Choosing between Kroll and Schellman for compliance automation? Both support SOC 2, PCI DSS, while Kroll also covers HIPAA and Schellman also covers ISO 27001. This comparison breaks down ratings, pricing, framework coverage, and key differences to help you decide.
Frameworks
Tied
Starting Price
Tied ($Contact for pricing/mo)
User Rating
Schellman (4.5/5)
4.2/5 (0 reviews)
Founded in 1972, Kroll offers comprehensive compliance and risk management services including SOC 2, PCI DSS, and HIPAA assessments backed by decades of cybersecurity expertise. It holds a strong 4.2/5 rating based on 0 reviews. Headquartered in New York, NY. The company has 1000+ employees. It supports SOC 2, HIPAA, PCI DSS.
4.5/5 (0 reviews)
Founded in 2009, Schellman is a leading global independent security and privacy compliance assessor offering SOC 2, ISO 27001, PCI DSS, HITRUST, and FedRAMP assessments. It holds a excellent 4.5/5 rating based on 0 reviews. Headquartered in Tampa, FL. The company has 201-500 employees. It supports SOC 2, ISO 27001, PCI DSS.
| Feature | Kroll | Schellman |
|---|---|---|
| Rating | 4.2/5 (0 reviews) | 4.5/5 (0 reviews) |
| Starting Price | Contact for pricing | Contact for pricing |
| Founded | 1972 | 2009 |
| Company Size | 1000+ | 201-500 |
| Headquarters | New York, NY | Tampa, FL |
| Frameworks | 3 | 3 |
| Pricing Plans | 2 | 2 |
| Framework | Kroll | Schellman |
|---|---|---|
| HIPAA | ||
| ISO 27001 | ||
| PCI DSS | ||
| SOC 2 |
In summary: Schellman edges out on user rating (4.5 vs 4.2). Also, Kroll has been in the market longer (since 1972), while Schellman (since 2009) brings a more modern approach. Ultimately, the best choice depends on your organization's specific compliance requirements, team size, and budget. We recommend requesting demos from both vendors before committing.
Get pricing information directly from these vendors.
