Contact Us

Services

Suite of Services

Schellman began as a SOC audit firm 20+ years ago. While we still issue more than 2,000 SOC reports each year, our clients’ trust has propelled our expansion. Today, we offer nearly 60 types of audits and assessments.

Download a PDF of All Services

Learning Center

Our Technology

About Us

About Us

Schellman is the only Top 50 CPA firm focused exclusively on IT Compliance and Cybersecurity, and we’re the #1 service provider for FedRAMP Assessments. Our industry-leading NPS scores, client retention, and employee retention mean our clients experience greater continuity and quality. We also understand how distracting unplanned work can be, so we focus on client-centric KPIs to help keep your business moving uninterrupted.

Download the Story of '24

ISO Certificate Directory

Services

Services

View All Services

SOC & Attestations

SOC & Attestations

SOC 1 / SSAE 18 Examination

SOC 2 Examination

SOC 3 Examination

SOC for Supply Chain

SOC for Cybersecurity

SOC Essentials for Early-Stage Companies

C5 Attestation

CSA STAR Programs

Payment Card Assessments

Payment Card Assessments

PCI DSS Validation

PCI SSF

PCI P2PE Validation

PCI PIN Assessments

PCI 3DS Compliance

ISO Certifications

ISO Certifications

ISO 27001

ISO 42001

ISO 27701

ISO 9001

ISO 22301

ISO-20000-1

ISO 14001

ISO 45001

ISO 50001

Privacy Assessments

Privacy Assessments

Global CBPR & PRP Certification

GDPR Assessment

International Privacy Assessments

US State Privacy Assessments

Microsoft SSPA/DPR Assessment

FERPA Assessment

EU Cloud Code of Conduct

Federal Assessments

Federal Assessments

FedRAMP®

CMMC / NIST SP 800-171

FISMA/NIST

ITAR

CJIS

IRAP

FTC Consent Decrees

DoD IL6

Healthcare Assessments

Healthcare Assessments

HITRUST Certification

HIPAA Compliance

HIPAA Express

EPCS-DEA Audits

Health Data Host (HDS) Certification

Penetration Testing

Penetration Testing

Application

Network

Mobile

Red Teaming

Social Engineering

Cloud

Physical

Hardware and IoT

Advanced Series

AI Red Teaming

Cybersecurity Assessments

Cybersecurity Assessments

Cloud Configuration Assessments

Ransomware Assessments

NIST Cybersecurity Framework Assessments

Schellman Software Security Assessment (S³A)

TISAX®

SWIFT Customer Security Programme

Internal Audit Co-Sourcing

Crypto and Digital Trust

Crypto and Digital Trust

Schellman Training

Schellman Training

Sustainability Services

Sustainability Services

AI Services

Learning Center

Our Technology

About Us

About Us

Leadership Team

Leadership Team

Corporate Social Responsibility

Corporate Social Responsibility

Careers

Strategic Partnerships

Strategic Partnerships

ISO Certificate Directory

Blog

Video

Stay up to date and discover new insights into compliance through our team’s thought leadership.

Blog Feature

ISO Certifications

An Overview of ISO 50001

By: Danny Manimbo
September 9th, 2025

Danny Manimbo, principal and ISO practice leader at Schellman, answers the most frequently asked questions about ISO 50001 Certification, including its importance, key elements, and implementation.

Blog Feature

ISO Certifications

An Overview of ISO 45001

By: Danny Manimbo
September 2nd, 2025

Danny Manimbo, principal and ISO practice leader at Schellman, answers the most frequently asked questions regarding ISO 45001 Certification, including its key elements, importance, and benefits.

Blog Feature

ISO Certifications

An Overview of ISO 22301

By: Danny Manimbo
July 15th, 2025

Danny Manimbo, principal and ISO practice leader at Schellman, answers the most frequently asked questions about ISO 22301 Certification, including key benefits, who should consider adopting it, and how it relates to DORA and NIS2.

Blog Feature

ISO Certifications | ISO 9001

An Overview of ISO 9001: Importance, Benefits, and Who Should Adopt It

By: Danny Manimbo
June 30th, 2025

Danny Manimbo, principal and ISO practice leader at Schellman, explores the ISO 9001 Certification, including its importance, key benefits, and which businesses should consider adopting it.

Blog Feature

Privacy Assessments

An Overview of CBPR and PRP Certification

By: Chris Lippert
June 18th, 2025

Chris Lippert, Director of Schellman's Privacy Practice, is here to answer the most frequently asked questions surrounding Global CBPR and PRP Certification, including what it is, why it's important, who should adopt it, and how closely CBPR and PRP align with other privacy initiatives.

Blog Feature

Privacy Assessments | ISO Certifications

An Overview of ISO 27701

By: Chris Lippert
June 9th, 2025

Chris Lippert, Director of the Privacy Practice at Schellman, is here to answer the most frequently asked questions surrounding the ISO 27701 standard, including why it’s important, who should adopt it, and how closely it aligns with other compliance frameworks.

Blog Feature

Privacy Assessments

The Global CBPR System

By: Chris Lippert
June 2nd, 2025

Chris Lippert, Director of the Privacy Practice at Schellman, details the exciting news of the APEC Cross Border Privacy Rules (CBPR) system officially going global.

Blog Feature

Artificial Intelligence | HITRUST | ISO 42001

The Overlap Between the HITRUST AI Security Assessment and ISO 42001

By: Jerrad Bartczak
May 14th, 2025

Schellman's Danny Manimbo and Senior Associate within the AI practice, Jerrad Bartczak, discuss what you need to know about the overlap between HITRUST AI Security Assessment and ISO 42001 and how to map the two frameworks.

Blog Feature

ISO Certifications | ISO 27001

An Overview of ISO 27001: Key Principles, Benefits, and Implementation

By: Danny Manimbo
April 16th, 2025

Danny Manimbo, Principal and ISO Practice Leader at Schellman, provides a comprehensive overview of ISO 27001 Certification.

Blog Feature

ISO Certifications | ESG

ISO 14001: The Most Frequently Asked Questions

By: Danny Manimbo
March 20th, 2025

Danny Manimbo, Principal and ISO & AI Practice Leader at Schellman, is here to answer the most frequently asked questions surrounding ISO 14001 Certification.

{