Law In Order is pleased to announce the successful completion of its first ISO/IEC 27001:2013 audit. As one of the most prestigious standards for information security management systems, the International Organisation for Standardization (ISO)/ International Electrotechnical Commission (IEC) 27001 certification reinforces the integrity, privacy, and efficiency that Law In Order treats all of its matters.

[2 minutes read]

Law In Order is pleased to announce the successful completion of its first ISO/IEC 27001:2013 audit. As one of the most prestigious standards for information security management systems, the International Organisation for Standardization (ISO)/ International Electrotechnical Commission (IEC) 27001 certification reinforces the integrity, privacy, and efficiency that Law In Order treats all of its matters.

Law In Order achieved certification on its first attempt, with zero non-conformities and zero recommendations for improvement.

Information Security Officer for Law In Order, Alen Zenicanin, says

“Working with the legal industry means we are accountable for protecting highly confidential and sensitive data; the likes of witness statements, details of court cases, and other evidence material. With such data types being high value targets for hackers and extortionists, the controls of the ISO 27001 framework are essential for our organisation to ensure the safe transfer and handling of data.”

Law In Order provides eDiscovery, Document Production, Managed Services, and eHearings to legal, government, and corporate entities in Australia and across the world. The business strives to uphold the highest achievable standard of information security for all clients, whether internal or external. Consequently, all information related to Law In Order, including its internal operations and employees, is treated with the same level of confidentiality and protection.

Law In Order’s Information Security Management System (ISMS) encompasses all systems and processes owned and controlled by the company that handle sensitive client information. This includes electronic and hard copy information, as well as any physical equipment used in the course of business.

Murali Baddula, Chief Digital Officer at Law In Order, stated that their commitment to ensuring strict compliance with rigorous information security standards is demonstrated by these certifications. He emphasised that they are dedicated to conducting meticulous reviews of both internal and external processes.

In addition to the firm’s ISO 27001 achievement, Law In Order recently achieved Level 3 maturity in the Australian Signals Directorate (ASD) Essential Eight. The Essential Eight is an Australian cybersecurity framework by the ASD. This framework, published in 2017, is an upgrade from the original set of 4 security controls by the ASD. The Essential Eight introduced 4 additional strategies to establish the eight control that aim to protect Australian businesses from cyberattacks today.

“The commitment we make to our customers and ourselves to provide services in a secure, reliable, and effective manner is supported incredibly well by the three key pillars of Confidentiality, Integrity, and Availability of the ISO 27001 framework” says John Ozturk, Head of Information Technology at Law In Order. John adds “The ISO 27001 framework gives us reference controls to meet our security objectives. The independent certification and surveillance process validates that what we are doing is right and will highlight what we need to improve”.