Schellman is a leading global provider of attestation, compliance, and cybersecurity assessment services. Pulse 2.0 interviewed Schellman CEO Avani Desai to learn more.
Avani Desai’s Background
Can you share a bit about your personal and professional journey, what brought you to the world of compliance, and ultimately to leading Schellman? Desai said:
“My journey begins with my family’s roots in India, where my parents were raised with high hopes and a deep belief in the power of education and opportunity. They knew that to truly open doors for their daughters, they would need to leave everything familiar behind, their language, community, and culture, to pursue the American Dream. When they arrived in the United States, their college degrees didn’t translate, so my father mopped floors and my mother made belts. Even as a child, I understood how much they sacrificed to give my sisters and me a life of possibility, and that awareness became the foundation of my gratitude, drive, and purpose.”
“Like many children of Indian descent, I grew up with the familiar expectation to become either a doctor or an engineer. But during college, I discovered a different path, one that blended my love for technology with the dynamic world of business. That intersection led me to a passion for information security, and ultimately to an unexpected opportunity in the accounting world. It was there that I found what truly energized me: solving complex problems, analyzing data, and fostering collaboration to help organizations make better decisions.”
“I spent ten years at a Big Four firm, learning from incredible mentors and gaining experiences that shaped my professional foundation. But when I became a mother in 2012, I began seeking an environment where I didn’t have to choose between being a parent and pursuing leadership. That search brought me to Schellman, a leading provider of attestation and compliance services. I initially joined to support business development and marketing, areas new to me at the time, but my understanding of clients and my passion for growth soon expanded my role. Over time, I took on additional responsibilities across operations, people, and finance, and after passing my CPA exam in 2018, I was named President.”
“In 2021, Schellman entered a strategic partnership with Lightyear Capital, a private equity firm that recognized our strong reputation and potential in the attestation and compliance space. The partnership aligned with our long-term goals for innovation and growth, allowing our founder to retire early and paving the way for me to step into the role of CEO.”
Goals As CEO
What inspired you to take on the CEO role, and how have your goals evolved since stepping into the position? You’ve spoken about leading with authenticity as a mother, daughter of immigrants, and CEO. How have those identities shaped the way you lead? Desai shared:
“Being a mother, a woman of color, and the daughter of Indian immigrants has transformed how I lead every day. I grew up watching my parents work incredibly hard to give me opportunities they never had, and that instilled in me a deep sense of gratitude, resilience, and purpose.”
“I don’t check those identities at the door when I come to work, they inform how I lead. They help me listen with empathy, make space for diverse perspectives, and connect with people on a more human level. I believe the best innovation and trust come from environments where people can bring their whole selves to the table.”
“For me, leadership has never been about chasing a title but more about creating impact. My goal has always been to strengthen Schellman’s ability to serve our clients and our people, to stand beside them during their most challenging and defining moments. That means embracing unexpected opportunities, fostering strategic partnerships, and driving meaningful change across our industry.”
“With technology evolving faster than ever, I’ve focused our efforts on expanding Schellman’s capabilities in critical areas such as responsible AI and sustainability. I’m especially proud that under my leadership, Schellman became the first ISO 42001 certification body accredited by ANAB, empowering us to certify organizations against the world’s premier Artificial Intelligence Management System (AIMS) standard. It’s a milestone that reflects our commitment to advancing both innovation and accountability in the age of AI.”
Work-Life Balance
You’ve been vocal about the need to redefine work-life balance as integration. What changes would you like to see across corporate America to better support working parents and caregivers? Desai noted:
“Unfortunately, many women still feel their professional lives must come to an end or be sidelined when they become a mother, and I aim to debunk that notion. It’s all about integration, and sometimes that means blending work life into home life, such as taking a phone call in the school pickup line. But it should never mean giving up on your passions, even if they’ve evolved to include parenthood.”
“This isn’t just about moms and women. It applies to anyone who balances multiple roles. People are more than their professional titles; they are parents, caregivers, and individuals with interests outside of work. Supporting work-life integration helps them succeed in every part of their lives.”
“Corporate America needs to evolve. That means flexible hours, remote work policies that work, and leadership that models boundaries and balance. At Schellman, we’re intentional about offering flexibility not as a perk, but as a principle. It’s especially important for retaining top talent, particularly women.”
Helping Women And Underrepresented Professionals
How have you created space for others, especially women and underrepresented professionals, to rise in their careers without compromising who they are? Desai pointed out:
“Creating space for others, especially women and underrepresented professionals, to rise without compromising who they are has always been a central part of my leadership philosophy. I want people to feel that they can grow, lead, and take risks without having to shrink themselves to fit in.”
“Earlier in my career, I sometimes tried to conform to the status quo, but I quickly realized that doing so limited both my potential and my joy. That experience shaped how I lead today. At Schellman, we’ve been intentional about building an environment where authenticity is celebrated and opportunity is equitable. We’ve developed structured mentorship programs, transparent promotion tracks, and a culture grounded in trust and respect. That commitment has been recognized by the MOVE Project, which named Schellman one of the top CPA firms for women, an acknowledgment I’m especially proud of.”
“Mentorship has also been a personal priority for me. I’ve been fortunate to learn from a diverse group of mentors, industry peers, clients, and even leaders in private equity, who have helped me navigate pivotal moments in my career. Their guidance inspired me to pay it forward by mentoring others, particularly women and emerging leaders from underrepresented backgrounds who want to make their own mark.”
“Beyond Schellman, I’m deeply involved in philanthropic and volunteer leadership that aligns with those same values. I serve on the boards of the Arnold Palmer Medical Center, Philanos, and Tuesday, a SaaS technology platform. I also chair the Audit Committee at the Central Florida Foundation and co-chair 100 Women Strong, a female-led venture philanthropy group dedicated to solving community challenges that impact women and children.”
Company Mission
Schellman is widely recognized as a leader in cybersecurity assessments. How would you describe the company’s mission and core services today? Desai explained:
“At Schellman, our mission has always been about one thing: trust. We help organizations build and protect it through independent assurance across cybersecurity, compliance, and now: artificial intelligence.”
“We’re a licensed CPA firm that focuses exclusively on compliance and cybersecurity assessments, covering everything from SOC reporting, ISO certifications, PCI, FedRAMP, and HITRUST to sustainability. Most recently, we’ve expanded that expertise into AI governance.”
“In September 2024, Schellman became the first ISO 42001 certification body accredited by ANAB, which means we can now certify organizations against the world’s premier Artificial Intelligence Management System (AIMS) standard. This milestone puts us at the forefront of responsible AI governance, helping organizations ensure that their AI systems are developed and deployed ethically, securely, and transparently. Alongside that, we’ve built a suite of AI assurance services that help our clients proactively manage AI-related risks and demonstrate responsible AI practices across global regulatory landscapes.”
“We’re also seeing a growing shift among our clients toward integrating sustainability into their overall compliance frameworks, not as a separate checkbox exercise, but as part of their broader commitment to accountability. That kind of integration helps companies use the same rigor and discipline they apply to financial and cybersecurity reporting to measure their environmental and social impact.”
Differentiation From The Competition
What sets Schellman apart in a crowded compliance and cybersecurity market? Desai affirmed:
“Schellman is unique thanks to our deep specialization. We are a purpose-built firm that has remained focused on attestation, compliance, and certification since our inception. As it stands, we are the only firm in the world that’s simultaneously a CPA firm, ISO Certification Body, PCI QSA, HITRUST CSF Assessor, FedRAMP 3PAO, and APEC Accountability Agent. That’s not by accident, it’s by design.”
“We have deliberately cultivated this niche to offer deep technical assurance and maintain independence in a way that many generalist firms cannot. Our clients rely on us not just because we’re credentialed, but because we bring consistent, high-quality guidance across frameworks. We don’t dabble in advisory or implementation. We stay in our lane, and we own it.”
“Ultimately, what sets Schellman apart is how we deliver on our mission of trust. We approach every client relationship with integrity, independence, and a commitment to evolving alongside the technologies and risks shaping our world. When our clients succeed in earning and keeping trust, we’ve done our job.”
Changes In Compliances With The Rise Of AI
From your perspective, how is compliance changing, especially with the rise of AI, new regulations, and data sovereignty concerns? Desai pointed out:
“Compliance is no longer reactive; it’s strategic. With AI, companies are not just managing technical risk, but now they are also controlling ethical risk. Regulations like the EU AI Act and various data sovereignty laws are putting pressure on organizations to act responsibly and fast. With technology, and particularly AI, evolving at an unprecedented pace, the dialogue has shifted from ‘Are we compliant?’ to ‘Are we trustworthy?’”
“Maintaining certification across major standards is a competitive advantage. Companies partner with us because we uphold some of the most recognized frameworks, including SOC 1/SSAE18, SOC 2, ISO 27001, PCI DSS, FedRAMP, HIPAA/HITRUST, GDPR/privacy assessments, and now ISO 42001 for AI risk management. These standards position Schellman as a leader in the industry as they prove integrity, security, and accountability.”
“As we look ahead, AI is outpacing the regulatory framework designed to manage it. At the same time, we’re seeing a rise in nationalized regulations surrounding data sovereignty and the ethical use of technology. Generative AI tools, for example, are reshaping everything from cybersecurity posture to audit procedures. It’s clear that the rules of engagement are evolving. Now, compliance professionals must factor in everything from model transparency to training data provenance.”
Navigating Complexity Across Frameworks
What strategies do you recommend to clients navigating growing complexity across frameworks and jurisdictions? Desai described:
“A valuable piece of advice we offer clients is not to start from scratch every time. Whether it’s SOC, ISO 27001, FedRAMP, or HITRUST, there’s usually a significant overlap that can be leveraged through unified control mapping. One great example is how ISO 42001 and ISO 27001 can work together to help clients who are adopting AI by leveraging existing frameworks.”
“We believe in the importance of harmonizing controls and embedding compliance by design. Our clients who view their programs holistically rather than in silos always save time and reduce friction. This is why we recommend using compliance as a framework for strategic growth, not just regulatory defense.”
Milestones
What milestone moments or achievements best represent the firm’s impact and growth? Desai cited:
“Some of our most significant growth moments recently were the acquisition of the INSYTE CPAs Practice and the carve-out acquisition of the Third-Party Risk Management (TPRM) practice from Connor Consulting. Both mark significant milestones in our strategic growth and dedication to delivering custom governance assessments through strengthened client relations.”
“We’ve noticed an exponential increase in threats from third-party vulnerabilities. For our clients, we believe the solution was to strategically integrate the Connor Consulting carve-out into our TPRM offerings, thereby strengthening third-party oversight. We’re always listening to our clients to identify issues that we can address, and we implement solutions accordingly. Building on that momentum, we also recognized the growing need for organizations to strengthen not only their external oversight but also their internal controls and risk management practices. To do so, our acquisition of INSYTE CPAs enables us to provide even stronger capabilities and forge deeper client relationships, which is the value that Schellman has always prioritized as we grow, ensuring our clients that we are more than just assessors, we’re long-term partners.”
Emerging Trends
Are there any emerging trends or under-discussed risks you believe businesses need to pay closer attention to? Desai pointed out:
“Absolutely. One we see and talk about regularly is shadow AI, which refers to the unauthorized use of generative tools by employees. It’s well-meaning, but without oversight, it induces major data leakage and IP concerns.”
“Another under-discussed area is Ransomware as a Service (RaaS). With ransomware actors extorting over $813 million in 2024, the issue is signaling a rapid evolution, one that organizations, especially small and mid-sized ones, are underestimating.”
“The structure of RaaS effectively mimics a legitimate business and targets core tech that underpins entire organizations. And with the growth of AI, hackers’ and cybercriminals’ expertise is becoming even more sophisticated. This is why we advise our clients to invest time and effort in effective training and protection, such as multi-factor authentication and offline backups, to safeguard their organization against potential and sometimes inevitable threats.”
Additional Thoughts
Is there anything else you’d like to share about Schellman’s role in shaping trust, security, and resilience in the modern digital era? Desai concluded:
“At Schellman, trust isn’t just an outcome; it’s our foundation. Every assessment, certification, and client engagement we take on is rooted in the belief that trust is the currency of the modern digital era.”
“As technology evolves and the stakes around data, AI, and cybersecurity continue to rise; our role goes far beyond compliance checklists. We’re not just helping clients meet today’s standards; we’re helping them build the confidence, resilience, and governance structures they’ll need for tomorrow.”
“That commitment extends inward, too. We’ve worked hard to build a culture that reflects our values of transparency, inclusion, and long-term impact, because building a safer, more ethical digital world starts with how we lead.”
“I’m incredibly proud of our team for helping define what leadership in compliance and assurance should look like in this new era, one that balances innovation with accountability and progress with purpose.”
