The Schellman Blog

As the world becomes increasingly digital, governments globally have taken measures to ensure the safety and security of their citizens' data.

Auditors. We’re an odd breed. “A necessary pain in the tuchus,” some may say. Admittedly, we’re not everyone’s cup of tea. In fact, in our 20+ years of experience, we’ve seen the word “auditor” invite various visceral responses. To be sure, organizations aren’t always enthusiastic about inviting us assessors in to do the requisite checks, despite the benefits of doing so (and despite being invited guests).

“New year, new me!”

When developing software securely, many organizations have traditionally relied primarily on administrative security controls—i.e., policy and procedure documents that dictate change control processes and the different steps that need to be completed to remain compliant.

In 2004, the campaign Go Red For Women was born to raise awareness among women about their greatest health threat—heart disease. Slowly, the campaign grew into a movement bringing together thousands of women.

So you’ve committed to an audit. Your customers were asking, or maybe a new regulation came into effect that your organization is now subject to—whatever the reason was, you’ve got to get audited because your audit team is confirmed.

When it comes to cybersecurity certifications, you have a lot of options, though the Certified Information Systems Security Professional (CISSP) stands out among them—it’s one of the most popular and recognized certifications in our industry, so much so that many companies require it as a prerequisite in their job postings or for promotion.

Prolific and unique musician MF Doom once said, “I'm always trying to show versatility. I'm juggling, and I'm flipping fire, and I'm chewing gum and rhyming at the same time... on a unicycle, while playing the drums.”