SchellmanCon 2025

Services

Suite of Services

Schellman began as a SOC audit firm 20+ years ago. While we still issue more than 2,000 SOC reports each year, our clients’ trust has propelled our expansion. Today, we offer nearly 60 types of audits and assessments.

Download a PDF of All Services

Learning Center

Our Technology

About Us

Schellman is the only Top 50 CPA firm focused exclusively on IT Compliance and Cybersecurity, and we’re the #1 service provider for FedRAMP Assessments.Our industry-leading NPS scores, client retention, and employee retention (low-to-no team churn = less audit fatigue) mean our clients experience greater continuity and quality.We also understand how distracting unplanned work can be, so we focus on client-centric KPIs to help keep your business moving uninterrupted.

ISO Certificate Directory

Services

View All Services

SOC & Attestations

SOC 1 / SSAE 18 Examination

SOC 2 Examination

SOC 3 Examination

SOC for Supply Chain

SOC for Cybersecurity

SOC Essentials for Early-Stage Companies

C5 Attestation

CSA STAR Programs

Payment Card Assessments

PCI DSS Validation

PCI SSF

PCI P2PE Validation

PCI PIN Assessments

PCI 3DS Compliance

ISO Certifications

ISO 27001

ISO 42001

ISO 27701

ISO 9001

ISO 22301

ISO-20000-1

Privacy Assessments

APEC Certification

GDPR Assessment

International Privacy Assessments

US State Privacy Assessments

Microsoft SSPA/DPR Assessment

Privacy Program Assessment

FERPA Assessment

EU Cloud Code of Conduct

Federal Assessments

FedRAMP®

CMMC / NIST SP 800-171

FISMA/NIST

ITAR

CJIS

IRAP

FTC Consent Decrees

Healthcare Assessments

HITRUST Certification

HIPAA Compliance

HIPAA Express

EPCS-DEA Audits

Health Data Host (HDS) Certification

Penetration Testing

Application

Network

Mobile

Red Teaming

Social Engineering

Cloud

Physical

Hardware and IoT

Advanced Series

Cybersecurity Assessments

Cloud Configuration Assessments

Ransomware Assessments

NIST Cybersecurity Framework Assessments

Schellman Software Security Assessment (S³A)

TISAX®

SWIFT Customer Security Programme

Internal Audit Co-Sourcing

Crypto and Digital Trust

Schellman Training

Sustainability Services

AI Services

Learning Center

Our Technology

About Us

Leadership Team

Corporate Social Responsibility

Careers

Strategic Partnerships

ISO Certificate Directory

That's a Wrap!

CPE-Eligible

SchellmanCON 2025 is Over

Subscribe to Weekly Updates

This event is intended for our clients, compliance experts, and all with a passion for cybersecurity to share relevant and impactful information in the cybersecurity and compliance space.

Prepare to unite with the foremost thought leaders in the world of compliance, where we discuss the emerging trends in compliance, cybersecurity, threat management, artificial intelligence and more. Industry expert panelists will explore best practice approaches to cybersecurity assessments, and share their winning strategies through networking and knowledge cafes. Participants are automatically enrolled for complimentary training and other prizes. Extend your invitations to your teams and partake in an action-packed, two-day agenda that promises to be truly enriching.

Featured Sessions

Subscribe to Weekly Updates

Topics

FedRAMP
Red Teaming
CMMC
SOC2+
Financial Services
ZeroTrust
Responsible AI (ISO 42001)
Consolidated Compliance
Penetration Testing
NIST CSF
ISO 14001 Certification
TISAX
Sustainability Services
ISO 27001+
Artificial Intelligence
Third-Party Risk Management
HITRUST / Healthcare
CSF

Tickets

1 Day

4 CPEs possible
Main Sessions, Sponsor Sessions, Expo Hall

$59

2 Day

8 CPEs possible
Main Sessions, Sponsor Sessions, Expo Hall

$99

Featured Speakers

Mark Allers

VP of Business Development
Cimcor

Learn More

Caroline Aulbach

Manager
Schellman

Learn More

Ardian Berisha

Sales Director
PECB

Learn More

Jake Bernardes

CISO
anecdotes

Learn More

Doug Barbin

National Managing Principal
Schellman

Learn More

Kent Blackwell

Director
Schellman

Learn More

Keifer Blandon

Senior Manager
bladestack.io

Learn More

Stu Block

Director
Schellman

Learn More

Sam Bradley

Auditor Partnerships
Vanta

Learn More

Matt Brunker

Founding Director & Principal Security Consultant
ArchCyber

Learn More

Mike Britton

CIO of Abnormal Security
SafeBase

Learn More

Ryan Buckner

Chief Knowledge Officer
Schellman

Learn More

Adam Bush

Director
Schellman

Learn More

Jon Coffelt

Senior Manager
Schellman

Learn More

Matt Cooper

Director, GRC
Vanta

Learn More

Matt Crane

Director
Schellman

Learn More

Avani Desai

Chief Executive Officer
Schellman

Learn More

Steve Dyson

Senior Cybersecurity Manager
Echelon

Learn More

Lauren Edmonds

Managing Director
Schellman

Learn More

John Elliott

Security Advisor
Jscrambler

Learn More

Nisha Ellis

Senior Manager
Schellman

Learn More

Dave Faraone

Partner
Echelon

Learn More

Jason Ford

CEO
Steel Patriot Partners

Learn More

Josh Fleming

Senior Cybersecurity Manager, Risk Advisory
Echelon

Learn More

Jim Goldman

CEO and Co-Founder
Trava Security, Inc.

Learn More

Lisa Hall

CISO
SafeBase

Learn More

Walter Haydock

CEO and Founder
StackAware

Learn More

Matt Hillary

CISO
Drata

Learn More

Matt Hungate

Director
Schellman

Learn More

Christian Hyatt

CEO & Co-Founder
risk3sixty

Learn More

Jay Imszennik

Director
Schellman

Learn More

Andrew Josephides

VP of Security and Infrastructure
Evisort

Learn More

Joseph Leung

Managing Director
Alameda Compliance

Learn More

Chris Lippert

Director
Schellman

Learn More

Ryan Mackie

Managing Principle
Schellman

Learn More

Danny Manimbo

Principal
Schellman

Learn More

Ryan Meehan

Director
Schellman

Learn More

Sawyer Miller

Director of Audit & Implementation
risk3sixty

Learn More

Gary Nelson

Principal
Schellman

Learn More

https://www.schellman.com/hubfs/Jake-Nix-200.png

Jacob Nix

Founder & CEO
RISCPoint

Learn More

Milan Patel

SVP, SaaS Compliance
Oracle

Learn More

Deep Patel

Director
Global Mobility Services

Learn More

Kevin Patel

Data Scientist & Software Developer
Global Mobility Services

Learn More

Greg Peterson

Principal Consultant
ScaleSec

Learn More

Sully Perella

Training Services Manager
Schellman

Learn More

Algirde Pipikaite

Head of Governance, Risk, and Compliance
Crowdstrike

Learn More

Angela Polania

CEO
Elevate

Learn More

Aaron Rea

Principal Consultant
ScaleSec

Learn More

Cory Rey

Lead Penetration Tester
Schellman

Learn More

Jason Rhoades

Principal
Schellman

Learn More

Martin Rieger

Chief Solutions Officer
stackArmor

Learn More

Nick Rundhaug

Managing Director
Schellman

Learn More

Jeff Schiess

Managing Director
Schellman

Learn More

Kenny Scott

Founder & CEO
Paramify

Learn More

https://www.schellman.com/hubfs/schellmancon24/200/selvaraj-kumar-200.png

Kumar Selvaraj

Vice President of Global Security Compliance
Zscaler

Learn More

Christy Shum

Director
Schellman

Learn More

Craig Skinner

Senior Associate
Schellman

Learn More

Mike Somody

Senior Associate SOC
Schellman

Learn More

Bradley Taylor

Director
bladestack.io

Learn More

Josh Tomkiel

Managing Director
Schellman

Learn More

Jonathan Trull

CISO & SVP Customer Solutions Strategy
Qualys

Learn More

Rob Tylka

Principal
Schellman

Learn More

Tim Walsh

Manager
Schellman

Learn More

Andy Watkin-Child

Founding Partner
Veritas GRC

Learn More

Kate Weber

Director
Schellman

Learn More

Marci Womack

Managing Director
Schellman

Learn More

Lisa Zheng

Senior Manager
Schellman

Learn More

Agenda

10:00-10:55 EST

Streamlining Cybersecurity: Real-World Insights into 'Testing Once, Certify Many!' Assessments

11:00-11:55 EST

Empowering Professional Growth with PECB Skills

11:00-11:55 EST

One Assessment to Rule Them All; One Assessment to Bind Them – How HITRUST Fits into Your Compliance Program

11:00-11:55 EST

FedRAMP: Seeing Red (Teams)

11:00-11:55 EST

Transaction Terminators: Securing the Future of Payments

11:00-11:55 EST

Staying Ahead of the Curve: Cybersecurity & Compliance in 2025

12:00-12:25 EST

Enhancing Cloud Security and Compliance with AI-Driven Automation

GMS will showcase our expertise in DevOps, DevSecOps, and AI-driven security solutions to help organizations build and maintain compliant, secure, and automated cloud environments. We will present our AI Security Application, which enhances risk management and compliance by identifying vulnerabilities, automating remediation in AWS, and generating detailed compliance reports for 30 different industry standards, including FedRAMP, SOC 2, HIPAA, and ISO 27001. Our approach ensures confidential data is not exposed to AI models, maintaining strict security policies while leveraging AI for knowledge transfer and infrastructure guardrails. Additionally, we will demonstrate our capabilities in automated deployment of compliant infrastructure, ensuring organizations meet regulatory requirements without manual overhead. Our AI-powered agent facilitates seamless infrastructure knowledge transfer, reducing dependency on individual engineers and ensuring consistency across deployments. Through advanced security automation, we empower businesses to stay ahead of evolving threats while optimizing cloud operations. Attendees will learn how GMS’s innovative solutions bridge the gap between automation, compliance, and security, enabling enterprises to scale securely and efficiently in AWS.

Topic: Enhancing Cloud Security and Compliance with AI-Driven Automation

Presenter

Deep Patel

Director

Global Mobility Services

Meet Deep

Kevin Patel

Data Scientist & Software Developer

Global Mobility Services

Meet Kevin

12:00-12:55 EST

Make Compliance Make Sense: A Vendor Risk Management Perspective

12:00-12:55 EST

Musical Certs

12:00-12:55 EST

Penetration Testing: How to Get the Most out of Your Next Assessment

12:00-12:55 EST

"Identity Linkin' Logs - Build Compliant Cloud Environments Like it's Child's Play"

12:55-2:00 EST

Expo Hall / Lunch

2:00-2:55 EST

To Do or Not To Do - The Value of Objective, Independent Assurances

2:00-2:55 EST

Navigating the AWS Shared Responsibility Model: A Comprehensive Approach to Security & Compliance

3:00-3:25 EST

Compliance Velocity: Accelerating State, Federal & DoD Compliance with Automation

3:00-3:55 EST

Building a Foundation with NIST CSF

3:00-3:55 EST

Learning to Trust in Zero Trust

3:00-3:55 EST

Navigating the Dos and Don'ts of Control Framework Mappings

3:00-3:55 EST

FUD-RAMP: How To Navigate the Ever-Growing World of Public Sector Compliance

4:00-4:25 EST

Beyond Checklists: How Cyber Risk Quantification Strengthens Compliance

4:00-4:55 EST

2024 Year in Review for: FedRAMP, StateRAMP, and DoD Frameworks

Annual update to Federal topics including: FedRAMP authorization paths, Rev5 Lessons Learned, and StateRAMP updates

Topic: Federal Update

Presenters

Nick Rundhaug

Managing Director

Schellman
Meet Nick

Jon Coffelt

Senior Manager

Schellman
Meet Jon

4:00-4:55 EST

Optimize Your Information Security and Data Privacy Program with the ISO 27000 Family of Standards

This session explores the ISO 27000 family of standards, covering their purpose, key areas, intended users, control sets, and current revisions. We’ll also examine sector-specific standards, focusing on the effort required to align them with ISO 27001. In addition, we’ll dive into privacy standards like ISO 27017 for cloud services, ISO 27018 for the protection of PII in public clouds, and ISO 27701 the privacy information management system, comparing their relationship with Europrivacy GDPR certification, the EU Cloud Code of Conduct, and cross-border privacy rules for processors.

Topic: ISO 27001+

Presenters

Caroline Aulbach

Manager

Schellman
Meet Caroline

Chris Lippert

Director

Schellman
Meet Chris

4:00-4:55 EST

Streamlining Compliance: Leveraging SOC 2+ for Multi-Framework Efficiencies and Client Satisfaction

We'll explore how to enhance a SOC 2 to meet a variety of other compliance and client objectives. By strategically examining common requests from clients, organizations can develop a more unified compliance framework that reduces costs and increases efficiency.

Topic: SOC2+

Presenters

Lisa Zheng

Senior Manager

Schellman
Meet Lisa

Christy Shum

Director

Schellman
Meet Christy

4:00-4:55 EST

Modernizing Audits with the Power of Data-Evidence

Somehow, compliance and audit have missed the memo that we’re living in a data-powered world. Imagine an audit without the need for screenshots, uploads, demonstrations, or other manual evidence collection. Instead, data-evidence from across your tech stack flows seamlessly to the auditor’s platform. It’s not science fiction — it’s exactly the experience Schellman, AuditSource, and Anecdotes have teamed up to make possible. In this session, we will walk through how and why compliance is changing and how to get ahead. We’ll take a look at challenges the market faces (including the SOC-in-a-box conundrum) and solutions on the market. Attendees will leave with new insights into GRC trends and the value of data, plus concrete steps to start taking advantage of a new data-driven approach to compliance.

Topic: Modernizing Audits with the Power of Data-Evidence

Presenters

Jake Bernardes

CISO

anecdotes
Meet Jake

4:55-6:00 EST

Expo Hall

10:00-10:55 EST

Living the Dream (Roadmap to a Mature and Scalable Compliance Program)

Why just dream about reaching the peak of the compliance mountain? In this session, we will explore fundamental and strategic concepts of living out the dream to reach optimal maturity and scalability in your compliance program.

Topic:Maturity Roadmaps

Presenters

Lauren Edmonds

Managing Director

Schellman

Jason Rhoades

Principal

Schellman

11:00-11:25 EST

2025 Compliance Trends Panel

As the landscape of governance, risk, and compliance (GRC) continues to evolve, staying ahead of emerging trends is more critical than ever. In this insightful session, we’ll provide a comprehensive look at the top predictions shaping the future of GRC in 2025. From the rapid rise of AI and automation to the key regulatory changes on the horizon for 2025 and beyond, this session will help you navigate the challenges and opportunities that lie ahead. We will also share best practices for creating agile and resilient GRC framework and strategies to future-proof your organization against evolving risks.

Topic:2025 Compliance Trends Panel

Presenters

Matt Hillary

CISO

Drata

Danny Manimbo

Manager

Schellman

Lisa Hall

CISO

SafeBase
Meet Lisa

11:30-11:55 EST

AI Governance: A Roadmap to Reducing Your AI Risks

As Artificial Intelligence (AI) has become a reality for many organizations, new security and compliance risks are introduced. For these organizations, effective AI governance is required but often forgotten. During this session, experts from Echelon Risk + Cyber will explain the common AI security risks, what good compliance looks like, and how effective AI governance can limit the risks and provide a roadmap to AI compliance.

Topic:Artificial Intelligence

Presenters

Dave Faraone

Partner

Echelon Risk + Cyber

Josh Fleming

Senior Cybersecurity Manager, Risk Advisory

Echelon Risk + Cyber

Steve Dyson

Senior Cybersecurity Manager

Echelon Risk + Cyber

11:00-11:55 EST

Mastering the FedRAMP Authorization Boundary Diagram: A Visual Guide to Compliance

Join Schellman and bladestack.io for an exclusive deep dive into one of the most critical and challenging aspects of FedRAMP compliance: the Authorization Boundary Diagram (ABD). This focused webinar is designed to unpack the complexities of constructing, presenting, and refining ABDs to meet the rigorous standards required for Cloud Service providers (CSPs) engaging with federal clients.

Mastering the FedRAMP Authorization Boundary Diagram: A Visual Guide to Compliance

Presenters

Bradley Taylor

Director

bladestack.io

Keifer Blandon

Senior Manager

bladestack.io

Matt Hungate

Director

Schellman

11:00-11:55 EST

Total Cost of Audit

Join Doug Barbin from Schellman and Milan Patel, former Compliance VP at Oracle, as they delve into the comprehensive costs associated with audits and compliance. This session will emphasize both direct and indirect expenses, providing insights into tangible costs such as fees for audit services and compliance tools, as well as the often-overlooked indirect costs. A significant focus will be placed on the impact of engineering time and the rework required when audits uncover issues or when compliance processes fail. Through real-world examples, Doug and Milan will illustrate how improper handling of audits can lead to substantial rework, delays, and increased engineering hours, ultimately affecting the overall productivity and efficiency of the organization. Learn how to navigate these challenges and implement best practices to minimize costs and maximize the value of your audit and compliance efforts.

Topic:Maturity Roadmaps

Presenters

Milan Patel

Former Compliance VP at Oracle

Doug Barbin

National Managing Principal

Schellman
Meet Doug

12:00-12:25 EST

Future-Proof Your AI Governance: A Step-by-Step Blueprint for ISO 42001 Success

Discover how to transform AI governance from compliance headache to competitive advantage in this actionable session. We'll decode the new ISO 42001 standard through real-world case studies, showing how organizations achieved certification while accelerating AI innovation.

Future-Proof Your AI Governance: A Step-by-Step Blueprint for ISO 42001 Success

Presenter

Angela Polania

Chief Executive Officer

Elevate

12:30-12:55 EST

Seal the Browser Leak: Addressing Compliance and Data Protection Challenges

Data breaches and research has shown that control of what happens to data entered in the browser is gradually diminishing — whether that’s due to the JavaScript or “tags” on a webpage, or the behavior of in-app browsers. Regulators expect organizations to protect their customers from browser data leaks. The PCI SSC and HHS have both issued instructions in this respect. Do we have the risk management and security controls to comply, and if not, what should we do?

Seal the Browser Leak: Addressing Compliance and Data Protection Challenges

Presenter

John Elliott

Security Advisor

Jscrambler

12:00-12:55 EST

Speed, Security, and Accuracy in Compliance using Risk Solutions

Risk Solutions are the steps you take to implement security measures and address cyber risk in your organization. While control catalogs help meet compliance checkboxes, using them as your main design approach can lead to poor planning, which causes incorrect security capability implementation. You can then count on wasting time and money going back and forth between what’s actually in place and what’s in your compliance documentation, making both team members and assessors unhappy. Risk Solutions are distilled, reusable, flexible, and foster collaboration while adopting simple security capabilities. In this session, Kenny will highlight how to build a security program through the lens of Risk Solutions, and then apply those Risk Solutions to complex regulatory requirements (like FedRAMP, CMMC, and others) - accomplishing your organization’s security and compliance goals fast, with less headache, lower cost, better ATO and certification deliverables, and better alignment across your organization.

Topic:Speed, Security, and Accuracy in Compliance using Risk Solutions

Presenter

Kenny Scott

Founder & CEO

Paramify

12:00-12:55 EST

Adventures in Generative AI Penetration Testing

This talk explores practical aspects of penetration testing for Generative AI (GenAI) applications, highlighting the most prevalent security risks identified during recent engagements. Attendees will gain insights into the methodologies used to uncover vulnerabilities, accompanied by real-world scenarios and hands-on examples. The session aims to equip security professionals with practical knowledge and techniques to enhance the security posture of GenAI applications.

Topic:Securing AI (Pen Test)

Presenter

Cory Rey

Lead Penetration Tester

Schellman

12:00-12:55 EST

Dissecting the Latest Developments in the CMMC Program

The CMMC program is in effect and has become a reality for companies in the Defense Industrial Base (DIB) for bidding and winning contracts from the Department of Defense (DoD). Join Schellman subject matter experts Marci Womack and Tim Walsh as we discuss the expectations for the DIB in the near term, what companies should expect if they are still preparing for CMMC, areas to be cognizant of for the CMMC assessment process, and the roadmap for what's to come in the years ahead.

Topic:CMMC

Presenters

Tim Walsh

Manager

Schellman

Marci Womack

Managing Director

Schellman

12:00-12:55 EST

Enhancing Confidence in Sustainability Disclosures and Risk Management

Stakeholders and regulators increasingly require companies to demonstrate strong command of sustainability topics that represent a material risk to financial performance. Establishing formalized process to regularly assess sustainability topics for materiality, consistently measure and disclosure relevant sustainability metrics, and obtain external assurance, verification, or certifications are effective strategies to enhance internal and external confidence in disclosures and risk management. This session will provide an overview of Schellman’s experience in this space, including strategies that can be leveraged by clients to assess current state activities and plan for the transition from a voluntary to a regulatory reporting environment.

Topic:Sustainability Services

Presenters

Stu Block

Director

Schellman

Nisha Ellis

Senior Manager

Schellman

Gary Nelson

Principal

Schellman

12:55-2:00 EST

Expo Hall / Lunch

2:00-2:55 EST

OnBoard with Compliance

Join international subject matter experts as they discuss the practical understanding and application of Board responsibilities for cybersecurity risk management and governance. This session distills the various requirements and expectations from prominent board cybersecurity governance standards (SEC Cyber Rule, DORA, and NIS 2 Directives) to provide a practical list of steps to consider for broad-based readiness.

Topic:Legal Ramifications (Boards of Directors) - DORA, NIS2

Presenters

Ryan Buckner

Chief Knowledge Officer

Schellman

Andy Watkin-Child

Founding Partner

Veritas GRC

3:00-3:25 EST

Behind the Audit: How Vanta & Schellman Set the Compliance Gold Standard

Ever wondered what goes into a top-tier external audit? As Vanta’s trusted external auditor, Schellman partners with them to deliver high-quality audits with precision and efficiency. Join us for an exclusive behind-the-scenes look at how Vanta and Schellman work together to leverage the platform, streamline audits, and uphold the gold standard in compliance. Expect key insights, expert learnings, and practical takeaways to enhance your own audit processes!

Topic:Behind the Audit: How Vanta & Schellman Set the Compliance Gold Standard

Presenters

Sam Bradley

Auditor Partnerships

Vanta

Matt Cooper

Director, GRC

Vanta

Jeff Schiess

Managing Director

Schellman

3:00-3:55 EST

Mastering IRAP: Expert Insights on the Assessment Process

Join us for an in-depth look at IRAP with an Australian Signals Directorate QA expert and seasoned IRAP Assessor. This session will cover the intricacies of the assessment, best practices for readiness, and key takeaways for organizations looking to work with Australian government entities.

Topic:International Cybersecurity Governance, International Public Sector Compliance

Presenters

Kate Weber

Director

Schellman

Matt Brunker

Founding Director & Principal Security Consultant

ArchCyber

3:00-3:55 EST

Navigating Compliance: Mastering TISAX and HDS Compliance Requirements for Data Security and Trust

Interested in maximizing your organization's ISMS? Learn how to scale your compliance program to unlock opportunities in the international automotive and healthcare industries. This session will examine the TISAX and HDS compliance frameworks and explore the strategies for leveraging ISO 27001 toward those markets. Join Schellman subject matter experts Rob Tylka and Jay Imszennik in thoughtful and engaging conversation.

Topic:International Industry Certifications

Presenters

Rob Tylka

Principal

Schellman

Jay Imszennik

Director

Schellman

3:00-3:55 EST

Security Isn't an International Standard of Mystery

Curious which international laws your organization should be considering and how they apply? Join Sully Perella and Chris Lippert for an in-depth conversation on international cybersecurity and privacy laws. Their review will cover the intricacies of data classification, the reach of data inside and outside of an organization, and reference some of the many technologies and services where laws can apply. Sully and Chris will also cover commonalities, unique differences, and how organizations can begin to address applicable requirements.

Topic:International Cybersecurity Governance, Who is your data & what does it do?

Presenters

Chris Lippert

Director

Schellman

Sully Perella

Training Services Manager

Schellman

3:00-3:55 EST

Multi-Framework Harmonization: Real-World Lessons from Building GRC Programs Equipped to Support SOC 2, ISO 27001, PCI DSS, NIST, and More

Over the last 10 years we have helped hundreds of companies build GRC programs equipped to efficiently manage multiple frameworks like SOC 2, ISO 27001, NIST (and the whole alphabet soup of frameworks) in one harmonized workstream. Using this approach we have helped organizations consolidate audits, save hundreds of hours, and better align compliance to their true risk management goals. In short, we are putting GRC professionals in the driver seat of their program. Along the way we have learned a lot of lessons about what works, what doesn’t, and how to set realistic goals. In this talk we hope to share our playbook and lessons we have learned along the way.

Topic:Multi-Framework Harmonization: Real-World Lessons from Building GRC Programs Equipped to Support SOC 2, ISO 27001, PCI DSS, NIST, and More

Presenter

Christian Hyatt

CEO and Co-Founder

risk3sixty

Sawyer Miller

Director of Audit & Implementation

risk3sixty

4:00-4:55 EST

The World’s First AI Certification - ISO 42001: What We’ve Learned After 1 Year

Join us for an in-depth discussion on what we've learned after one year of ISO 42001 being published.We’ll be joined by a panel of subject matter experts from our first several certified clients: Evisort, StackAware, and AWS. Together, we’ll provide an overview of the ISO 42001 standard, who it targets, and the trends we’ve observed, including the current regulatory landscape. We’ll also explore why each organization pursued certification, what they’ve learned, and the advice they have for others considering certification in the future. Additionally, we’ll discuss how ISO 42001 can help organizations build an AI governance program and the unique value being ISO 42001 certified has brought to their organizations.

Topic:ISO 42001

Presenter

Danny Manimbo

Manager

Schellman

Walter Haydock

CEO

StackAware

Andrew Josephides

VP of Security and Infrastructure

Evisort

Greg Carpenter

Senior Security Partner Strategist

AWS

4:55-6:00 EST

Expo Hall

Platinum Sponsors

Blue Sponsors

Light Blue Sponsors

Become a Sponsor

Apply to become a sponsor of this virtual event where you will have access to interact with our attendees in a virtual exhibit hall.

Learn More

Frequently Asked Questions

How do I earn my CPE?

In eligible sessions there will be polling questions. Ensure you answer the polling questions in order to qualify for CPE.

Which sessions are eligible for CPE?

Sessions that are eligible for CPE will be designated with a tag that reads "CPE Eligible"

How will I receive my CPE Certificate?

Following the event, your CPE certificate will be emailed to you.

How can I customize my agenda?

On the top of your screen, click the "Sessions" tab. You can bookmark sessions you know you want to attend & that will add them to your "Itinerary". The "Itinerary" Tab is your custom agenda compiled of bookmarked sessions.

Will my information be shared?

By completing this form you opt-in for your information to be shared with any co-hosts and organizations that are part of this event in compliance with our privacy policy. https://www.schellman.com/privacy-policy

How do I attend sessions?

Click “Join Lobby” and the full list of sessions are located in the tab on the upper right corner titled “Sessions”. You can only attend each session at the scheduled start time. Once session begins, click “Join Session”.

How do I learn more about sponsors?

Visit the exhibit hall to find out about all SchellmanCon sponsors.

Can I interact with sponsors or speakers at the event?

You can communicate with speakers during the session via the Q&A feature in each session. You can visit a sponsor booth in the exhibit hall to interact with all sponsors at any time from 9:00am-7:00pm ET.

Will there be technical support available during the event?

Yes – if you need help please post in the lobby chat & Zoom support will reach out to you directly.

Is there a code of conduct for the event?

Please do not post any links or unprofessional comments in any chat during SchellmanCon. All chats will be monitored throughout the day.

Is there a social media hashtag for the event?

#SchellmanCon25

Are there any networking opportunities?

Check out the Expo hall. There are a few unique social features in Zoom events. You are able to connect with other attendees through the platform.

How do I provide feedback or suggestions for the event?

There will be a feedback survey emailed to all attendees at the conclusion of the event.

Are there any accessibility features for the event?

You can turn on closed captions in each session.

Schellman Compliance, LLC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org