Information Security
Clients are assured of security confidentiality and certainty. Our high levels of document security, document shredding and disposal, data protection and firewalls reduce risk and promote peace of mind.
Parke Lawyers has a strong desire to protect the privacy of its clients and the security and integrity of its records. Having implemented a best practice quality management system (achieving certification to the LAW 9000 standard) Parke Lawyers has also enhanced its information security, through implementation of an Information Security Management System (ISMS) certified against the ISO 27001 standard. The two standards complement each other and enable ongoing management efficiencies.
Parke Lawyers became ISO 27001 compliant in October 2010, making them the first law firm in Australia to make a serious move towards the highest level of data protection. From the early stages, through the auditing process and following certification, the implementation had a far greater impact than ever anticipated. All employees are now fully aware of how to identify and assess threats, vulnerabilities and impacts. And most importantly, as ISO 27001 is practical and flexible, business efficiency has improved without any sacrifices to productivity. In fact, many existing processes were modified and consolidated. This was reflected most notably in the reduction of the company Business Manual from over 150 pages down to around 70.
One of the major changes they made was appointing an Administration Manager who is in charge of receiving and making digital copies of all incoming and outgoing correspondence, keeping a log of all matter files and is responsible for securing all data assets on a daily basis. To assist in overall security, alarms, cameras and network firewalls were also installed.
There are two main benefits Parke Lawyers discovered in ISO 27001. The first is how the system 'captures experience'. That is, by constantly documenting what does and doesn't work and reassessing regularly, improvements will continue to be made and mistakes will not be repeated.
Secondly, is the concept of 'corporate visibility'. This means that, due to the systems in place, at any given time, the Managing Director is aware of the location of every file, has access to electronic versions of every file, and can control access to every file.
Read article: An Information Security Trans-firm-ation
