Information Security & ISO 27001

Article image

Safeguarding client data in our custody 

Introduction

At Mourant we take information security extremely seriously. We are committed to continually improving our processes to ensure that they are as robust as possible and that we meet our obligations to safeguard the client data in our custody. We have made strategic investments in information security and, while no defences are infallible, we continue to focus on client data security enhancements as a priority. This is a strategic imperative for us.

The World Economic Forum continues to report that Cyber Security risks are clear and present dangers to organisations globally.

Adopting a recognised and robust Information Security framework is a vital step in ensuring that appropriate steps are taken to provide security and resilience.

ISO 27001 Certification

Our approach to information security is clearly distinguished; we were the first firm in our market to achieve ISO 27001 certification. The international standard, which is seen as the pinnacle of information security management, requires the development and implementation of a rigorous Information Security Management System (ISMS) programme, that defines how we manage information security across our organisation and office locations. Compliance with this standard requires a holistic approach, taking into account the requirements for establishing, implementing, maintaining and improving information security management, supported by our people, processes and technology.

Find out more about ISO 27001

Article image

Our ISMS Team

The firm's ISMS programme and accreditation framework is managed by a dedicated Chief Information Security Officer who focuses exclusively on data security.  

The CISO reports directly to our Chief Information Officer who has a background in information security gained at one of the world's leading international law firms and a FTSE 100 listed oil and gas company.  Together, they work closely with our Chief Risk & Compliance Officer on all aspects of data security. 

Our ISMS Programme

Our ISMS programme is well established and rigorous. It includes on-going, firm-wide security training and technical security controls, the efficacy of which is regularly tested and verified by external auditors. Based on continuous process improvement principles, it combines a deep understanding of our obligations with focused expertise bound by leading-practice controls, audit and oversight. Internally we focus on a three pronged education and training programme, including awareness, behaviour and culture aspects. Externally we work in partnership with our clients to support their own data security requirements and enhancements.   


More information

If you would like more information on our ISMS programme, please get in touch via your usual Mourant contact.

Scroll To Top