ABOUT US
CAREERS
RESOURCES
BLOG
CONTACT

SUITE OF SERVICES

SOC EXAMINATIONS
ISO CERTIFICATIONS
PAYMENT CARD ASSESSMENTS
FEDERAL ASSESSMENTS
CLOUD SECURITY ASSESSMENTS
HEALTHCARE ASSESSMENTS
CSA STAR PROGRAMS
PRIVACY ASSESSMENTS
CYBERSECURITY ASSESSMENTS
FINANCIAL SERVICES ASSESSMENTS

RESOURCES

SOC RESOURCES
ISO RESOURCES
PAYMENT CARD ASSESSMENTS RESOURCES
FEDERAL ASSESSMENTS RESOURCES
SECURITY ASSESSMENTS RESOURCES
HEALTHCARE ASSESSMENTS RESOURCES
CSA STAR PROGRAMS RESOURCES
PRIVACY ASSESSMENTS RESOURCES

ABOUT US
CAREERS
SERVICES

ALL SERVICES
SOC EXAMINATIONS
ISO CERTIFICATIONS
PAYMENT CARD ASSESSMENTS
FEDERAL ASSESSMENTS
SECURITY ASSESSMENTS
HEALTHCARE ASSESSMENTS
CSA STAR PROGRAMS
PRIVACY ASSESSMENTS

BLOG
CONTACT

All Services
Federal Assessments

FEDERAL ASSESSMENTS

FedRAMP, CMMC / NIST SP 800-171, FISMA / NIST, ITAR, CJIS Assessments

TALK WITH A SPECIALIST RESOURCES

While many 3PAOs are historical government contractors and consultants, Schellman provides only independent assessment services to cloud providers. Additionally, our clients often work in conjunction with SOC 2, PCI, and other compliance initiatives.

FedRAMP

Schellman is an accredited 3PAO in accordance with the FedRAMP requirements. FedRAMP is a program that allows cloud service providers to meet security requirements so agencies may outsource with confidence.

CMMC / NIST SP 800-171

* Schellman’s application for C3PAO is pending as no C3PAOs have been accredited to date.

In the meantime, Schellman is able to perform gap assessments using NIST 800-171 along with the additional CMMC requirements (practices and processes) so that an organization can gauge is preparedness for CMMC certification.

FISMA/NIST

While only government agencies can be FISMA compliant, Schellman performs both independent attestations and gap assessments against the NIST 800-53 standards, which are the detailed requirements behind FISMA.

ITAR

Schellman regularly performs assessments against the applicable controls for the International Trafficking of Arms Regulation (ITAR) and other types of export control requirements.

CJIS

Schellman regularly performs assessments against the applicable controls for the Criminal Justice Information Services (CJIS) Security Policy found on the FBI website

TALK WITH ONE OF

OUR SPECIALISTS

Our Schellman teams have experience performing thousands of assessments for organizations providing services to the federal government.
We're here to answer any questions.

ABOUT CONTACT PRIVACY

Gartner Cool Vendor

Consulting Magazine's Best Firms to Work For

Accounting Today's Top 100 Firm

Copyright © 2002 - 2020 Schellman & Company, LLC. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.