SchellmanCON is back! Join us for our virtual conference on March 6 & 7, 2025

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Blog Feature

Cloud Computing

By: AVANI DESAI
March 14th, 2016

Co-Authored with Kurt Long from Fairwarning and originally published on informationsecuritybuzz.com Today’s modern CRM systems are vital to your business’ success. CRM data now holds every aspect of your business’ proprietary information from corporate intelligence to sales data; as well as your customers’, from buying patterns to PII. A data breach to your CRM could be devastating to your organization resulting in lawsuits or irreparable harm to your brand’s reputation and customer trust. With so much at stake, here is what you need to know to protect your CRM.

Blog Feature

Cloud Computing | Payment Card Assessments

By: Douglas Barbin
April 11th, 2013

By Eric Sampson and Doug Barbin In a previous article, we provided a summary of the key components of the PCI DSS Cloud Computing Guidelines (“cloud supplement”). That article focused on roles, responsibilities, agreements, and audit considerations. This article speaks more to the technical considerations.

Blog Feature

Cloud Computing | SOC Examinations

By: Douglas Barbin
December 17th, 2012

DevOps, like Agile development before it, accents the continuous evolving state of software development, particularly in cloud-base software. Like any technology change, there is no surprise that auditor and security professionals are challenged as the traditional separation of duties become more and more gray. As someone who oversaw product management in an Agile / SaaS development environment and now manages audits and certifications for leading edge cloud solution providers, I offer my perspective.

Blog Feature

Cloud Computing | FedRAMP | Federal Assessments

By: Douglas Barbin
August 9th, 2012

I am delighted that Schellman is now an accredited FedRAMP 3rd Party Assessment Organization (3PAO). This is a testament to our extensive experience in the cloud service provider (CSP) space and the qualifications and experience of a licensed CPA firm, PCI QSA company, and ISO 27001 certification body.

Blog Feature

Cloud Computing | ISO Certifications | SOC Examinations

By: RYAN BUCKNER
May 23rd, 2011

In October, I posted an article on the various alternatives for CPA attestation reports. This past week, the AICPA issued its guidance on Service Organization Controls (SOC) 2 reports and an update to that post was in order. Here is what the newly released SOC 2 guidance states:

{