Which SOC Method Should You Use? Carve-Out vs. Inclusive
Going through a SOC examination and not sure what to do about your subservice organizations? We break down the two options you have, as well as considerations to make before selecting a method.
Read Article
Preparing for Web 3.0
Web 3.0 is coming—did you know? But what is Web 3.0? We explain that, along with what's holding up its adoption and how it will change our collective digital future.
Read Article
Which Big 4 Firm Should Perform Your SOC Audit?
The Big 4 are usually everyone's first instinct when it comes to SOC reports. We break each firm down and provide questions you can ask them all as you search for the right compliance firm for you.
Read Article
How to Scope a SOC 2 Audit: 3 Steps
Doing a SOC 2 audit but not sure what all you need to include? Learn about 3 clear steps you can take to more easily define the scope of your SOC 2 examination.
Read Article
Finding Your FedRAMP Consultant: What to Ask and When
Before you engage a FedRAMP 3PAO like Schellman to assess you, you'll need the services of a consultant. Read how these advisors can help you & what to ask them to ensure you get the best one for you.
Read Article
Pros and Cons of a C5 Examination
Heard of C5 but not sure if it's right for you? We weigh the pros and cons of this compliance project for you to help make your decision--one way or the other--easier.
Read Article
Why National Skin Cancer Awareness Month Matters to Me
May is National Skin Cancer Awareness Month. Schellman's Chief Growth Officer Doug Barbin shares his personal experience and tips for avoiding melanoma—the silent but deadly disease.
Read Article
Understanding the Updates to Risk Management in PCI DSS v4.0
How will you need to manage risk under PCI DSS v4.0? We outline how you can update and improve your risk framework so that you ensure compliance with the new standard and its changes.
Read Article
Scoping Validation Requirements in PCI DSS 4.0: What’s Changed?
Scoping validation has changed under the new PCI DSS v4.0. We break down the new requirements & how your scoping exercise needs to change so you have no trouble when the new standard takes effect.
Read Article
How is Schellman Preventing Employee Burnout?
Employee burnout has always been a problem--even before the 2020 pandemic. Read about what Schellman has done and continues to do to protect the team from this kind of fatigue.
Read Article
Preparing for Your Audit: 3 Mindsets to Have
Getting ready for your audit? Here's how to change your perspective on your looming "ordeal" so that you get the most out of the experience and have the easiest time doing it.
Read Article
Do You Need a SOC 2 with Additional Criteria? 3 Frameworks to Consider
Did you know you can add criteria to your SOC 2 beyond the standard categories? Understand the advantages to adding additional criteria in your SOC 2 examination so that you make the right decision.
Read Article
PCI FAQ: Answers to Get You Started
Wondering if you need PCI compliance? We walk you through an evolving list of some commonly asked questions regarding the basics of payment security compliance to help you get started.
Read Article
Shaping Compliance for 20 Years – A Letter from the CEO
Schellman is celebrating 20 years in the compliance industry! CEO Avani Desai reflects on our success as well as who and what it took for the firm to reach this milestone.
Read Article
Could GDPR Enforcement Affect Your Online Marketing Efforts?
A recent decision regarding the GDPR could rock methodology for customized ad space. Don't be caught off-guard—read about how online marketing could be forced to make a big shift in the near future.
Read Article
How to Keep Your Legacy Systems Compliant Under PCI DSS 4.0
Ensure your older systems aren't left behind during your switch to PCI DSS v4.0. Read our breakdown on the challenges legacy systems face under the new standard, and suggestions for how to proceed.
Read Article
Which SOC Opinion Do You Want?
In your SOC report, your auditor will provide their opinion on the state of your systems & services. Read our blog to understand all your potential outcomes so that you know which to aim for.
Read Article
How to Perform a Risk Assessment Ahead of a SOC 2: 5 Steps
Ensure that you are both prepared for your SOC 2 examination and that you get the most from your efforts by following our 5-step process for risk assessments.
Read Article
Are Passwords Still Useful?
FIDO's painting a picture where passwords are a thing of the past. Read about their proposed alternative authentication methods and how they will seek to overtake passwords despite some obstacles.
Read Article
Schellman Holds Onto #12 in the 2022 Vault Accounting 50 Rankings
Tampa, FL, April 19, 2022 - Schellman, a leading provider of attestation and compliance services, announced today that we remained ranked #12 among Vault’s 2022 Accounting 50. This is...
Read Article