What is SOC 2 + HITRUST?
SOC 2 + HITRUST presents a useful combined approach, but is it right for you? We explain the advantages of this route as well as some considerations before you decide.
Read Article
How to Configure Your Nessus Scanner to Perform RDS Scans
Having trouble scanning RDS? Here are 5 easy steps to help you set up your Nessus scanner correctly so that you can complete successful scans to meet FedRAMP requirements.
Read Article
The New ISO 27002:2022 - What You Need to Know
We break down the new ISO 27002 standard, including details & explanations regarding the new control set & terminology, so that you can be better informed going into your next ISO 27001 certification.
Read Article
Key Facts and Benefits of ISO 27018
Know of ISO 27018 but aren't sure if it's right for your organization? We explain this privacy standard's key guidelines and 4 possible benefits of adding it to your ISO 27001 certification.
Read Article
What is the Timeline for the FedRAMP Process?
Wondering how long the FedRAMP process takes? We explore the different phases of the program with rough timetables so that you can set more accurate expectations for your organization.
Read Article
5 Challenges of Data Protection
With the advent of the Digital Age, protecting data has become ever more paramount to organizational success. Learn about 5 potential stumbling blocks to avoid so that your information remains secure.
Read Article
What is PHI or ePHI?
What's considered PHI/ePHI? That might seem very simple to answer but, unfortunately, it’s not. We explain what constitutes PHI/ePHI & where it resides so that you can get started in HIPAA compliance.
Read Article
What to Expect from the Schellman-X Hiring and Onboarding Process
Schellman's bridging the gap between new college grads & the tech arena through their skill-building program, Schellman-X. Learn about one new associate's experience to better determine your interest.
Read Article
The Importance of Learning (and How Schellman Can Help)
Schellman is dedicated to learning, and now we are expanding to help educate others--whether they work here or not. Learn more about our upcoming opportunities & why continuous education is important.
Read Article
4 Common Challenges to Avoid Ahead of Your SOC 2 Examination
Getting ready to undergo a SOC 2 examination? Read about 4 common setbacks to avoid ahead of your audit so that you can better set yourself up for success.
Read Article
6 Problems Penetration Testers Face (and How Schellman is Solving Them)
Are you an experienced penetration tester seeking a new opportunity? Learn how Schellman is addressing common issues those in the industry face to help determine if this is the right place for you.
Read Article
What are the DoD Cloud Computing Security Assessment Requirements?
FedRAMP may be complicated, but DoD cloud computing security requirements are even more stringent. We break them down for you so that your entire journey to becoming compliant is that much simpler.
Read Article
What You Need to Know About The CPRA
The CPRA goes into effect soon, so here's what you need to know about California's new privacy legislation, how it compares to the CCPA, & the current state of privacy regulation in the greater U.S.
Read Article
Point-to-Point Encryption (P2PE) FAQ: 7 Basic Questions Answered
Heard of P2PE but not sure where or how to dive in? We answer 7 common questions to get you started in understanding this complex encryption and its standard for compliance.
Read Article
What are the ISO 27001 Internal Audit Requirements?
One of the core requirements of ISO 27001 is a periodic & independent internal audit of the ISMS--we break down the different facets of clause 9.2 so that you can comply more easily with the standard.
Read Article
Working for Schellman: An Early Review from an Auditor
Trying to decide which accounting firm is right for you? Our Will Sparks weighed his options & chose Schellman--he details 5 aspects of his work experience that have made him confident in his choice.
Read Article
5 Common Pitfalls to Avoid During FedRAMP Authorization
Want to get through the complexities of FedRAMP more easily? Read about 5 common pitfalls that sometimes trip up organizations during this process so that you can better avoid becoming one of them.
Read Article
Schellman’s Associate Penetration Tester Position: What to Expect
Want to be part of our Pen Test Team? We provide details on the expectations and responsibilities of an Associate Penetration Tester so that you can decide whether this is the right move for you.
Read Article
Using the ONC/OCR SRA Tool in Your HIPAA Risk Analysis
Searching for a way to simplify your HIPAA risk analysis? The ONC/OCR tool can help--we explain how, as well as how to use it so that you satisfy the HIPAA security rule more easily.
Read Article
How to Transfer an ISO Certificate
Not sure about transferring your ISO certificate? We detail the requirements for a transfer and several factors you should consider before making this decision so you can be sure this move is for you.
Read Article