Name: Schellman Compliance and Attestation Services
Rating: 5 (33 reviews)

Overview

Service Information on Schellman Compliance and Attestation Services

Updated 13th October 2025

What is Schellman Compliance and Attestation Services?

Schellman Compliance and Attestation Services is a service aimed at assisting businesses in managing regulatory compliance and verifying adherence to industry standards. The service covers a range of assessments and audits including SOC reports, ISO certifications, PCI DSS evaluations, FedRAMP authorizations, and cloud security reviews. It is designed to help organizations identify and address risks, confirm operational effectiveness, and ensure alignment with specific compliance frameworks. By providing third-party examination and validation, the service helps organizations demonstrate conformity to governance, risk management, and compliance requirements set by regulators and stakeholders.

Overall experience with Schellman Compliance and Attestation Services

Principal, Risk Management

50M - 250M USD, Services (non-Government)

FAVORABLE

“Come to Schellman for their Expertise and Excellence....Stay for their Customer Service”

5.0

Aug 4, 2025

I can confidently say that Schellman is the gold standard in information security auditing services. Their subject matter expertise is expansive and their work is exceptional. The cherry on top is the genuine nature with which they carry out their work. I truly enjoy my time with my Schellman team.

Infosec Manager

50M - 250M USD, Telecommunication

CRITICAL

“Easy, not easy to work with”

3.0

Dec 14, 2017

The pre-engagment is a little complex. They are not very flexible with dates or anything else for that matter. The engamenet and testing is really great. The testers during the years have been on-point, knowledgeable and great. The draft and final report is always a challenge to get. Although the company has been notified of our payment workflow, there is always a hiccup here or there to get it to the finish line. The post engamenent is smooth. They are flexible and fast to start the engamenet for the next year. Not very flexible with pricing. At this point, there are cheaper and easier vendors to work with.

About Company

Company Description

Schellman offers attestation and compliance services worldwide. The company holds numerous professional accreditations such as PCI Qualified Security Assessor, ISO Certification Body, HITRUST CSF Assessor, and FedRAMP 3PAO. Schellman focuses on blending specialized knowledge with real-world experience, providing high-quality service while ensuring independence. Its method is designed to foster enduring relationships, allowing clients to fulfill varied compliance objectives under one project team.

Company Details

Company type

Private

Year Founded

2002

Head office location

Tampa, United States

Number of employees

201 - 500

Website

http://www.schellman.com

Do You Manage Peer Insights at Schellman?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Reviewer Insights for: Schellman Compliance and Attestation Services

Performance of Schellman Compliance and Attestation Services Across Market Features

Schellman Compliance and Attestation Services Likes & Dislikes

Their expertise shines through it both their deliverables and the way they continually push our organization to mature year after year.

It is cheap and the testers are knowledgeable and reasonable.

Schellman conducts all 6 audit simultaneously and allows one upload of one piece evidence can be used across all 6 audits, by 6 different auditors. If there is a question on a piece of evidence, they will coordinate their question(s) and only 1 auditor would reach out to us. This is instead of up to 6 different auditors all asking the same questions. As we are becoming a global organization, I am finding out from our teammates in the rest of the world that other certification bodies do not do this. I also like the online application. It paints a really good picture of our audits and allows for communication with the auditor directly on a piece of evidence or on a specific request. Also, it will show both the auditor and auditee previous years communication/evidence for each control. So really there isn't a lot of back and forth as all parties have the necessary information available to them with a click. In the tool, there is what I term as an Executive Management dashboard. Breaking everything our in multiple ways. Either by audit, evidence request and department. It allows me to share the high level picture with all departments management as to the status of each audit and requests. It shows all requests that have been accepted, submitted and not reviewed, kicked back to us for more clarification or ones we haven't started working on yet.

Nothing comes to mind.

They are busy this time of the year and the over allocate resources. So the draft and final report delivery is always a challenge.

They do not cover all ISO standards currently, although are working on obtaining the ones that are important for us. For billing purposes, there are two separate companies, so twice the paperwork up front. Occasionally will take a little longer to send final reports out.

Top Schellman Compliance and Attestation Services Alternatives

Peer Discussions

Schellman Compliance and Attestation Services Reviews and Ratings

5.0

(33 Ratings)

Rating Distribution

5 Star: 94%
4 Star: 3%
3 Star: 3%
2 Star: 0%
1 Star: 0%

Customer Experience

Evaluation & Contracting

4.8

Planning & Transition

4.9

Delivery & Execution

4.9

Service Capabilities

4.9

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

Principal, Risk Management
50M-1B USD
Services (non-Government)
Review Source
Come to Schellman for their Expertise and Excellence....Stay for their Customer Service
5.0
Aug 4, 2025
I can confidently say that Schellman is the gold standard in information security auditing services. Their subject matter expertise is expansive and their work is exceptional. The cherry on top is the genuine nature with which they carry out their work. I truly enjoy my time with my Schellman team.
Principal Quality Manager
1B-10B USD
Miscellaneous
Review Source
Auditing in in 2025 and beyond
5.0
Apr 10, 2025
Schellman is very flexible for our challenging audit needs. Constantly working with us in our ever changing environment.
CIO
50M-1B USD
Software
Review Source
Experiencing a Strategic Partnership with Schellman
5.0
Apr 15, 2025
Schellman is a true partner in every sense of the word. They work closely with us on the required parts of assessments and certifications, and this is always solid and effective (as enjoyable as compliance work can be :)). But more importantly, they help us set strategy, providing expert feedback and advice on emerging standards and marketplace changes. Whether bread-and-butter ISO 27001 certifications and Type 2 SOC 2 examinations, or additional services such as NIST SP 800-171 / CMMC, or looking ahead to our possible work towards FedRAMP or ISO 42001, they are always happy to work with us to not only do the work, but also ensure that we do the right work at the right time. A genuine pleasure to work with.
CHIEF INFORMATION SECURITY OFFICER
10B+ USD
Banking
Review Source
Schellman & Co. Have a Mature and Easy Process
5.0
Apr 14, 2025
They are hyper-focused on the customer. They have mature, streamlined, and effective delivery capabilities. The people performing the service and the people managing them have great communication skills. They also have a very easy to use user portal that is intuitive to use.
Director of Security Compliance
50M-1B USD
Services (non-Government)
Review Source
Schellman Makes a Great Case for Putting All of Your Security Service Eggs in One Basket
5.0
Apr 17, 2025
Working with Schellman on the assessments services to date has been an exceptional experience.

Showing Result 1-5 of 33

Recommended Gartner Insights

Market Guide for Organization Security Certification Services