Schellman provides compliance and certification services to clients globally including attest examinations (SOC 1, SOC 2, SOC 3, SOC for Cybersecurity, SOC for Supply Chain, etc.), ISO certifications (ISO 27001, ISO 27701, ISO 9001, ISO 20000, and ISO 22301), PCI assessments, FedRAMP assessments, HITRUST certifications, HIPAA assessments, Penetration Testing services, privacy examinations (GDPR, CCPA, MS DPR, etc.), and several other miscellaneous types of assessments. 

Schellman’s motto for more than 20 years is “Quality Above All.” Our more than 400 service delivery professionals average more than 180 completed assessments. Schellman’s work is based on adherence to the highest AICPA quality standards and follows a very thorough methodology to ensure quality and consistency across more than 900 clients. As a result, our reports are confidently relied upon by most of the major banks along with Fortune 500 companies. 

Schellman does not pretend to be a “low-cost solution” for SOC 2. We support clients of all sizes but focus on partnering with them as their compliance roadmap takes them from SOC 2 into ISO 27001, and subsequently more industry-focused initiatives like FedRAMP, CMMC, PCI, or HITRUST, where Schellman is a market leader. We also promote the use of technologies, like Drata, to help clients prepare for assessments and provide ongoing continuous compliance. 

We invite you to learn more about our services in the resource links as we are open and transparent about our experience as well as scope and pricing considerations.