Schellman & Company, LLC Announces Carve Out Acquisition of Connor Consulting’s Third-Party Risk Management (TPRM) Practice

TAMPA, Fla.--(BUSINESS WIRE)-- Schellman & Company, LLC, a leading provider of attestation and compliance services and top 50 CPA firm, is pleased to announce the carve-out acquisition of the Third-Party Risk Management (TPRM) practice from Connor Consulting. This deal marks another significant milestone in Schellman’s strategic growth through acquisitions and its dedication to delivering tailored, independent compliance and governance assessments.

Cybersecurity concerns are on the rise, particularly within the supply chain, as organizations face increasing threats from third-party vulnerabilities. The expanding landscape of global technology and cybersecurity regulations underscores the need for robust governance and compliance strategies. To address these challenges, organizations must prioritize TPRM through thorough audits, assessments, and expert guidance.

Schellman’s strategic integration of the Connor carve-out—formerly a cornerstone of their GRC services—into its TPRM offerings highlights this growing focus. By strengthening third-party oversight, Schellman is helping organizations navigate the evolving cybersecurity landscape and fortify their supply chains against emerging threats.

“We continue to listen closely to our clients and their evolving needs for services that address today’s most pressing challenges,” said Doug Barbin, President of Schellman & Company, LLC. “This acquisition marks another exciting chapter in Schellman’s growth and commitment to innovation. By welcoming the exceptional team from Connor, we not only expand our capabilities in third-party risk management but also reaffirm our dedication to delivering unmatched compliance solutions. Our focus is on empowering organizations with the tools and insights they need to thrive in an increasingly complex and regulated business landscape—all while staying true to our core values of independence, quality, and client-centric service.”

By integrating the TPRM practice into its operations, Schellman will further strengthen its ability to deliver comprehensive, tailored solutions for managing third-party risk. These services will complement Schellman’s extensive expertise in critical areas such as SOC, ISO, Microsoft's Supplier Security and Privacy Assurance (SSPA), and FedRAMP assessments, as well as their in-depth knowledge of broader cybersecurity frameworks. The acquisition underscores Schellman’s commitment to expanding its capabilities while maintaining a people-first, quality-driven approach that clients have come to trust.

“Governance, risk, and compliance services have always been critical to helping organizations navigate risk and drive resilience,” said Anthony Hargreaves, former Managing Director at Connor who will contribute to the growth of the TPRM practice at Schellman. “I’ve long admired Schellman’s commitment to excellence and independence, and I’m thrilled to join forces with such a respected team. Together, we’ll bring expertise and dedication to our clients and team members, ensuring they thrive in this expanded and dynamic environment.”

"I would like to thank Anthony and the GRC/TPRM team for their contributions to Connor,” added Viresh Chana, Managing Partner at Connor Consulting. “I believe Schellman will be a great place for the team to continue to grow and excel. This divesture allows Connor to focus our investments and growth in bringing new products and services to our core services in Royalty, IP, and Software Licensing and Advisory Services.”

Under this agreement, select personnel and the TPRM practice will transition to Schellman. As the transition progresses, Schellman and Connor are committed to ensuring a seamless experience for clients and employees. Existing TPRM clients can expect uninterrupted service and expanded resources to support their compliance and governance needs, with a sharpened focus on third-party risk management.