<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">

LIVE WEBINAR: SOC for Software - How SOC for Supply Chain Reduces Software Risk | July 29th

Contact a Specialist
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Compliance Reliance
Compliance Reliance
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

Blog

The Schellman Advantage Blog

Stay up to date with the latest compliance news from the Schellman Advantage blog.

Blog Feature

Cloud Computing | Compliance and Certification | BrightLine

By: KRISTEN WILBUR
January 19th, 2016

Implementing a new compliance initiative is one of the biggest challenges companies and compliance officers face. Many times, employees see new compliance initiatives as a response to something that went wrong. However, in reality, most new compliance initiatives are the result of changing laws, regulations, company contracts and meeting best practices. If you plan to launch a new compliance initiative in 2016, here are some key tips to help ensure it takes root.

Blog Feature

SOC 2 | SOC Reports | BrightLine | SOC 1

By: RYAN BUCKNER
January 5th, 2016

Think of your auditing firm like you would a long-term business partner. They are someone you will work with year after year, and they will be an integral part of setting the stage for your organization’s success. As such, the act of selecting the appropriate assessor shouldn’t be taken lightly. Here are several key qualities your organization should look for when choosing an auditing firm:

Blog Feature

Compliance and Certification | Education | BrightLine

By: Schellman
November 24th, 2015

Effective compliance and risk management goes far beyond a set of policies. To be effective, a company’s compliance and risk management program must be embedded in its culture. All too often, companies see compliance as a separate activity that does not need to be integrated into the day-to-day business operations. All employees should share responsibility, and an intelligent risk framework should be created that brings compliance out in the open — letting employees know the importance of compliance while allowing them to communicate. But that’s often easier said than done.

Blog Feature

BrightLine

By: MATT WILGUS
October 6th, 2015

Technology advancements move at a blistering pace and the integration of new development languages, frameworks, databases and the like is also quickening. Some new technologies become the foundation for new companies. These new companies need to be continually vigilant in knowing their offerings are secure and they need to be able to demonstrate a level of security to their customers. In addition to frequently being required to meet compliance requirements, these organizations are using security to differentiate their offerings or expand into new verticals. Our clients frequently develop a solution for a particular industry and then find other verticals that may benefit from something similar. During times of expansion, we often get asked about the best methods to establish trust with a new customer base. While different approaches may work better for certain industries, below are three ways an organization can consider when attempting to establish trust with a potential customer.

Blog Feature

QAR | BrightLine | Assurance / Service Audits

By: Schellman
May 22nd, 2014

Effective January 1, 2002, the Institute of Internal Auditors (IIA) released updated standards in the International Professional Practices Framework (IPPF). Internal auditing departments, according to Standard 1312 of the IPPF, must complete an external assessment once every five years from a qualified independent assessor or assessment team. In addition, the chief audit executive (CAE) must discuss the form and frequency of external assessments and the qualifications and independence of the external assessor or assessment team with the board of directors. Standards (unlike practice advisories, practice guides and position papers) are principal focused mandatory requirements consisting of statements for the professional practice of internal auditing and for evaluating the effectiveness of performance which are applicable at the organizational and individual levels.

Blog Feature

SOC 2 | SOC Reports | BrightLine | SOC 1

By: AVANI DESAI
January 31st, 2013

Source - Workforce Management Channel Today’s business environment is compliance heavy, under continuous scrutiny and intertwined with customer and legislative requirements. However, companies must still ensure compliance with the myriad of standards, requirements, laws, and regulations, such as SSAE 16 Examination (SOC 1), SOC 2/3 Examination, ISO Certification, FedRAMP Assessment, and hundreds more, across all areas of governance and programs.