
Most Recent Articles

SOC 2 + HITRUST presents a useful combined approach, but is it right for you? We explain the advantages of this route as well as some considerations before you decide.

Having trouble scanning RDS? Here are 5 easy steps to help you set up your Nessus scanner correctly so that you can complete successful scans to meet FedRAMP requirements.

We break down the new ISO 27002 standard, including details & explanations regarding the new control set & terminology, so that you can be better informed going into your next ISO 27001 certification.

Know of ISO 27018 but aren't sure if it's right for your organization? We explain this privacy standard's key guidelines and 4 possible benefits of adding it to your ISO 27001 certification.

Wondering how long the FedRAMP process takes? We explore the different phases of the program with rough timetables so that you can set more accurate expectations for your organization.

With the advent of the Digital Age, protecting data has become ever more paramount to organizational success. Learn about 5 potential stumbling blocks to avoid so that your information remains secure.

What's considered PHI/ePHI? That might seem very simple to answer but, unfortunately, it’s not. We explain what constitutes PHI/ePHI & where it resides so that you can get started in HIPAA compliance.

Schellman's bridging the gap between new college grads & the tech arena through their skill-building program, Schellman-X. Learn about one new associate's experience to better determine your interest.

Schellman is dedicated to learning, and now we are expanding to help educate others--whether they work here or not. Learn more about our upcoming opportunities & why continuous education is important.

Getting ready to undergo a SOC 2 examination? Read about 4 common setbacks to avoid ahead of your audit so that you can better set yourself up for success.

Are you an experienced penetration tester seeking a new opportunity? Learn how Schellman is addressing common issues those in the industry face to help determine if this is the right place for you.

FedRAMP may be complicated, but DoD cloud computing security requirements are even more stringent. We break them down for you so that your entire journey to becoming compliant is that much simpler.

The CPRA goes into effect soon, so here's what you need to know about California's new privacy legislation, how it compares to the CCPA, & the current state of privacy regulation in the greater U.S.

Heard of P2PE but not sure where or how to dive in? We answer 7 common questions to get you started in understanding this complex encryption and its standard for compliance.

One of the core requirements of ISO 27001 is a periodic & independent internal audit of the ISMS--we break down the different facets of clause 9.2 so that you can comply more easily with the standard.

Trying to decide which accounting firm is right for you? Our Will Sparks weighed his options & chose Schellman--he details 5 aspects of his work experience that have made him confident in his choice.

Want to get through the complexities of FedRAMP more easily? Read about 5 common pitfalls that sometimes trip up organizations during this process so that you can better avoid becoming one of them.

Want to be part of our Pen Test Team? We provide details on the expectations and responsibilities of an Associate Penetration Tester so that you can decide whether this is the right move for you.

Searching for a way to simplify your HIPAA risk analysis? The ONC/OCR tool can help--we explain how, as well as how to use it so that you satisfy the HIPAA security rule more easily.

Not sure about transferring your ISO certificate? We detail the requirements for a transfer and several factors you should consider before making this decision so you can be sure this move is for you.