Blog

Schellman & Company, LLC, a leading provider of attestation and compliance services, has become an assessor in the PCI Security Standards Council’s new 3-D Secure (3DS) program, and can assess entities against the PCI 3DS Core Security Standard. This includes entities performing functions of a 3DS Server, Access Control Server, or Directory Server.

Ask Stephen Halbrook what's been the biggest factor to his success so far and he'll say, above all other things, "not only being presented with opportunities at the firm, but excelling with those opportunities through work ethic and dedication to the firm's vision of 'Quality, above all.'

Originally published by Consulting Magazine

Tampa, FL – May 2, 2018 – Schellman & Company, LLC, a leading provider of attestation and compliance services, is proud to announce that Avani M. Desai has been named the new President of the company.

TAMPA, Fla., March 21, 2018 /PRNewswire/ -- Achieving a goal many years in the making, Tampa based CPA firm,  Schellman & Company, LLC (Schellman), a leading provider of attestation and compliance services, has been named one of the largest CPA firms in the United States by Accounting Today.  Previously unranked, Schellman's annual revenue of nearly $50 million earned the company the 89th spot in the latest "Top 100 Firms" report, along with the distinction of being the youngest company among the ranked firms.

A few weeks ago, HITRUST unveiled changes to its HITRUST Certification program that will certainly have an impact on healthcare organizations of all sizes.  The two biggest announcements relate to a smaller scale HITRUST CSFBASICs certification path and significant changes to the CSF v9 that is slated for release later this year.

Originally published in Accounting Today Simply put, SSAE No 18 is the standard which recodifies all the previous attestation standards. It is the culmination of the efforts to clarify the various standards for performing attestation engagements, which includes among many others, SOC 1 (commonly referred to as SSAE No. 16) and SOC 2 and SOC 3 (AT Section 101), into a single set of standards for the auditors.

On October 21st, Dyn, a provider of domain name services (DNS), an essential function of the Internet that translates names like www.schellmanco.com to its numerical IP address, went offline after a significant distributed denial of service (DDoS) attack affected Dyn’s ability to provide DNS services to major Internet sites like Twitter, Spotify, and GitHub. Initial analysis showed that the DDoS attack made use of Mirai, malware that takes control of Internet of Things (IoT) devices for the purposes of directing Internet traffic at the target of the DDoS attack. Commonly referred to as botnets, these networks of compromised devices allow for the distributed version of denial of service attacks; the attack traffic occurs from a broad span of Internet addresses and devices, making the attack more powerful and more difficult to contain.