Upcoming Webinar | AI Meets ISO: What Makes ISO 42001 Different from ISO 27001 & 27701 on August 14th @ 1:00 PM ET

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Compliance and Certification | Federal Assessments | Audit Readiness

By: Andrew Daniel
July 22nd, 2025

The National Security Division (NSD) of the U.S. Department of Justice (DOJ) issued a Final Rule announcing a new Data Security Program (DSP) under Executive Order 14117: Preventing Access To Americans' Bulk Sensitive Personal Data And United States Government-Related Data By Countries Of Concern. Focused on protecting “covered data” transactions, the goal of the DOJ’s Final Rule is clear—prevent access to U.S government-related data and Americans’ sensitive personal data from:

Blog Feature

Cybersecurity Assessments | Audit Readiness

By: Natasha Camacho
April 17th, 2025

In cybersecurity, identifying and assessing vulnerable services is essential for effectively protecting an organization’s security stance. Two crucial elements that influence service security are protocols and ports.

Blog Feature

Education | Audit Readiness

By: Michelle Hale
March 12th, 2025

Adhering to a single security framework alone is likely no longer sufficient for providing the protection and assurance needed for today’s complex and evolving security and compliance landscape. Whether prospects and customers are demanding different assurances, you’ve adopted new technologies that warrant particular controls, or you’re trying to break into a new market that features its own specific compliance as a prerequisite, it's common for your organization to be on the hook for multiple assessments.

Blog Feature

SOC Examinations | Audit Readiness | SOC 2

By: Hunter Meacham
February 4th, 2025

Opting for a readiness assessment ahead of your SOC 2 examination is—while optional—a beneficial extra step when seeking compliance. Do you remember taking a practice test while preparing for an exam in school? Such a move could never hurt your chances of success. That being said, there are some things you should understand ahead of your readiness assessment that can help demystify your experience.

Blog Feature

Audit Readiness

By: JORDAN HICKS
August 29th, 2024

Whether you’ve already completed your first audit or you’re planning your compliance calendar for the new year, you know that compliance is more than a bullet point on a strategy slide deck—it’s a serious investment and a process that will recur year-over-year, so you can’t drop the ball in between assessments, especially amidst an ever-evolving cyberthreat landscape. To help your organization remain safeguarded between your audit cycles, you should seek to strengthen and streamline your compliance—the good news is, there are ways to do that.

Blog Feature

Assurance / Service Audits | Audit Readiness

By: Robert Tylka
January 11th, 2024

In the dynamic world of business, where compliance is becoming more important either as requested assurance from customers or a key market differentiator, more and more organizations are turning to assessment firms to help them communicate these advantages. And while some will always look at compliance in the most oversimplified, checkbox manner, many customers and regulators recognize good (and poor) quality of delivery.

Blog Feature

SchellmanLife | Audit Readiness

By: Megan Sajewski
January 2nd, 2024

Benjamin Franklin once said, “By failing to prepare, you are preparing to fail.”

Blog Feature

Compliance and Certification | Audit Readiness

By: JORDAN HICKS
February 21st, 2023

Auditors. We’re an odd breed. “A necessary pain in the tuchus,” some may say. Admittedly, we’re not everyone’s cup of tea. In fact, in our 20+ years of experience, we’ve seen the word “auditor” invite various visceral responses. To be sure, organizations aren’t always enthusiastic about inviting us assessors in to do the requisite checks, despite the benefits of doing so (and despite being invited guests).

{