Contact a Specialist
Services
SOC & Attestations
Payment Card Assessments
ISO Certifications
Privacy Assessments
Federal Assessments
Healthcare Assessments
Penetration Testing
Cybersecurity Assessments
Crypto and Digital Trust
Schellman Training
ESG & Sustainability
Build Your Compliance Roadmap
Industry Solutions
Cloud Computing & Data Centers Meet a broad range of regulatory and industry compliance mandates for your customers
Financial Services & Fintech Cybersecurity assessments for both the banking industry and the financial service providers
Healthcare Reporting to manage risk and adhere to applicable laws and regulations
Payment Card Processing Validate compliance with the various forms of the PCI DSS
US Government Achieve authorization to work for federal agencies, DoD, and the associated contractor base
Higher Education & Research Laboratories Reinforce your commitment to securing your student's and institution's data.
View All Industry Solutions
Learning Center
Articles
Whitepapers
Video
Case Studies
Events & Live Webinars
On-Demand Webinars
Schellman Training
Visit the Learning Center
Our Process
About Us
Leadership Team
Careers
Corporate Social Responsibility
Strategic Partnerships
Visit About Us
Services
Services
View All Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
Industry Solutions
Industry Solutions
View All Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
Learning Center
Learning Center
Visit the Learning Center
Articles
Articles
Whitepapers
Whitepapers
Video
Video
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Schellman Training
Schellman Training
Our Process
About Us
About Us
About Schellman
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships
Contact a Specialist

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Subscribe to Weekly Updates

Blog Feature

Federal Assessments | CMMC

What is the Joint Surveillance Program?

By: Marci Womack
November 9th, 2023

Back in August 2022—while rulemaking for the Cybersecurity Maturity Model Certification (CMMC) was ongoing (as it still is)—the Joint Surveillance Program (JSP) was sanctioned by the DoD and CyberAB as an interim step in the CMMC program that allowed organizations to pursue a formal DIBCAC High (NIST 800-171) assessment.

Read More
Blog Feature

HITRUST | Healthcare Assessments

Explaining the Artificial Intelligence Requirements within HITRUST CSF v11.2.0

By: Jerrad Bartczak
November 7th, 2023

To accommodate the ever-evolving cybersecurity threat landscape, HITRUST has released HITRUST CSF v11.2.0, updating its framework to include more pertinent concepts—one of the most notable additions is artificial intelligence (AI) risk management content.

Read More
Blog Feature

ISO Certifications | ISO 42001

How ISO 42001 “AIMS” to Promote Trustworthy AI

By: DANNY MANIMBO
November 3rd, 2023

The regulation and responsible use of artificial intelligence (AI) has been a hot topic of 2023, prompting the release of NIST’s AI Risk Management Framework to help organizations secure this emerging tech. More standards are on the way that will address the need to implement safeguards addressing the security, safety, privacy, fairness, transparency, and data quality of AI systems throughout their life cycle—including ISO/IEC 42001.

Read More
Blog Feature

Payment Card Assessments | PCI SSF

A Conceptual Approach to the PCI Software Security Framework

By: Sully Perella
November 2nd, 2023

Comprised of both the PCI Secure Software Lifecycle (Secure SLC) Standard and PCI Secure Software Standard, the PCI Software Security Framework (SSF) is intended to help secure the design, development, and maintenance of software in payment environments. And while secure coding can be difficult, taking a conceptual approach to software development may make it—and PCI SSF compliance—a little easier.

Read More
Blog Feature

HIPAA | Healthcare Assessments

Best Practices for Conducting HIPAA Risk Assessments

By: Schellman
October 31st, 2023

If you’re in healthcare, you likely already know that maintaining HIPAA compliance requires a very thorough risk assessment. What you may not know is that HIPAA risk assessments are also an aspect of the law that is too often overlooked.

Read More
Blog Feature

Cybersecurity Assessments

Summary of President Biden's Executive Order - A Move Toward Safe, Secure, and Trustworthy AI

By: AVANI DESAI
October 30th, 2023

President Biden has issued a groundbreaking Executive Order to steer America toward leadership in harnessing the potential of artificial intelligence (AI) while managing its associated risks.

Read More
Blog Feature

Payment Card Assessments | PCI DSS v4.0

The New Report Dates in PCI DSS v4.0 Explained

By: MATT CRANE
October 26th, 2023

To address some of the past confusion regarding the dating of PCI reports, the PCI Security Standards Council (SSC) has altered the report date methodology for PCI DSS v4.0 to provide more clarity and consistency to this process.

Read More
Blog Feature

Federal Assessments | CMMC

What is CMMC?

By: Schellman
October 24th, 2023

The Cybersecurity Maturity Model Certification (CMMC) is a new framework that aims to better secure federal contract information (FCI) and controlled unclassified information (CUI) that is stored, processed, or transmitted by defense contractors and the entire defense industrial base (DIB).

Read More

Previous All posts Next

Schellman

4010 W Boy Scout Boulevard, Suite 600
Tampa, FL 33607

U.S. 1.866.254.0000

Outside the U.S. 1.813.288.8833

Services
Industries
Resources
Company

© SchellmanPrivacy PolicyTerms

“Schellman” is the brand name under which Schellman & Company, LLC and Schellman Compliance, LLC provide professional services. Schellman & Company, LLC and Schellman Compliance, LLC practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations and professional standards. Schellman & Company, LLC is a licensed certified public accounting firm (Florida license number AD62941) registered with the Public Company Accounting Oversight Board (PCAOB) that provides attest services to its clients, and Schellman Compliance, LLC provides nonattest cybersecurity and compliance professional services to its clients. Schellman Compliance, LLC is not a licensed CPA firm. Schellman & Company, LLC and Schellman Compliance, LLC are independently owned and are not liable for the services provided by any other entity providing services under the Schellman brand. Our use of the terms “our firm” and “we” and “us” and terms of similar import, denote the alternative practice structure conducted by Schellman & Company, LLC and Schellman Compliance, LLC.