Is this ISO standard for Information Security right for your law firm?
What is ISO 27001?
"ISO/IEC 27001 formally specifies an Information Security Management System (ISMS), a suite of activities concerning the management of information risks (called ‘information security risks’ in the standard). The ISMS is an overarching management framework through which the organization identifies, analyzes and addresses its information risks. The ISMS ensures that the security arrangements are fine-tuned to keep pace with changes to the security threats, vulnerabilities and business impacts - an important aspect in such a dynamic field, and a key advantage of ISO27k’s flexible risk-driven approach as compared to, say, PCI-DSS.
The standard covers all types of organizations (e.g. commercial enterprises, government agencies, non-profits), all sizes (from micro-businesses to huge multinationals), and all industries or markets (e.g. retail, banking, defense, healthcare, education and government)."
“ISO-27001 for Law Firms - Is it right for your firm?”
Presentation slides by Vikrant Rana Managing Partner, S.S. Rana & Co. INDIA. "27001 is about building controls for Confidentiality, Integrity and Availability of information.
LEVERAGING INFORMATION SECURITY STANDARDS IN LAW FIRMS: THE INCREASING POPULARITY OF ISO 27001 IN THE LEGAL INDUSTRY
2016 LAW FIRM INFORMATION GOVERNANCE SYMPOSIUM - Iron Mountan PDF available - click here.