<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">

LIVE WEBINAR: SOC for Software - How SOC for Supply Chain Reduces Software Risk | July 29th

Register Here
Contact a Specialist
Services
SOC & Attestations
Payment Card Assessments
ISO Certifications
Privacy Assessments
Federal Assessments
Healthcare Assessments
Penetration Testing Adversary Simulation
Application and API
Assumed Breach
Infrastructure and Network
Thick Client
Cloud Configuration Assessments Amazon Web Services
Google Cloud Platform
Microsoft Azure
Oracle Cloud Infrastructure
Build Your Compliance Roadmap
Industry Solutions
Cloud Computing & Data Centers Meet a broad range of regulatory and industry compliance mandates for your customers
Financial Services & Fintech Cybersecurity assessments for both the banking industry and the service providers
Healthcare Reporting to manage risk and adhere to applicable laws and regulations
Payment Card Processing Validate compliance with the various forms of the PCI DSS
US Government Achieve authorization to work for federal agencies, DoD, and the associated contractor base
View All Industry Solutions
Learning Center
Articles
Whitepapers
Case Studies
Events & Live Webinars
On-Demand Webinars
Compliance Reliance
Visit the Learning Center
Our Process
About Us
Leadership Team
Careers
Corporate Social Responsibility
Visit About Us
Contact Us
Services
Services
View All Services
SOC & Attestations
SOC & Attestations
SOC 1
SOC 2
SOC 3
SOC for Cybersecurity
SOC for Supply Chain
C5 Attestation
Payment Card Assessments
Payment Card Assessments
PCI DSS Validation
PA DSS Validation
P2PE DSS Validation
Secure Software Framework
PCI DSS ASV Scanning
ISO Certifications
ISO Certifications
ISO 27001
ISO 27701
ISO 22301
ISO 20000-1
ISO 9001
CSA STAR Program
Privacy Assessments
Privacy Assessments
GDPR Assessment
International Privacy Assessments
APEC Certification
US State Privacy Assessments
Privacy Program Assessment
Federal Assessments
Federal Assessments
FedRAMP
CMMC
FISMA/NIST 800-53
NIST 800-171
CJIS, ITAR, and Other
Healthcare Assessments
Healthcare Assessments
HIPAA
HITRUST Certification
DEA EPCS
Penetration Testing
Penetration Testing
Cloud Configuration Assessments
Cloud Configuration Assessments
Industry Solutions
Industry Solutions
View All Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Visit the Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Compliance Reliance
Compliance Reliance
Our Process
About Us
About Us
About Schellman
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Contact Us
Contact a Specialist

Blog

The Schellman Advantage Blog

Stay up to date with the latest compliance news from the Schellman Advantage blog.

Blog Feature

SOC 2 | SOC Reports | BrightLine | SOC 1

What to Look for When Choosing an Auditing Firm

By: RYAN BUCKNER
January 5th, 2016

Think of your auditing firm like you would a long-term business partner. They are someone you will work with year after year, and they will be an integral part of setting the stage for your organization’s success. As such, the act of selecting the appropriate assessor shouldn’t be taken lightly. Here are several key qualities your organization should look for when choosing an auditing firm:

Read More
Blog Feature

SOC Reports | WebTrust | SysTrust

Rest In Peace SOC 3 Seal

By: AVANI DESAI
October 29th, 2014

On October 2, 2014, the AICPA and CPA Canada announced their joint decision to discontinue the seal programs for Systrust and SOC 3 Systrust for Service Organizations.

Read More
Blog Feature

SOC 2 | SOC Reports

Microsoft Uses SOC 2 To Demonstrate CSA CCM Compliance

By: CHRIS SCHELLMAN
September 17th, 2013

Via Data Center Knowledge SOC 2 reporting is still in its infancy stages. However, since its introduction in 2011, BrightLine has been engaged to perform hundreds of SOC 2 projects. That’s a lot. In fact, it’s very possible that BrightLine is not only a major pioneer in this arena, but is also the world’s leading provider.

Read More
Blog Feature

SOC 2 | SOC Reports

SOC 2 Maintenance or Overhaul?

By: RYAN BUCKNER
September 9th, 2013

Belonging to the school of thought that new cars are for the birds, I have nearly 250,000 miles on my 14 year old SUV. In some ways, it’s a point of pride, but I must admit that the engine doesn’t purr quite like it once did.With each tire rotation, brake replacement, or can of fuel booster, I wonder if it would be best to break down and finally get a new vehicle. In fairness to my vehicle, my demands have changed over the years. I have asked the vehicle to perform in ways that it wasn’t necessarily designed for, or at least not designed to do very well. Certainly the list of reasons to replace the vehicle has grown long over time, and while I am adept at “patching” the problems, I know that the only solution is to replace the vehicle. As a SOC 2 / 3 expert, I believe this same analogy applies to the AICPA’s Trust Service Principles and Criteria (TSPC).

Read More
Blog Feature

SOC 2 | SOC Reports | BrightLine | SOC 1

HR and Payroll Service Providers Benefit from Attestation and Compliance Reports

By: AVANI DESAI
January 31st, 2013

Source - Workforce Management Channel Today’s business environment is compliance heavy, under continuous scrutiny and intertwined with customer and legislative requirements. However, companies must still ensure compliance with the myriad of standards, requirements, laws, and regulations, such as SSAE 16 Examination (SOC 1), SOC 2/3 Examination, ISO Certification, FedRAMP Assessment, and hundreds more, across all areas of governance and programs.

Read More

All posts