Best Firms For Tech in 2020: Schellman & Co

Best Firms For Tech in 2020: Schellman & Co

Schellman & Co.
Headquarters: Tampa, Florida
No. of employees/offices: 279/12
No. of times firm fully tests backup systems: Once/month

Schellman & Co. focuses exclusively on technology and cybersecurity audits. “Working in this landscape and having proximity to many of the world’s largest technology companies has made us acutely aware of leading trends, emerging technologies, and compliance challenges faced on a global scale,” president Avani Desai said.

Schellman offers its own proprietary audit technology, AuditSource, “an application and micro-services layer built on secure cloud services designed to facilitate the exchange of information with our clients.” The platform matches requests with the most qualified individual at the client’s office and provides an increased level of security around client data.

Schellman has made cybersecurity one of its top concerns, which heavily influenced their design of AuditSource. While building the platform, the firm became acutely versed in the security capabilities of the platforms upon which they built their software. The firm found a security gap — most audit file-sharing answers were open once you had access to a specified folder.

“This leads to significant sharing and access control concerns when human resources respondents do not intend for IT personnel to see information shared with the auditors,” Desai explained. “As a result, Schellman designed and built its AuditSource portal in such a manner that only the individuals assigned to fulfill a request, along with specified administrators, would have visibility into the potentially sensitive data that was being provided to the audit firm. This is a different approach, and we have had to educate clients used to ‘seeing everything’ that they need to be more purposeful around what they need to have access to as Schellman does not want to provide the mechanism for unauthorized access.”

Read the article in its entirety online.

About the Author

Schellman Compliance

Schellman is a leading global provider of attestation, compliance, and certification services. Operating as an alternative practice structure as Schellman & Company, LLC, a top 100 CPA firm, and Schellman Compliance, LLC, a globally accredited compliance assessment firm, we are able to offer clients services as a CPA firm, an ISO Certification Body, a PCI Qualified Security Assessor Company, a HITRUST assessor, a FedRAMP 3PAO, and as one of the first CMMC Authorized C3PAOs. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Schellman's approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives using a single third-party assessor. For more information, please visit

More Content by Schellman Compliance
Previous Article
Schellman Stories: John Cartwright
Schellman Stories: John Cartwright

Schellman's John Cartwright, who always had a love of writing, started as a reporter and eventually found h...

Next Article
Choosing the Correct SOC 2 Categories
Choosing the Correct SOC 2 Categories

Determining which SOC 2 Trust Services Categories (TSCs) to choose boils down to what categories are right ...


First Name
Error - something went wrong!