SchellmanCON is back! Join us for our virtual conference on March 6 & 7, 2025

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

RYAN MACKIE

Ryan Mackie is a Managing Principal at Schellman, and has been with the firm since 2005. Ryan supports the regional Florida market and manages SOC, PCI-DSS, ISO, HIPAA, and Cloud Security Alliance (CSA) STAR Certification and Attestation service delivery. He also oversees the firm-wide methodology and execution for the ISO certification services, including ISO 27001, ISO 9001, ISO 20000-1, and ISO 22301 as well as CSA STAR certification services. He has over 25 years of experience. Ryan also is an active member of the CSA and co-chairs the Open Control Framework committee which is responsible for the CSA STAR Program methodology and execution.

Blog Feature

By: RYAN MACKIE
August 16th, 2019

For those that were monitoring the wire, ISO/IEC 27001:2019 (ISO 27701) was released the week of August 5th. In draft form, it was previously labeled ISO/IEC 27552 (should you be wondering why that specific standard number has not been issued). You can obtain a copy of the published version here: https://www.iso.org/standard/71670.html.

Blog Feature

ISO Certifications

By: RYAN MACKIE
August 29th, 2016

NOTE: Schellman has since updated this content, which you can find here. According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information about customers—names, addresses and Social Security numbers.

Blog Feature

ISO Certifications

By: RYAN MACKIE
July 18th, 2016

An ISO 27001 certification can help your business stand out. It lets your customers and potential customers know you care about and will protect their information. It can also help you streamline internal processes.

Blog Feature

Cloud Computing | CSA STAR Program

By: RYAN MACKIE
July 12th, 2016

In the popular modern musical Hamilton, the titular character is given an opportunity by George Washington. Hamilton can stay on the front lines of the American Revolution, or he can become the general’s aide-de-camp. It’s a choice between gaining glory amidst the fighting or an office job with an opportunity to influence who would become our first president.

Blog Feature

ISO Certifications

By: RYAN MACKIE
April 25th, 2016

According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information about customers—names, addresses and Social Security numbers.

Blog Feature

ISO Certifications | SOC Examinations

By: RYAN MACKIE
April 21st, 2016

Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report? Many organizations today are dealing with multiple needs or demands for various compliance assessments or certifications. These organizations might wonder, “How can my ISO 27001 certification fit the needs for a SOC 2 report?” and vice versa. Below we have outlined the similarities and differences between an ISO 27001 certification and a SOC 2 examination.

Blog Feature

ISO Certifications

By: RYAN MACKIE
February 9th, 2016

Depending on your experience when you were a kid, you may have had to get your parent’s permission to do certain things—typically, big events, like sleepovers or school field trips. Without their okay, it wasn’t happening. (Or, if you circumvented them, things likely didn’t end up well when they found out.)

Blog Feature

By: RYAN MACKIE
February 12th, 2015

In the last 12 months, the Cloud Security Alliance (CSA) has made great strides in enhancing their CSA Security, Trust and Assurance Registry (STAR) Program. In brief, the STAR Program is a publicly available registry designed to recognize assurance requirements and maturity levels of cloud service providers (CSPs). Prior to issuing the guidance for STAR Certification and STAR Attestation, a CSP could only perform a self-assessment, which meant completing the Consensus Assessments Initiative questionnaire (CAIQ) and making the responses publicly available on the CSA Register. The CAIQ was completed in several different ways and the content varied from short answers to full-page responses. It was relevant information but not independently validated. This created a path for the STAR Certification and STAR Attestation Programs.

{