At the end of August, tlam achieved ISO27001 certification – the international standard organisation mark for information security management.
With the great professional service given to us by ISO Quality Services Limited (ISOQSL), we are happy to confirm that we eased our way through to certification and will be undergoing our first audit in 6 months’ time.
The Development of our Business
We have been outsourcing finance departments, legal cashiering and accounts to Law Firms for nearly 10 years and now we are branching out into new technology ventures and diversifying our business. As we roll out our new Paralegal offering and Mushroom, we wanted to enshrine our corporate and data governance in a recognisable standard of compliance. We are reinforcing our commitment to the diligent service we provide for our clients.
By going through the ISO certification, we are taking a proactive step to ensure full forward compliance with the General Data Protection Regulations.
Ironically, in the few days prior to our initial assessment, the Law Society published its article advising Law Firms to take up the ISO27001 assessment in order to get prepared for GDPR.
The ISO27001 certification process involved the following:
- Identifying the clauses of the standard we need to comply with;
- Writing a comprehensive information security policy document;
- Making sure the policy is wrapped around a strong layer of corporate governance to achieve total compliance around the organisation. This should touch everything; visiting and physical security, maintenance of IT network and user access controls, software development, HR and controlling documentation;
- Undergoing comprehensive risk assessments on information assets and forced entries into the network through various forms of breaches including Cyber Attacks;
- Formulating a robust framework for internal auditing.
10/10 would recommend and particularly for Law Firms.
We were very happy with the outcome and pleased that we had some great risk management structures and policies in place prior to our decision to take on the ISO27001 certification. Our assessor at ISOQSL, had this to say about tlam’s initial certification:
“tlam are a highly professional company which was clear to us ever since we first met with them earlier in the year. After their assessment for ISO 27001 we could see that they had detailed systems in place and were in a strong position for certification. We’d like to congratulate them on achieving ISO 27001 certification and thank them for being a pleasure to work with.”
If you would like some further information on data governance or the ISO27001 get in touch with Ed or Anne by calling 01684342023.
You can view our information security policy notice here.
All detailed information is available on request.