Brownstein Receives ISO 27001 Certification

Brownstein Receives ISO 27001 Certification

Brownstein recently achieved ISO 27001:2013 certification, the most widely adopted, international information security standard and the highest level of security-related accreditation a law firm can achieve. This certification covers information security throughout the firm and physical security in Brownstein’s two largest offices in Denver and Washington, D.C.

ISO 27001 is an internationally recognized security standard that specifies the establishment and maturity of an organization’s Information Security Management System (ISMS). These rigorous standards exist to ensure that formal security and risk management controls are in place to protect the confidentiality, integrity and availability of sensitive company, client and personal information. Risk assessment, policy and process implementation, and both internal and independent audits are all part of the required work. The detailed certification process requires annual audits to ensure that the firm is utilizing and continuously improving best practices and procedures to secure its client and employee sensitive data and to keep pace with the ever-changing cybersecurity landscape.

“This was a fantastic team effort across the entire firm,” said Doug Landin, Brownstein’s chief information security officer. “Protecting our clients’ information is our highest priority and this ISO certification demonstrates our commitment to strict international standards and benchmarks for information security management.”

Brownstein joins an elite group of AmLaw firms by achieving this certification. ISO 27001 certification proves Brownstein’s commitment to provide both its clients and employees with global best practices for information security management. It also confirms that proper policies, procedures and controls are in place to secure sensitive client data.

The effort was achieved through a rigorous 18-month process that involved contributions from attorneys and staff across all departments and ranks. The firm partnered with ACTIVECYBER to achieve certification from Schellman.