The Standard is the Standard: ISO 27001 & Law Firms

By: In: Law Firms On: Aug 22, 2016
The Standard is the Standard: ISO 27001 & Law Firms

This past June, our Pittsburgh ARMA chapter toured Heinz Field, home to the Super Bowl LI Champion (you heard it here first!) Pittsburgh Steelers.  Directly outside of the Steelers locker room is the metal sign that you see in this photo.  “The Standard is the Standard” is an axiom attributed to current Steelers coach, Mike Tomlin. While there are slight variations as to the meaning behind Coach Tomlin’s message, the general consensus from the players and the organization is this:  the standard is the same for everyone. No excuses. No justifications. If you are on the field, and part of the team, you’re expected to perform as hard and as fast as everyone else.

This type of expectation is not unfamiliar to law firms.  Clients require superior representation from their lawyers.  Clients (especially those in regulated industries) also expect law firms are managing and securing their data by the same standards that they (the client) have within their own organization.  The significant increase in client security requirements via outside counsel guidelines, RFPs, and security questionnaires have now prompted many law firms to become (or consider becoming) ISO 27001-certified as means to demonstrate to their clients that they are complying with what is widely known as the standard for information security.

In this report, Leveraging Information Security Standards in Law Firms: The Increasing Popularity of ISO 27001 in the Legal Industry, the Law Firm Information Governance Symposium (LFIGS) addresses this increasing trend. Additionally, the report examines the challenges, opportunities, and approaches to obtaining certification.  The report also explores other security standards, and presents a survey that reflects the current trend of ISO 27001 certification in law firms.

The report is certainly relevant to those in the IT, IG, or information security discipline.  But, it’s important to note that its audience doesn’t stop there.  It’s also designed for individuals in HR, Marketing, and Procurement.  In fact, it could be argued that any law firm employee or partner would benefit from reading the paper.

Why?

With client security, the standard is the standard, regardless of the role an individual has within the firm.  The responsibility to protect client data does not just belong to one or two teams.

It belongs to everyone.

 

Looking for previous LFIGS reports? You can find them all here.

Document Repositories: Balancing Security & Convenience →

Leave A Comment

*

About the author

Brianne Aul

Brianne Aul has been the Firmwide Records Senior Manager for Reed Smith LLP since 2009, a position to which she was promoted after serving as Records Supervisor for the firm’s Pittsburgh office since 2006. She has been with Reed Smith since 2001. Ms. Aul is the current Vice President of the Pittsburgh chapter of ARMA, and became a CRM in December, 2014. Ms. Aul also received her B.A. in English from The Pennsylvania State University in 2001, and her M.B.A. from Waynesburg University in 2008.