Schellman Receives CREST Penetration Testing Accreditation
TAMPA, Fla. – June 25, 2024 – Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is pleased to announce the firm is now a CREST-accredited penetration test provider. With a 10-year history of Penetration Testing Services and delivering quality offensive security assessments, this accreditation allows Schellman to serve clients in markets around the globe.
CREST is an international not-for-profit, membership body representing the global cybersecurity industry. Founded in the UK in 2006, it now has regional chapters covering the Americas, Asia, Australasia, and EMEA. CREST does not prescribe any specific penetration test methodology, rather focusing on the total business process, from how scoping is conducted to what kind of quality assurance controls are in place for reporting. While Schellman already retained CREST Registered Penetration Testers on staff, this next step of organizational accreditation demonstrates the firm’s commitment to maintaining high-quality methodologies, processes, and reports.
“Schellman has consistently provided top-tier security assessment services to some of the world's most distinguished organizations," said Avani Desai, CEO of Schellman. "Achieving CREST accreditation marks a significant milestone and further establishes the firm as a trusted partner, particularly to our global clients and those in areas such as the financial services sector in the US. This accreditation shows our commitment to delivering high-quality, comprehensive offensive security solutions that our clients have come to trust. Additionally, CREST membership is part of our international expansion plans as we work with clients in new compliance areas such as DORA, IRAP, and others.”
“CREST is delighted to welcome Schellman as an accredited member company for its penetration testing services,” said Rowland Johnson, CREST President. “To achieve this, Schellman successfully completed a demanding assessment process that examined test methodologies, legal and regulatory requirements, data protection standards, logging and auditing, internal and external communications with stakeholders, as well as how data security is maintained. Through CREST accreditation, Schellman has valuable external validation that the company consistently delivers the highest professional penetration testing services to its customers.”
Earlier this year, Schellman also announced that it received accreditation for France’s Health Data Host (HDS) certification services, the first US-based firm to do so, and that it can now support Australia’s Infosec Registered Assessors Program (IRAP) assessments. These accreditations, alongside CREST, enable the firm to expand services, continue to push the boundaries of security testing and deliver even greater value to clients as they look to ensure the safety and security of mission-critical systems.
“Achieving CREST certification is more than a milestone for Schellman – it is a cornerstone in our mission to ensure robust and resilient cyber defenses for our clients,” said Kent Blackwell, Director for Schellman’s Penetration Testing Services. “Our clients can trust that our services are delivered with excellence and integrity, backed by a team that meets internationally recognized standards. This accreditation not only enhances our ability to conduct thorough penetration tests but also further cements Schellman as a trusted advisor in the cybersecurity realm, capable of navigating complex security landscapes with precision and expertise. I am excited about the opportunities that CREST accreditation brings to our firm and our clients. It will enable us to expand our services, continue pushing the boundaries of security testing, and deliver even greater value to our clients. We remain dedicated to advancing our capabilities and contributing to the safety and security of the digital economy.”
For more details, review Schellman’s CREST Accreditation Credential on the CREST Website.
About Schellman
Schellman is a leading provider of attestation and compliance services. We are the only company in the world that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body, HITRUST CSF Assessor, a FedRAMP 3PAO, and most recently, an APEC Accountability Agent. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. Our approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives through a single third-party assessor.