The Schellman Blog

If you order a martini from a bar, the bartender will likely make it the standard way: gin, bitters, vermouth, and a twist of lemon. If you go to a different spot, the mixologist might make it with vodka instead of gin and garnish with an olive. Maybe one time, you request it shaken not stirred. No matter which way you order, you have final say on how you address your need for a martini.

Today, after much anticipation, ISO announced that ISO/IEC 27001:2022 has officially been published. Ever since ISO/IEC 27002:2022 was published in February of this year, the industry has waited for this—that includes Schellman.

American journalist Sydney J. Harris once said that “the two words 'information' and 'communication' are often used interchangeably, but they signify quite different things. Information is giving out; communication is getting through.”

If your organization is pursuing ISO 27701 certification, you may face unforeseen challenges that can potentially slow down the entire process. Many times, they just crop up suddenly, derailing your hopes of providing privacy assurances to your customers (at least temporarily). As an ISO Certification Body, Schellman has performed countless 27701 certification assessments over the years, and our clients have encountered some of the same gaps many times over. Now, we want to help you avoid them.

If you know the game of football, you know that the quarterback runs the show. He calls the plays, reads the defense, and leads the team—that position is often considered the primary factor in a team’s success. You won’t win the game if the QB doesn’t perform.

According to the United States Department of Transportation, more than 50% of the combined total of fatal and injury crashes occur at or near intersections. It makes sense then for drivers to take special care when navigating these spots on the road.

If you’re running a business online, you’re likely providing an application program interface (API) on your website that allows your customers or business partners to enter and retrieve data. At Schellman, we primarily see REST-based APIs, but we’ve also tested GraphQL and occasionally SOAP.

Ever seen those jugglers that manage to balance multiple spinning plates at the same time? As impressive as it is, you figure you’d be happy to spin just the one plate successfully. For cloud service providers (CSPs), you have lots of different proverbial compliance “plates” to choose to channel your effort into—the trick is knowing the differences and which is best for you.