White & Case obtains certification in Privacy Information Management extensions to ISO/IEC 27001/2
1 min read
Global law firm White & Case LLP announced today that it has expanded its Information Security ISO/IEC 27001/2 certification, the world's highest accreditation for information protection and security, to include the ISO/IEC 27701 Privacy Information Management System extensions.
Awarded to firms whose business processes conform to strict international standards, the ISO provides the only auditable, international accreditation for information security management and privacy information management.
The Firm's ISO program was further assessed to be in alignment with the rigorous National Institute of Standards and Technology (NIST) 800-53 standard, as well as with the cybersecurity practices recommended by the Financial Industry Regulatory Authority (FINRA).
"In an environment of heightened risks posed by ever-increasing cybercrime, it is essential that we take all possible measures to protect the confidential information entrusted to us by our clients," said Tony Cordeiro, White & Case's Chief Information Officer. "Since 2011, we have consistently achieved ISO 27001 certification, and by now enhancing our ISO program to encompass the ISO 27701 data privacy extension, we are even better positioned to safeguard that data."
To obtain recertification, White & Case underwent a comprehensive set of internal and external reviews to ensure its IT systems and data privacy practices met the requirements of ISO/IEC 27001 and 27701. The process was audited by MSECB Management Systems, Inc., a leading global provider of examination, audit and certification services.
For more information please speak to your local media contact.