Introducing Schellman SPIRRIT

These days, the need for effective cybersecurity defenses is ever present as we all just need to look in the news to witness the impacts of cyberattacks. Whether related to the exploitation of vulnerabilities or inadequate governance surrounding threat risk identification, analysis, mitigation, and awareness, cyberattacks and their consequences can be disastrous for any business.

Bigger, more established corporations have the resources to protect themselves from evolving threats, but what about everyone else? In fact, small or underserved organizations are especially vulnerable and struggle to implement and sustain security measures commonly realized by larger or better-positioned companies.

To ensure that “no business is left behind,” Schellman created SPIRRIT—Schellman Partnerships in Reducing Risk in Information Technology.

Top-tier cybersecurity services—including Schellman services—can be cost-prohibitive, but we designed this initiative to help those organizations with fewer resources. Through succinct, risk-focused assessments, SPIRRIT will enable small or underserved businesses better prepare for disruptive cyber incidents.

To help these organizations identify, assess, manage, and reduce risk, we will:

  • Offer a flexible service offering that is risk-focused and can be tailored to non-traditional organizations with a focus on quick-win improvements to overall security posture.
  • Use our experience and technical knowledge to help organizations identify, assess, manage, and reduce risk so that they may increase their overall cyber sophistication.
  • Bring awareness to freely available resources from organizations such as NIST, CISA, and SBA.

In the coming weeks, SchellmanSPIRRIT will establish a Selection Committee to ensure a fair and unbiased review of proposed candidate companies. Organizations will be chosen based on their current needs and the potential for Schellman to create a meaningful impact.  The following small business categorizations will be considered:

  • Small to mid-sized businesses;
  • Service-disabled, veteran-owned small businesses;
  • Women-owned businesses;
  • Minority-owned businesses;
  • LGBT-owned businesses; and
  • Research and/or educational institutions.

 At Schellman, we recognize that cybersecurity and the protection of our nation’s infrastructure and data is everyone’s responsibility. Through SchellmanSPIRRIT, we hope to help shoulder the load by helping businesses/organizations that need us the most with their response capabilities, attack surface reduction, and risk mitigation.

As we look to launch our first SchellmanSPIRRIT pilot engagements in August, we are excited to embark on this journey in putting our talents to good use!

About the Author

Schellman Compliance

Schellman is a leading global provider of attestation, compliance, and certification services. Operating as an alternative practice structure as Schellman & Company, LLC, a top 100 CPA firm, and Schellman Compliance, LLC, a globally accredited compliance assessment firm, we are able to offer clients services as a CPA firm, an ISO Certification Body, a PCI Qualified Security Assessor Company, a HITRUST assessor, a FedRAMP 3PAO, and as one of the first CMMC Authorized C3PAOs. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Schellman's approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives using a single third-party assessor. For more information, please visit

More Content by Schellman Compliance
Previous Article
How to Prepare for Your Web Application Penetration Test
How to Prepare for Your Web Application Penetration Test

Invested in a web application penetration test? We detail what this specific test is, as well as 5 things y...

Next Article
What Can You Expect From Schellman’s Penetration Test Team?
What Can You Expect From Schellman’s Penetration Test Team?

Curious about Schellman's pen test capabilities? Read about what you can expect from our experienced team o...

Now Providing C5 Examinations

Learn about C5