Schellman & Co.
Headquarters: Tampa, Florida
No. of employees/offices: 279/12
No. of times firm fully tests backup systems: Once/month
Schellman & Co. focuses exclusively on technology and cybersecurity audits. “Working in this landscape and having proximity to many of the world’s largest technology companies has made us acutely aware of leading trends, emerging technologies, and compliance challenges faced on a global scale,” president Avani Desai said.
Schellman offers its own proprietary audit technology, AuditSource, “an application and micro-services layer built on secure cloud services designed to facilitate the exchange of information with our clients.” The platform matches requests with the most qualified individual at the client’s office and provides an increased level of security around client data.
Schellman has made cybersecurity one of its top concerns, which heavily influenced their design of AuditSource. While building the platform, the firm became acutely versed in the security capabilities of the platforms upon which they built their software. The firm found a security gap — most audit file-sharing answers were open once you had access to a specified folder.
“This leads to significant sharing and access control concerns when human resources respondents do not intend for IT personnel to see information shared with the auditors,” Desai explained. “As a result, Schellman designed and built its AuditSource portal in such a manner that only the individuals assigned to fulfill a request, along with specified administrators, would have visibility into the potentially sensitive data that was being provided to the audit firm. This is a different approach, and we have had to educate clients used to ‘seeing everything’ that they need to be more purposeful around what they need to have access to as Schellman does not want to provide the mechanism for unauthorized access.”
Read the article in its entirety online.
About the AuthorMore Content by Schellman Compliance