TAMPA, Fla., March 31, 2025 (GLOBE NEWSWIRE) — Schellman, a leading provider of attestation and compliance services and a top 50 CPA firm, is pleased to announce that it has received a Facility Security Clearance (FCL), enabling the company to expand its offerings to perform classified assessments for its clients. As an accredited FedRAMP® Third Party Assessment Organization (3PAO), this enables Schellman to perform Department of Defense (DoD) Impact Level 6 (IL6) assessments as well as other NIST-based assessments, SOC 2 examinations, and penetration testing for classified systems. This milestone strengthens Schellman’s position as a trusted assessment partner for government and defense-related classified environments.
In addition, Schellman has been reauthorized as a Cybersecurity Maturity Model Certification (CMMC) Third-Party Assessment Organization (C3PAO) under the finalized CMMC Program. As one of the original C3PAOs, Schellman had the privilege of performing the first assessment under the Joint Voluntary Surveillance Assessment (JVSA) program and has performed multiple assessments for large and small contractors alike. This reauthorization reinforces Schellman’s role in supporting defense contractors as they navigate evolving cybersecurity requirements set by the Department of Defense.
DoD IL6 is designed for cloud environments handling classified information at the Secret level, requiring rigorous cybersecurity standards to protect highly sensitive government data. With this new capability, Schellman can now audit providers and their offerings for authorization against the complex security requirements necessary for IL6, ensuring compliance with the highest federal security standards. As a long-standing FedRAMP and DoD assessment organization, this expansion reinforces Schellman’s expertise in high-impact cloud security assessments.
“Schellman has been a strategic 3PAO partner for Palantir consistently delivering exceptional assessment services. We are excited to see them expand their capabilities into cleared environments,” said Kevin Carr, US Government Cloud Compliance Lead at Palantir.
Schellman’s status as the leading FedRAMP 3PAO in the FedRAMP marketplace along with its cross-compliance expertise in ISO 27001, PCI DSS, SOC 2, and HITRUST assessments, combined with their deep understanding of CMMC requirements, positions Schellman uniquely to support their clients’ compliance needs.
“We continue to invest in our federal and DoD capabilities to ensure that these agencies can trust the cloud providers and contractors they work with to protect our critical national security data,” said Doug Barbin, President of Schellman & Company, LLC. “These milestones reflect our commitment to quality and diligence at the highest levels of security and protection of classified information.”
To learn more about Schellman’s Federal suite of services and how it can help an organization’s compliance journey, visit schellman.com.
About Schellman
“Schellman” is the brand name under which Schellman & Company, LLC and Schellman Compliance, LLC provide professional services. Schellman stands as a leading global provider of attestation, compliance, and certification services. Operating under two distinct entities, Schellman & Company, LLC (a top 50 firm) and Schellman Compliance, LLC (a globally accredited compliance assessment firm which is not a licensed CPA firm). The services provided by the Schellman entities include acting as a CPA firm (Schellman & Company, LLC Florida license number AD62941) as a leading provider of SOC reports, an ISO Certification Body, a PCI Qualified Security Assessor Company, a HITRUST assessor, a FedRAMP 3PAO, being among the pioneering CMMC C3PAOs, as well as offering international certification services including TISAX and HDS.
Renowned for its professionals’ expertise combined with practical experience, Schellman delivers superior client service while upholding steadfast independence. The company’s approach fosters successful, long-term relationships, enabling clients to achieve multiple compliance objectives through a single trusted third-party assessor. For further information about the services provided, please visit schellman.com.
Contact
V2 Communications
schellman@v2comms.com
