Debbie Zaller

Debbie Zaller is Chief Operating Officer at Schellman. Debbie is responsible for maintaining and driving operational results and executing the firm's strategic goals. Debbie oversees all daily operations of the firm while spearheading the development, communication and implementation of effective growth strategies and processes. Debbie has over 21 years of IT compliance and attestation experience. Debbie led the firm's Midwest, Southeast, and Northeast regions along with the national service lines of SOC 2 and Privacy service lines as Managing Principal before assuming the position of COO in 2021. Debbie holds a Master of Accounting degree from the University of Florida. She is a Certified Public Accountant, Certified Information Privacy Professional/United States, Certified Data Privacy Solutions Engineer, Certified Information Systems Security Professional, Certified Information Systems Auditor, and Certified Cloud Security Knowledge. She is currently an AICPA-approved and nationally listed SOC Specialist and speaker on various privacy topics. Debbie was on the AICPA Task Force for the Advanced SOC for Certification Exam, was a member of the Florida Institute of Certified Public Accountants Board of Governors and served on the Finance and Office Advisory Committee.

  • What is the SSPA Process?2:24

    What is the SSPA Process?

    Watch Video
  • The Cost of an MS DPR Assessment2:06

    The Cost of an MS DPR Assessment

    Watch Video
  • HHS Requirement for Security Practices NIST

    HHS Requirement for Security Practices NIST

    Schellman's Debbie Zaller provides an overview of the HHS issued HITECH Act amendment

    Read Article
  • First Female Principal

    First Female Principal

    In honor of Women's History Month we spotlight Debbie Zaller, Schellman's first female Principal

    Read Article
  • APEC Privacy Certification4:00

    APEC Privacy Certification

    Watch Video
  • Microsoft SSPA Program3:32

    Microsoft SSPA Program

    Watch Video
  • The GDPR Turns Two5:07

    The GDPR Turns Two

    Watch Video
  • Positive Experiences From Quarantine2:03

    Positive Experiences From Quarantine

    Watch Episode
  • Helpful Tips During Isolation1:46

    Helpful Tips During Isolation

    Watch Episode
  • California Privacy Law: Its Impact on Businesses

    California Privacy Law: Its Impact on Businesses

    A sweeping consumer privacy law went into effect in 2020 in the state of California but it seems many businesses are still not yet ready to comply.

    Read Article
  • Locking up the 'internet of things'

    Locking up the 'internet of things'

    A wide range of internet of things connected devices are now required to include reasonable and appropriate cybersecurity measures under a California law that went into effect Jan 1.

    Read Article
  • Cross-Border Privacy System Gains Second U.S. Compliance Agent

    Cross-Border Privacy System Gains Second U.S. Compliance Agent

    (Article originally published on BloombergLaw.com)

    Read Article
  • APEC announces new US accountability agent for CBPR certifications

    APEC announces new US accountability agent for CBPR certifications

    The Asia-Pacific Economic Cooperation is set to boost the status of its Cross-Border Privacy Rules program in the U.S.

    Read Article
  • 8 Steps to Effective Multi-Cloud Cost Management

    8 Steps to Effective Multi-Cloud Cost Management

    Strategic thinking and careful planning can help you squeeze the maximum value out of your multi-cloud environment. Here are eight tips to help you get started.

    Read Article
  • SOC, Meet Cybersecurity

    SOC, Meet Cybersecurity

    As global cyberattacks become more common, organizations are fine tuning, or even implementing, a cybersecurity risk management program

    Read Article
  • What You Need to Know About Changes to the STAR Program

    What You Need to Know About Changes to the STAR Program

    The CSA recently announced that the STAR Program will now allow a one-time, first-year only, Type 1 STAR Attestation report. What is a Type 1 versus Type 2 examination and what are the...

    Read Article
  • Tell The World: "I've Completed My Audits!!"

    Tell The World: "I've Completed My Audits!!"

    Read Article
  • 5 Simple Steps for Creating an Effective Change Management Program

    5 Simple Steps for Creating an Effective Change Management Program

    Identifying changes that must be made is the easy part. Managing those changes successfully—not so simple! Organizations today need to be extraordinary at adapting to or influencing changes in...

    Read Article
  • How CISOs Can Work With Other Execs to Manage Information Security Risks

    How CISOs Can Work With Other Execs to Manage Information Security Risks

    Unfortunately, 2015 saw some seriously impressive information security hacks, the likes of which included those at major companies and entities like VTech, T-Mobile, the FBI, and even Trump...

    Read Article
  • Privacy Principle Undergoes an Overhaul.

    Privacy Principle Undergoes an Overhaul.

    The AICPA just released an updated version of TSP Section 100. The update amends TSP Section 100 and supersedes Appendix C of TSP Section 100A, which relates to the Generally Accepted Privacy...

    Read Article
  • loading
    Loading More...
See more