White & Case Obtains ISO/IEC 27001/2 Recertification in Information Security Management
Global law firm White & Case LLP announced today that it has been awarded recertification under the prestigious ISO/IEC 27001/2 standard, the world's highest accreditation for information protection and security.
Awarded to firms whose business processes conform to strict international standards, the ISO/IEC 27001 accreditation is the only auditable international benchmark for information security management. White & Case has consistently achieved ISO certification since 2011.
The Firm’s ISO program was further assessed to be in alignment with the rigorous National Institute of Standards and Technology (NIST) 800-53 standard, as well as with the cybersecurity practices recommended by the Financial Industry Regulatory Authority (FINRA).
"Protecting our clients' data is a top priority for our Firm," said Tony Cordeiro, White & Case Chief Information Officer. "Our focus on renewing our ISO 27001 certification each year demonstrates this commitment."
Developed by the International Organization for Standardization, ISO/IEC 27001 is a globally recognized information security management system standard that requires adherence to controls governing information security policies; organization of information security; human resource security; asset management; access control; cryptography; physical and environmental security; operations security; communications security; system acquisition; development and maintenance; supplier relationships; information security incident management; information security aspects of business continuity management; and compliance.
To obtain recertification, White & Case underwent a comprehensive set of internal and external reviews to ensure its IT systems met the requirements of ISO/IEC 27001. The process was audited by the Professional Evaluation and Certification Board, a leading global provider of training, examination, audit and certification services.
For more information, please speak to your local media contact.