TAMPA, Fla. – April 16, 2024 – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is pleased to announce that the firm is now able to support Australia’s Infosec Registered Assessors Program (IRAP) assessments. This milestone marks a significant advancement in the firm’s global capabilities, enabling it to provide comprehensive cybersecurity evaluations tailored to the needs of organizations with an Australian presence.

In January 2024, the AI Governance Alliance—an arm of the World Economic Forum (WEF)— released a series of three papers covering several important artificial intelligence (AI) topics:

On February 23, 2024, ISO (along with the International Accreditation Federation (IAF)) published short amendments to all standards aligned with its Harmonized Structure. In the form of new requirement language and one additional note, ISO has now adapted climate change concerns as considerations for a wide range of popular certifications.

Amidst the evolving patchwork of data protection and privacy legislation in the United States, privacy remains a top priority for organizations. But protecting privacy also requires resources, and while not all organizations have that much to spare, it is possible to make do with only a small, dedicated team.

Trying to keep up with the rapidly emerging and evolving governance of AI? Struggling to figure out how to address customer misgivings about your AI systems?

As part of the fight against the effects of climate change, a global effort has been kickstarted to reduce the use and production of hydrofluorocarbons (HFCs) due to their high global warming potential (GWP). For their part in this HFC phasedown, the Environmental Protection Agency (EPA) is asking organizations to report their HFC allowance, and the deadline to do so is May 31, 2024.

If you’re considering undergoing a FedRAMP High Assessment, you must understand that this is the most rigorous baseline among the standard FedRAMP options, making it a daunting—if necessary—endeavor. What would likely help is knowing what’s coming in more detail so that you can better prepare.

Incident response has always been an important component of PCI DSS—in Requirement 12.10, the standard provides critical guidelines for the timeliness, preparedness, and continuous improvement of incident response management. That being said, new related requirements and clarifications have been introduced under v4.0 that add complexity and effort to the mandates from v3.2.1.