Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Video

Stay up to date and discover new insights into compliance through our team’s thought leadership.

Blog Feature

ISO Certifications | Artificial Intelligence | ISO 42001

By: Danny Manimbo
February 24th, 2025

Danny Manimbo, Principal and ISO & AI Practice Leader at Schellman, is here to answer the most frequently asked questions surrounding ISO 42001 Certification.

Blog Feature

ESG | GHG Verification

By: Stu Block
February 17th, 2025

As sustainability disclosure requirements are constantly evolving, it’s increasingly important for businesses to remain aware of these changes and prepare to comply. While the sustainability disclosure regulatory requirements typically impact larger companies, we are starting to see mid- and small-cap companies that typically operate as business-to-business suppliers be impacted by a new trend in this space. Larger, international companies are starting to update their Supplier Code of Conduct to require the measurement of GHG emissions, setting of climate targets, and procuring electricity from renewable energy sources.

Blog Feature

Privacy Assessments | ISO Certifications | ISO 42001

By: Chris Lippert
February 5th, 2025

Microsoft’s Supplier Security and Privacy Assurance (SSPA) program received a major update with Version 10, which took effect on September 23rd, 2024. This update introduced new requirements, particularly around artificial intelligence (AI) and ISO 42001 compliance.

Blog Feature

Healthcare Assessments | HIPAA

By: Ryan Meehan
January 29th, 2025

Schellman's Danny Manimbo and Healthcare Assessment leader, Ryan Meehan, discuss in under 3 minutes what you need to know about the proposed changes to the HIPAA Security Rule.

Blog Feature

ESG

By: Schellman
December 18th, 2024

Hi, I'm Stu Block the Sustainability Practice Director here at Schellman. We provide our clients with sustainability services in three primary areas. 1. Sustainability Regulatory Reporting Readiness

Blog Feature

Cybersecurity Assessments | ISO Certifications | Artificial Intelligence

By: Schellman
December 12th, 2024

Looking back, 2024 was the year of AI governance. At Schellman, we dove in headfirst and became the first ANAB ISO 42001-accredited Certification Body. We also started to see AI regulation come online internationally with the EU AI Act, as well as here in the U.S., where certain states also published their own AI regulation. While we're still lacking federal-level legislation—which may still come in the future—we also anticipate that this state-by-state patchwork of AI laws will expand.

Blog Feature

ESG

By: Schellman
November 6th, 2024

Let's talk about GHG emissions and how they are reported according to the Greenhouse Gas Protocol by categorizing them into three scopes. Scope 1 GHG Emissions

Blog Feature

Payment Card Assessments

By: Schellman
October 23rd, 2024

Payment, script, security, controls. Did any of those make you feel warm and fuzzy? Probably not.

Blog Feature

ISO Certifications | Artificial Intelligence

By: Schellman
October 1st, 2024

As one of the largest cybersecurity assessment firms in the world, Schellman provides services like ISO, FedRAMP, SOC, and PCI. In parallel with the compliance and technology space that continues to evolve, we've adapted our ISO services, including acquiring dual accreditation from ANAB and UKAS to meet the ever-evolving needs of our clients.

Blog Feature

Cybersecurity Assessments | Compliance and Certification

By: Schellman
September 25th, 2024

(Schellman CEO) Avani Desai here. Let's talk about something that can make or break your business...DORA. Otherwise known as the Digital Operational Resilience Act, DORA is set to redefine how financial institutions and their critical third-party providers manage digital threats.

{