Ryan Mackie

Ryan Mackie is a Principal and ISO Certification Services Practice Director at Schellman & Company, LLC. Ryan manages SOC, PCI-DSS, ISO, HIPAA, and Cloud Security Alliance (CSA) STAR Certification and Attestation service delivery and also oversees the firm-wide methodology and execution for the ISO certification services, including ISO 27001, ISO 9001, ISO 20000, and ISO 22301 as well as CSA STAR certification services. He has over 18 years of experience. Ryan also is an active member of the CSA and site on the Open Control Framework committee which is responsible for the CSA STAR Program methodology and execution.

  • The Much Anticipated ISO/IEC 27701:2019

    The Much Anticipated ISO/IEC 27701:2019

    For those that were monitoring the wire, ISO 27001 was released the week of August 5th as an extension of ISO 27001 and 27002.

    Read Article
  • 13 Tips For Grooming IT Leaders

    13 Tips For Grooming IT Leaders

    The ability to identify and train IT managers is a key factor in establishing productive IT teams. Here’s what to look for and how to hone leadership talent when promoting from within....

    Read Article
  • To Include or Not to Include – Scoping ISO 27001 and Colocation Service Providers

    To Include or Not to Include – Scoping ISO 27001 and Colocation Service Providers

    Introduction ISO/IEC 27001:2015 (ISO 27001) certification is becoming more of a conversation in most major businesses in the United States. To provide some depth, there was a 20%...

    Read Article
  • ISO 27018: What Cloud Providers Need to Know

    ISO 27018: What Cloud Providers Need to Know

    According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information...

    Read Article
  • Q&A on CSA STAR Program

    Q&A on CSA STAR Program

    Can an organization do a certification and an attestation?Yes. The certification has the prerequisite that you have gone through the ISO 27001 certification, but the attestation does not have any...

    Read Article
  • Locking up the Cloud and Throwing the Key Away

    Locking up the Cloud and Throwing the Key Away

    According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information...

    Read Article
  • A Kinship: SOC 2 and ISO 27001

    A Kinship: SOC 2 and ISO 27001

    Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report?  Many organizations today are dealing with multiple needs or demands for various compliance assessments...

    Read Article
  • Understanding the Cloud Security Alliance STAR Program – Certification and Attestation

    Understanding the Cloud Security Alliance STAR Program – Certification and Attestation

    In the last 12 months, the Cloud Security Alliance (CSA) has made great strides in enhancing their CSA Security, Trust and Assurance Registry (STAR) Program. In brief, the STAR Program is a...

    Read Article
  • SOC 1 / SSAE 16 - What is the Difference?

    SOC 1 / SSAE 16 - What is the Difference?

    When referring to SSAE16 or SOC 1, what is the difference and how do you use these acronyms appropriately? Simply put, the SSAE No. 16 standard is the attestation standard used to create a SOC 1...

    Read Article
  • The 3 Things to Consider When Transitioning from ISO 27001 :2005 vs. ISO 27001 :2013

    The 3 Things to Consider When Transitioning from ISO 27001 :2005 vs. ISO 27001 :2013

    Read Article
  • Complementing Your ISO Certification - AT 101

    Complementing Your ISO Certification - AT 101

    Undoubtedly, the ISO 27001 Certification is recognized globally and revered as one of the highest and most comprehensive certifications an organization can attain. The high esteem that the...

    Read Article
  • ISO 27001:2013 – Understanding the New Standard

    ISO 27001:2013 – Understanding the New Standard

    Part 1: Scoping and the approach of implementing the ISMS Organizations currently implementing or planning to implement a management system based on ISO 27001 will have a tough decision to make in...

    Read Article
  • ISO 27001 Full Circle with Your Third Party Providers

    ISO 27001 Full Circle with Your Third Party Providers

    My organization is seeking ISO 27001 certification but we outsource physical hosting to a third-party. How do I have to include that organization in the scope of my Information Security Management...

    Read Article
  • loading
    Loading More...