TAMPA, FL: Tampa-based Schellman, a leading provider of attestation and compliance services, continues to emphasize its people and culture investment, now through the appointment of Bhavna Dave as the company’s new Chief People & Culture Officer.

The below blog, originally dated January 26, 2023, has now been updated as the cited IAF MD 26 was updated on February 15, 2023. IAF MD 26 Issue 2 resulted in the following main changes that are now also detailed further within this article (ordered in terms of importance)

Tampa-based Schellman, a leading provider of cybersecurity attestation and compliance services, is pleased to announce that Craig Kallin has joined the firm as Chief Marketing Officer. Kallin is a senior marketing executive and business leader with 25+ years of experience serving financial institutions, professional services organizations, and well-known consumer brands.

Tampa-based Schellman, a global provider of attestation and compliance services, announced today that it is now an accredited assessor under the Kantara Initiative. In January 2022, Schellman acquired the practice of Scott Perry, CPA to create a new practice focused on Web 3.0. This new accreditation represents our next move in supporting next-generation audit services.

Tampa, FL, April 19, 2022 - Schellman, a leading provider of attestation and compliance services, announced today that we remained ranked #12 among Vault’s 2022 Accounting 50. This is our third year among Vault’s best accounting firms to work for in North America, and our second year in a row as #12.

Tampa, FL, April 15, 2022 – Tampa-based Schellman, a leading provider of attestation and compliance services, is proud to announce that we have once again been named one of the largest CPA firms in the United States by Accounting Today (AT).

When you consider the brand new version 4.0 of the PCI DSS standard, it may help to picture it like your car. We all understand that several things that need to happen to make your car run so you can successfully get from Point A to Point B. Some of them are critical—like brake pads and a functioning battery—whereas some are arguably less so, though they’re still important to your overall journey. (Think headlights or clean engine oil.) The same is true within version 4.0, which gave us 60 new requirements to sort through and prepare for to ensure your continued compliance. That’s a lot of new concepts you’re going to need to accommodate, even if many of them won’t be official until March 2025. (They’ll be considered “best practices” until then.) As you start to investigate these things you need to “tune up,” we want to help. As PCI Qualified Service Assessors (QSAs), we’re doing the work to familiarize ourselves with this new version we’ll need to evaluate our clients against. Using the knowledge we’ve gleaned so far, we want to act as your “mechanic” of sorts—that is, help you understand those more critical parts of this car standard that are particularly critical to prepare for during this transition. That’s why we’re going to outline seven of the bigger requirements among all the changes in PCI DSS v4.0. We made a video detailing the new PCI requirements as well, but in this article, we’ll help you follow the thinking behind them from our assessor’s point of view and how to ensure you comply with them in the future. We’ll also note some of the additional guidance the PCI Council has provided for some of these major updates. With this more nuanced view of these changes, you’ll be able to better prepare for the pending shift to v4.0.