SchellmanCON is back! Join us for our virtual conference on March 6 & 7, 2025

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Douglas Barbin

As President and National Managing Principal, Doug Barbin is responsible for the strategy, development, growth, and delivery of Schellman’s global services portfolio. Since joining in 2009, his primary focus has been to expand the strong foundation in IT audit and assurance to make Schellman a market leading diversified cybersecurity and compliance services provider. He has developed many of Schellman's service offerings, served global clients, and now focuses on leading and supporting the service delivery professionals, practice leaders, and the business development teams. Doug brings more than 25 years’ experience in technology focused services having served as technology product management executive, mortgage firm CTO/COO, and fraud and computer forensic investigations leader. Doug holds dual-bachelor's degrees in Accounting and Administration of Justice from Penn State as well as an MBA from Pepperdine. He has also taken post graduate courses on Artificial Intelligence from MIT and maintains multiple CPA licenses and in addition to most of the major industry certifications including several he helped create.

Blog Feature

Federal Assessments

By: Douglas Barbin
May 14th, 2024

With the deadlines for the newly incorporated Cybersecurity Infrastructure and Security Agency (CISA) Secure Software Development Attestation Form looming, organizations supplying government-used software must get their ducks in a row to ensure compliance with these requirements.

Blog Feature

By: Douglas Barbin
August 15th, 2023

If you’ve ever been told by your customers or stakeholders that you need to conduct some kind of external audit to win or keep their business, the first question that likely came to mind was, “How much will that cost?” The initial answer, at least, is that it depends.

Blog Feature

Federal Assessments

By: Douglas Barbin
June 15th, 2023

In May of 2021, President Biden issued his Executive Order on Improving the Nation’s Cybersecurity (E0 14028), an EO that took specific and significant aim at federal IT systems as well as the private sector technology and software providers that support it.

Blog Feature

ESG

By: Douglas Barbin
May 30th, 2023

If you know Schellman, you likely know our standard plug—we’re a leading provider of attestation and compliance services and we’re the only provider in the world that has a CPA firm, a globally licensed PCI Qualified Security Assessor, a comprehensive ISO Certification Body, HITRUST CSF Assessor, a FedRAMP 3PAO, CMMC C3PAO, and APEC Accountability Agent working together to address our client’s complex and interrelated security and privacy compliance requirements.

Blog Feature

SchellmanLife

By: Douglas Barbin
May 13th, 2022

My Story Last Thursday, I had my dermatology check-up with Dr. Sutterfield just a few miles from my house. I have these every three months, and this last time everything was all good—nothing suspicious or even cut off this time.

Blog Feature

Compliance and Certification | Federal Assessments | CMMC

By: Douglas Barbin
January 13th, 2022

The Belgian writer and painter Erik Pevernagie once said that “without a clear-cut vision and a proper reading of the roadmap we may not reach the buoyant shores of the horizon.”

Blog Feature

Cybersecurity Assessments | FedRAMP | Federal Assessments

By: Douglas Barbin
May 13th, 2021

Yesterday, on May 12th, President Biden issued the “Executive Order (EO) on Improving the Nation’s Cybersecurity.” Given that the Order features 11 sections that include both policy and general provisions among others, its 8,080 words is arguably the equivalent of multiple EOs. Such an effort is, no doubt, purposeful by the President—this is significant, and will certainly impact the security worlds of both the government itself and those companies that provide it with software and services.

Blog Feature

Cloud Computing | Payment Card Assessments

By: Douglas Barbin
April 11th, 2013

By Eric Sampson and Doug Barbin In a previous article, we provided a summary of the key components of the PCI DSS Cloud Computing Guidelines (“cloud supplement”). That article focused on roles, responsibilities, agreements, and audit considerations. This article speaks more to the technical considerations.

{