: What Makes ISO 42001 Different from ISO 27001 & 27701 on July 17th @ 1:00 PM ET

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Federal Assessments | StateRAMP

By: Jon Coffelt
July 9th, 2024

For those wanting to acquaint themselves with StateRAMP, we’ve put together answers to some of the most frequently asked questions we receive as an experienced Third-Party Assessment Organization (3PAO).

Blog Feature

ISO Certifications | ISO 27001

By: Emirhan Ozsoy
July 3rd, 2024

Ever been on the road with Google Maps or something similar handling your navigation? Whether you’ve driven the route from Point A to Point B before, or if this is your first time making your way, we’re grateful for the assistance and confirmation that we’re taking the right steps.

Blog Feature

Penetration Testing

By: Josh Tomkiel
June 27th, 2024

In our experience as cybersecurity experts and highly qualified penetration testers, there are typically three reasons why you may move forward with a penetration test and start looking around for a provider. Making that initial decision to move forward with an assessment like this is a big step, but what should you do after you make it?

Blog Feature

Cybersecurity Assessments

By: Chris Smith
June 24th, 2024

As of June 2024, the European Union's Digital Operational Resilience Act (DORA) is set to become a pivotal piece of legislation impacting financial institutions and their Information and Communication Technology (ICT) service providers. Designed to improve the stability and security of the financial sector amidst increasing cyber threats, DORA mandates several rigorous standards that organizations under its purview will need to accommodate.

Blog Feature

Healthcare Assessments

By: Jerrad Bartczak
June 20th, 2024

In the 2018 Marvel film Black Panther, genius inventor Princess Shuri quips that “just because something works does not mean it cannot be improved.” It’s a message the healthcare industry has taken to heart, as it has continuously searched for ways to improve the patient experience.

Blog Feature

News | Compliance and Certification

By: KEVIN KISH
June 18th, 2024

In the fast-paced world of business, trust and credibility are table stakes. You've likely invested in compliance certifications to demonstrate your commitment to industry standards. But are you prepared to meet the rising expectations of a new generation of stakeholders who demand more than just compliance?

Blog Feature

Penetration Testing

By: Josh Tomkiel
June 16th, 2024

Picture this: you've signed up for a social engineering attack as part of your organization's penetration test, specifically an email-based phishing campaign. The penetration testing firm is asking you to allow list their campaign through your mail filters and other technical controls. You have all those advanced protections in place - spam filters, web proxies, next-generation phishing protections - designed to protect your end users from phishing attacks. Yet, when it comes to assessing the very risk these controls are meant to mitigate, should you lower them for the tester specifically for the purpose of the test?

{