SchellmanCON is back! Join us for our virtual conference on March 6 & 7, 2025

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Craig Skinner

Craig Skinner is a Senior Associate with Schellman based in Atlanta, Georgia. Prior to joining Schellman in 2020, Craig worked as an IT auditor for a professional services firm specializing in SOX and financial statement audit support, as well as SOC reporting, for the insurance and financial services industries. Craig has over three years of experience comprised of clients in various industries, including healthcare services and managed service providers. Craig is now focused primarily on SOC reporting for organizations across various industries.

Blog Feature

SOC Examinations

By: Craig Skinner
October 26th, 2022

If you order a martini from a bar, the bartender will likely make it the standard way: gin, bitters, vermouth, and a twist of lemon. If you go to a different spot, the mixologist might make it with vodka instead of gin and garnish with an olive. Maybe one time, you request it shaken not stirred. No matter which way you order, you have final say on how you address your need for a martini.

Blog Feature

NIST | CSA STAR Program | Healthcare Assessments | SOC Examinations

By: Craig Skinner
May 4th, 2022

Think about those a la carte sushi restaurants—the very cool ones with the circulating conveyor belts that let you select different dishes as they suit your fancy. Maybe your go-to is always California rolls, but you spot some delicious-looking Rainbow Rolls so you grab those one time. Or maybe you’re craving a Spicy Tuna roll, so you add that to your plate. Even if sushi is not quite your taste, you’d probably agree that SOC 2 audits are even less appetizing. Aside from the actual, in-depth audit process, they also require you to make a lot of decisions first, and it’s just added stress. That’s why you want to ensure that you take the audit path most helpful to you, and that includes the right criteria. SOC 2 functions a lot like that sushi conveyor belt—you have a lot of potential options. And we don’t just mean the SOC 2 Trust Services Categories (TSCs) that you have to select from to form the basis of your examination. We mean adding what is technically known as additional “subject matter.” For simplicity’s sake, we’ll just refer to it as “additional criteria.”

{