www.schellman.com Open in urlscan Pro
2606:2c40::c73c:671c  Public Scan

Form analysis
2 forms found in the DOM

<form onsubmit="event.preventDefault();headerSearch(this);">
  <input type="text" class="header--main--search--input--input" placeholder="Search">
  <input type="submit" class="visuallyhidden" value="Submit">
</form>

<form onsubmit="event.preventDefault();mobileSearch(this);">
  <input type="text" class="mobilenav--search--input" placeholder="Search">
  <input type="submit" class="visuallyhidden" value="Submit">
  <a class="mobilenav--search--submit">
                      <i class="fas fa-search mobilenav--search--submit--icon"></i>
                    </a>
</form>

Text Content

We use cookies to personalize content and to provide you with an improved user
experience. By continuing to browse this site you consent to the use of cookies.
Please visit our cookie policy for further details.

Close
Contact a Specialist
Services
SOC & Attestations
 * SOC 1
 * SOC 2
 * SOC 3
 * SOC for Cybersecurity
 * SOC for Supply Chain
 * C5 Attestation
 * Crypto and Digital Trust

Payment Card Assessments
 * PCI DSS Validation
 * PA DSS Validation
 * P2PE DSS Validation
 * Secure Software Framework
 * PCI DSS ASV Scanning

ISO Certifications
 * ISO 27001
 * ISO 27701
 * ISO 22301
 * ISO 20000-1
 * ISO 9001
 * CSA STAR Program

Privacy Assessments
 * GDPR Assessment
 * International Privacy Assessments
 * APEC Certification
 * US State Privacy Assessments
 * Privacy Program Assessment
 * EU Cloud Code of Conduct
 * MS DPR Assessments

Federal Assessments
 * FedRAMP
 * CMMC
 * FISMA/NIST 800-53
 * NIST 800-171
 * CJIS, ITAR, and Other

Healthcare Assessments
 * HIPAA
 * HITRUST Certification
 * DEA EPCS

Penetration Testing
 * Adversary Simulation
 * Application and API
 * Assumed Breach
 * Infrastructure and Network
 * Thick Client

Cloud Configuration Assessments
 * Amazon Web Services
 * Google Cloud Platform
 * Microsoft Azure
 * Oracle Cloud Infrastructure

Build Your Compliance Roadmap
Industry Solutions
Cloud Computing & Data Centers Meet a broad range of regulatory and industry
compliance mandates for your customers
Financial Services & Fintech Cybersecurity assessments for both the banking
industry and the financial service providers
Healthcare Reporting to manage risk and adhere to applicable laws and
regulations
Payment Card Processing Validate compliance with the various forms of the PCI
DSS
US Government Achieve authorization to work for federal agencies, DoD, and the
associated contractor base
View All Industry Solutions
Learning Center
Articles
Whitepapers
Case Studies
Events & Live Webinars
On-Demand Webinars
Compliance Reliance
Visit the Learning Center
Our Process
About Us
Leadership Team
Careers
Corporate Social Responsibility
Visit About Us
Contact Us

Services
Industry Solutions
Learning Center
Our Process
About Us
Contact Us
Contact a Specialist
Services
View All Services
SOC & Attestations
Payment Card Assessments
ISO Certifications
Privacy Assessments
Federal Assessments
Healthcare Assessments
Penetration Testing
Cloud Configuration Assessments
SOC & Attestations
SOC 1
SOC 2
SOC 3
SOC for Cybersecurity
SOC for Supply Chain
C5 Attestation
Crypto and Digital Trust
Payment Card Assessments
PCI DSS Validation
PA DSS Validation
P2PE DSS Validation
Secure Software Framework
PCI DSS ASV Scanning
ISO Certifications
ISO 27001
ISO 27701
ISO 22301
ISO 20000-1
ISO 9001
CSA STAR Program
Privacy Assessments
GDPR Assessment
International Privacy Assessments
APEC Certification
US State Privacy Assessments
Privacy Program Assessment
EU Cloud Code of Conduct
MS DPR Assessments
Federal Assessments
FedRAMP
CMMC
FISMA/NIST 800-53
NIST 800-171
CJIS, ITAR, and Other
Healthcare Assessments
HIPAA
HITRUST Certification
DEA EPCS
Penetration Testing
Adversary Simulation
Application and API
Assumed Breach
Infrastructure and Network
Thick Client
Cloud Configuration Assessments
Amazon Web Services
Google Cloud Platform
Microsoft Azure
Oracle Cloud Infrastructure
Industry Solutions
View All Industry Solutions
Cloud Computing & Data Centers
Financial Services & Fintech
Healthcare
Payment Card Processing
US Government
Cloud Computing & Data Centers
Financial Services & Fintech
Healthcare
Payment Card Processing
US Government
Learning Center
Visit the Learning Center
Articles
Whitepapers
Case Studies
Events & Live Webinars
On-Demand Webinars
Compliance Reliance
Articles
Whitepapers
Case Studies
Events & Live Webinars
On-Demand Webinars
Compliance Reliance
About Us
About Schellman
Leadership Team
Careers
Corporate Social Responsibility
Leadership Team
Careers
Corporate Social Responsibility


SIMPLIFY YOUR IT COMPLIANCE STACK

WITH SO MANY STANDARDS, IT COMPLIANCE CAN QUICKLY TAKE OVER YOUR CALENDAR. LET
US UNTANGLE YOUR COMPLEX COMPLIANCE NEEDS.

Start Simplifying View All Solutions




TAILOR YOUR SUITE OF SERVICES

Staying in front of industry trends, Schellman is always adding and refining our
IT audit and compliance offerings:

SOC & ATTESTATIONS

Build trust and confidence with your customers and their auditors with an
independent SOC 1, SOC 2, or SOC 3 examination.

Learn More

FEDERAL ASSESSMENTS

Support your ATO for federal agencies by providing an independent assessment
with a FedRAMP or CMMC assessment.

Learn More

PAYMENT CARD ASSESSMENTS

Validate compliance by adherence to your PCI DSS requirements through a Report
on Compliance.

Learn More

HEALTHCARE ASSESSMENTS

Evaluate the growing healthcare complexities to ensure you are providing the
highest level of security and privacy to your business associates and covered
entities.

Learn More

ISO CERTIFICATIONS

Increase the confidence in your product or service by certification through the
standards developed and published by the International Organization for
Standardization.

Learn More

PENETRATION TESTING

Strengthen your security to effectively respond and mitigate the threats to an
increasingly vulnerable technology landscape.

Learn More

PRIVACY ASSESSMENTS

Identify and assess the strict data protection regulations across the world and
different industries to ensure the privacy of the data you process.

Learn More

CLOUD CONFIGURATION ASSESSMENTS

Reduce security risks in cloud computing to protect your organization and
clients from the threat of data loss and maintain a competitive edge.

Learn More




OUR PEOPLE ARE AMONG THE MOST EXPERIENCED ASSESSORS IN THE IT COMPLIANCE
INDUSTRY

0

Average number of projects previously completed by professionals.
0%

Consistent project teams with over 90% retention rate over the past 5 years.
0

Unmatched experience with an average of 9 years of professional services
experience per professional.
0

Average tenure of employees at over 3 years ensures cohesive project teams.
0

Focused on hiring and growing the most experienced teams with an average of 4
professional certifications per professional.


INDUSTRY SOLUTIONS

With a deep breadth of experience, we have assembled the most common suite of
compliance solutions for your specific industry in mind:

CLOUD COMPUTING & DATA CENTERS

Learn More

FINANCIAL SERVICES & FINTECH

Learn More

HEALTHCARE

Learn More

PAYMENT CARD PROCESSING

Learn More

US GOVERNMENT

Learn More




TRUSTED BY THE WORLD'S LEADING COMPANIES

View case studies

 * 


WHY SCHELLMAN?

Why the world’s leading companies choose Schellman over other providers.

 
 * Transparency in regular project updates
 * Fixed-fee model ensures confidence in budgeting
 * Timely reporting that never misses a deadline
 * Robust infrastructure and methodology for remote audit needs
 * Single assessor means a lower impact to your audit initiatives

Learn more about us




OUR PROCESS BRINGS TOGETHER EVERYTHING YOU NEED TO SIMPLIFY YOUR COMPLIANCE

As a market leader and innovator within the compliance industry we have
developed a process and methodology that infuses the latest technology and
expertise to reduce the impact on your resources and ensure a clear and timely
audit is performed year after year.

Learn more about our process




EXPAND YOUR KNOWLEDGE AT OUR LEARNING CENTER


 * PREPARING FOR WEB 3.0
   
   WEB 3.0 IS COMING—DID YOU KNOW? BUT WHAT IS WEB 3.0? WE EXPLAIN THAT, ALONG
   WITH WHAT'S HOLDING UP ITS ADOPTION AND HOW IT WILL CHANGE OUR COLLECTIVE
   DIGITAL FUTURE.
   
   Read Article
 * about 6 hours ago
   
   
   PREPARING FOR WEB 3.0
   
   ERNEST CLINE’S SCI-FI NOVEL, READY PLAYER ONE, CENTERS ON USERS’ EXPERIENCE
   WITHIN THE OASIS—A HIGHLY ADVANCED, FULLY IMMERSIVE SIMULATION. IN THE BOOK,
   PEOPLE PREFER LIVING IN VIRTUAL...
   
   Read Article


 * WHICH BIG 4 FIRM SHOULD PERFORM YOUR SOC AUDIT?
   
   THE BIG 4 ARE USUALLY EVERYONE'S FIRST INSTINCT WHEN IT COMES TO SOC REPORTS.
   WE BREAK EACH FIRM DOWN AND PROVIDE QUESTIONS YOU CAN ASK THEM ALL AS YOU
   SEARCH FOR THE RIGHT COMPLIANCE FIRM FOR YOU.
   
   Read Article


 * HOW TO SCOPE A SOC 2 AUDIT: 3 STEPS
   
   DOING A SOC 2 AUDIT BUT NOT SURE WHAT ALL YOU NEED TO INCLUDE? LEARN ABOUT 3
   CLEAR STEPS YOU CAN TAKE TO MORE EASILY DEFINE THE SCOPE OF YOUR SOC 2
   EXAMINATION.
   
   Read Article
 * 
   Loading More Items...

Visit the Learning Center


WHAT OUR CLIENTS ARE SAYING

Working with some of the best organizations in the world, honest feedback is
essential. We survey our clients after every engagement, and here is what some
of them had to say:

AS SOMEONE WHO HAS INTERACTED WITH VARIOUS AUDIT ORGANIZATIONS SUCH AS PWC,
KPMG, EY, ETC., THE TEAM AT SCHELLMAN IS ALWAYS AT A HIGHER LEVEL IN TERMS OF
KNOWLEDGE/EXPERTISE, PROFESSIONALISM, AND CUSTOMER ADVOCACY. WITH OTHER AUDIT
FIRMS, MY EXPERIENCE HAS ALWAYS BEEN SIMILAR TO DRIVING WITHOUT POWER STEERING
WHERE I AM HAVING TO DO MORE WORK AND STRUGGLE TO STAY IN MY DIRECTION. WITH THE
SCHELLMAN TEAM, IT IS LIKE DRIVING WITH NOT JUST POWER STEERING, BUT LANE
DEPARTURE WARNING, COLLISION AVOIDANCE BRAKING, AND BLIND SPOT INDICATORS."

ISO 27001 Certification | Software Company

I DON'T KNOW WHAT WE WOULD DO WITHOUT OUR PARTNERS AT SCHELLMAN. THEY'VE DONE A
GREAT JOB SUPPORTING ALL OUR AUDITS, AD-HOC REQUESTS, AND PROVIDING A GREAT
LEVEL OF SERVICE TO EVERYONE AT OUR ORGANIZATION. WE LOOK FORWARD TO MANY MORE
YEARS OF CONTINUED PARTNERSHIP."

SOC 1 Assessment | Management consulting services company

SCHELLMAN TOOK THE TIME TO UNDERSTAND OUR BUSINESS AND INFRASTRUCTURE IN ORDER
TO EFFECTIVELY PROVIDE A QUALITY ANALYSIS OF EXISTING AND FUTURE CONTROLS TO BE
IMPLEMENTED.

ALL PARTIES INVOLVED WERE QUICK TO COMMUNICATE AND PROVIDE FEEDBACK TO KEEP THE
PROJECT RUNNING ON PACE. WE FEEL THAT THIS PROJECT HAS GREATLY IMPROVED OUR
SECURITY POSTURE AND THE EFFECTIVENESS OF OUR BUSINESS PROCESSES."

SOC 2 Assessment Services | EMR Software Provider

AFTER WORKING WITH THIS TEAM ON SEVERAL ENGAGEMENTS, I AM ALWAYS IMPRESSED WITH
THEIR LEVEL OF FLEXIBILITY AND WILLINGNESS TO WORK THROUGH THE ASSESSMENTS. THE
TEAMS ARE EASY TO WORK WITH AND ARE ALWAYS AVAILABLE TO PROVIDE GUIDANCE AND
EDUCATION WHEN NEEDED."

PCI DSS Validation | Managed Service Provider

AS SOMEONE WHO HAS INTERACTED WITH VARIOUS AUDIT ORGANIZATIONS SUCH AS PWC,
KPMG, EY, ETC., THE TEAM AT SCHELLMAN IS ALWAYS AT A HIGHER LEVEL IN TERMS OF
KNOWLEDGE/EXPERTISE, PROFESSIONALISM, AND CUSTOMER ADVOCACY. WITH OTHER AUDIT
FIRMS, MY EXPERIENCE HAS ALWAYS BEEN SIMILAR TO DRIVING WITHOUT POWER STEERING
WHERE I AM HAVING TO DO MORE WORK AND STRUGGLE TO STAY IN MY DIRECTION. WITH THE
SCHELLMAN TEAM, IT IS LIKE DRIVING WITH NOT JUST POWER STEERING, BUT LANE
DEPARTURE WARNING, COLLISION AVOIDANCE BRAKING, AND BLIND SPOT INDICATORS."

ISO 27001 Certification | Software Company

I DON'T KNOW WHAT WE WOULD DO WITHOUT OUR PARTNERS AT SCHELLMAN. THEY'VE DONE A
GREAT JOB SUPPORTING ALL OUR AUDITS, AD-HOC REQUESTS, AND PROVIDING A GREAT
LEVEL OF SERVICE TO EVERYONE AT OUR ORGANIZATION. WE LOOK FORWARD TO MANY MORE
YEARS OF CONTINUED PARTNERSHIP."

SOC 1 Assessment | Management consulting services company

SCHELLMAN TOOK THE TIME TO UNDERSTAND OUR BUSINESS AND INFRASTRUCTURE IN ORDER
TO EFFECTIVELY PROVIDE A QUALITY ANALYSIS OF EXISTING AND FUTURE CONTROLS TO BE
IMPLEMENTED.

ALL PARTIES INVOLVED WERE QUICK TO COMMUNICATE AND PROVIDE FEEDBACK TO KEEP THE
PROJECT RUNNING ON PACE. WE FEEL THAT THIS PROJECT HAS GREATLY IMPROVED OUR
SECURITY POSTURE AND THE EFFECTIVENESS OF OUR BUSINESS PROCESSES."

SOC 2 Assessment Services | EMR Software Provider

AFTER WORKING WITH THIS TEAM ON SEVERAL ENGAGEMENTS, I AM ALWAYS IMPRESSED WITH
THEIR LEVEL OF FLEXIBILITY AND WILLINGNESS TO WORK THROUGH THE ASSESSMENTS. THE
TEAMS ARE EASY TO WORK WITH AND ARE ALWAYS AVAILABLE TO PROVIDE GUIDANCE AND
EDUCATION WHEN NEEDED."

PCI DSS Validation | Managed Service Provider

 * 
 * 
 * 
 * 


TAKE THE FIRST STEP IN UNTANGLING YOUR COMPLIANCE.

OUR TEAM OF PRACTICE LEADERS, NOT SALES, ARE READY TO TALK AND HELP DETERMINE
YOUR BEST NEXT STEPS.

Contact a Specialist View All Services

SCHELLMAN

4010 W Boy Scout Boulevard, Suite 600
Tampa, FL 33607

U.S. 1.866.254.0000

Outside the U.S. 1.813.288.8833



SERVICES

 * SOC & Attestations
 * Federal Assessments
 * Penetration Testing
 * Healthcare Assessments
 * ISO Certifications
 * Payment Card Assessments
 * Privacy Assessments
 * Cloud Configuration Assessments

INDUSTRIES

 * Cloud Computing & Data Centers
 * Financial Services & Fintech
 * Healthcare
 * Payment Card Processing
 * U.S. Government

RESOURCES

 * Resources
 * Our Process

COMPANY

 * About Us
 * Careers
 * Contact Us

© SchellmanPrivacy PolicyTerms

“Schellman” is the brand name under which Schellman & Company, LLC and Schellman
Compliance, LLC provide professional services. Schellman & Company, LLC and
Schellman Compliance, LLC practice as an alternative practice structure in
accordance with the AICPA Code of Professional Conduct and applicable law,
regulations and professional standards. Schellman & Company, LLC is a licensed
certified public accounting firm (Florida license number AD62941) registered
with the Public Company Accounting Oversight Board (PCAOB) that provides attest
services to its clients, and Schellman Compliance, LLC provides nonattest
cybersecurity and compliance professional services to its clients. Schellman
Compliance, LLC is not a licensed CPA firm. Schellman & Company, LLC and
Schellman Compliance, LLC are independently owned and are not liable for the
services provided by any other entity providing services under the Schellman
brand. Our use of the terms “our firm” and “we” and “us” and terms of similar
import, denote the alternative practice structure conducted by Schellman &
Company, LLC and Schellman Compliance, LLC.