Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Payment Card Assessments | PCI DSS

By: David Baca
April 30th, 2024

In the intricate world of payment security, navigating the labyrinthine requirements of the Payment Card Industry Data Security Standard (PCI DSS) can feel like deciphering code. But for merchants using virtual payment terminals, the PCI DSS SAQ C-VT emerges as a beacon of hope that offers a simplified path towards compliance.

Blog Feature

Healthcare Assessments | HITRUST

By: Michael Seegel
April 24th, 2024

Though HITRUST released v11 of the HITRUST CSF back in January 2023, as of April 16, 2024, HITRUST released CSF v11.3. Standard practice is for HITRUST to update their CSF annually—at a minimum—and this v11.3 is a relatively minor revision with two main differences:

Blog Feature

Healthcare Assessments | HITRUST

By: Michael Williams
April 23rd, 2024

For any organization committed to robust cybersecurity hygiene, due diligence isn’t just for your interior systems, operations, facilities, and people—it also requires vetting your service relationships with suppliers to ensure they’re also secure. This is something Microsoft clearly understands, given their rigorous Supplier Security & Privacy Assurance (SSPA) Program they require. And for said suppliers participating in the SSPA Program, there are benefits to further extending your security compliance through HITRUST certification.

Blog Feature

Penetration Testing

By: Tyler Petersen
April 18th, 2024

When many think of a “penetration test,” the first thing that may spring to mind is cybersecurity. But in fact, you do have the option to conduct a physical penetration test—or, a simulation of a physical attack on your premises.

Blog Feature

News

By: Schellman
April 16th, 2024

TAMPA, Fla. – April 16, 2024 – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is pleased to announce that the firm is now able to support Australia’s Infosec Registered Assessors Program (IRAP) assessments. This milestone marks a significant advancement in the firm’s global capabilities, enabling it to provide comprehensive cybersecurity evaluations tailored to the needs of organizations with an Australian presence.

Blog Feature

Cybersecurity Assessments | Artificial Intelligence

By: Jerrad Bartczak
April 15th, 2024

In January 2024, the AI Governance Alliance—an arm of the World Economic Forum (WEF)— released a series of three papers covering several important artificial intelligence (AI) topics:

Blog Feature

Payment Card Assessments

By: Jesse Eldell
April 11th, 2024

m;These days, to survive amidst the fierce competition of online commerce, merchants must prove they can safeguard sensitive cardholder data, and that means attaining and maintaining PCI compliance. And while the Self-Assessment Questionnaire (SAQ) A is often considered one of the more appealing routes to achieving that compliance, PCI DSS v4.0 has added new requirements to the SAQ A regarding Approved Scanning Vendor (ASV) scans.

Blog Feature

ISO Certifications | ESG

By: Tom Andresen Gosselin
April 9th, 2024

On February 23, 2024, ISO (along with the International Accreditation Federation (IAF)) published short amendments to all standards aligned with its Harmonized Structure. In the form of new requirement language and one additional note, ISO has now adapted climate change concerns as considerations for a wide range of popular certifications.

{