Law firm earns ISO/IEC IT certification

A law firm has earned an information technology certification aimed at keeping information assets secure.

Detroit-headquartered Dickinson Wright, which has an office in Grand Rapids, said last month it achieved ISO/IEC 27001:2013 certification, after several years of work by its IT department.

Dickinson Wright said it is the first firm in the state to receive the certification.

Michael Kolb, chief information and security officer at Dickinson Wright, said the certification is an “important step” in ensuring the firm’s IT services are “secure and efficient” for clients.

The certification covers a number of IT functions: document management service, email service, remote access service, client-share service and mobile device management.

Kolb said ISO/IEC certification allows the firm to “continually improve” its information security management system and process.

He added the certification allows the firm to streamline its efforts to provide additional security for clients when handling highly sensitive matters.

The ISO/IEC 27001:2013 standards provide requirements for establishing, implementing, maintaining and continually improving an information security management system.

Dickinson Wright said the information security management system is designed to “preserve the confidentiality, integrity and availability” of information, by applying a “risk-management process.” It also gives “confidence” to interested parties that risks are adequately managed.

Certification is maintained through periodic surveillance audits.

ISO/IEC 27001:2013 is an update to ISO/IEC 27001:2005.

There were 664 certificates issued in the U.S. during 2014 for ISO/IEC 27001:2013, according to the International Standards Organization, or ISO, which developed the standards.