Upcoming Webinar | AI Meets ISO: What Makes ISO 42001 Different from ISO 27001 & 27701 on August 14th @ 1:00 PM ET

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Cybersecurity Assessments | Compliance and Certification

By: Kate Weber
July 23rd, 2025

As the EU's digital landscape evolves, so does its regulatory environment. With the NIS2 Directive, the Cyber Resilience Act (CRA), and the Digital Operational Resilience Act (DORA) all advancing on different timelines, organizations must prepare for a complex yet increasingly harmonized set of cybersecurity and resilience expectations.

Blog Feature

Compliance and Certification | Federal Assessments | Audit Readiness

By: Andrew Daniel
July 22nd, 2025

The National Security Division (NSD) of the U.S. Department of Justice (DOJ) issued a Final Rule announcing a new Data Security Program (DSP) under Executive Order 14117: Preventing Access To Americans' Bulk Sensitive Personal Data And United States Government-Related Data By Countries Of Concern. Focused on protecting “covered data” transactions, the goal of the DOJ’s Final Rule is clear—prevent access to U.S government-related data and Americans’ sensitive personal data from:

Blog Feature

Compliance and Certification | ISO Certifications | SOC Examinations

By: Lauren Edmonds
May 7th, 2025

Organizations complete mergers and acquisitions (M&A) all the time, be it for growth and expansion, to further synergize or diversify, or for other incentives. And as varied as your reason(s) may be for your latest realignment, there is one consistent impact M&A has no matter the driver—the effect on your ongoing compliance cycles. As such, you need to have a plan to properly adjust, especially since there are different paths you can take when accommodating such an organizational shift.

Blog Feature

Cybersecurity Assessments | Payment Card Assessments | Compliance and Certification | Privacy Assessments | Federal Assessments | Crypto and Digital Trust | ISO Certifications | Healthcare Assessments | SOC Examinations

By: Christian Underkoffler
April 30th, 2025

In today’s complex and constantly evolving regulatory environment, businesses face an ever-growing array of compliance requirements across multiple frameworks ranging from FedRAMP, PCI, ISO, GDPR, and HIPAA, to name a few. Navigating these compliance waters is increasingly challenging, particularly with regards to cybersecurity and data protection. However, there are measures you can take to significantly refine your compliance processes. In this article, we will explore how streamlining all of your compliance efforts with a single trusted provider can not only simplify your processes but also enhance your overall security posture.

Blog Feature

Compliance and Certification

By: Andrew Broderick
August 16th, 2024

When positioning your organization to achieve its SOX ITGC objectives and reporting obligations, you can’t take any chances for fear of negative fallout. And while establishing a team of dedicated internal IT audit professionals can help streamline those processes, there are challenges in maintaining such a team—just as there are advantages to substituting an independent IT audit team instead.

Blog Feature

News | Compliance and Certification

By: KEVIN KISH
June 18th, 2024

In the fast-paced world of business, trust and credibility are table stakes. You've likely invested in compliance certifications to demonstrate your commitment to industry standards. But are you prepared to meet the rising expectations of a new generation of stakeholders who demand more than just compliance?

Blog Feature

Compliance and Certification | HDS Certification

By: Robert Tylka
May 30th, 2024

Back in 2018, the French government introduced—by way of its Public Health Code (Article L.1111-8)— HDS certification, mandating that all entities hosting personal health data must successfully achieve certification. Now, in 2024, they’ve published a new HDS framework with changes, expositions, and removals of language that organizations affected will need to know in order to comply.

Blog Feature

Compliance and Certification

By: Andrew Broderick
March 12th, 2024

As technology continues to evolve and become more robust, organizations have realized they need expertise and to be proactive in identifying risks and implementing controls. But even as new solutions are introduced, the backbone of many compliance and cybersecurity initiatives—including SOX— remains an organization’s internal technology general controls (ITGCs).

{