Anderson Talks ISO Certification, CIO 100 Honor with ILTA
Shook, Hardy & Bacon Chief Information Officer John Anderson participates in a Q&A with International Legal Technology Association’s Peer to Peer Magazine featuring Shook’s ISO 27001 certification and recent CIO Magazine 100 award win. The profile, titled “Award-Winning ISO Certification” was included in Peer to Peer’s Winter 2016 issue.
While discussing Shook’s decision to pursue ISO certification, Anderson says, “We wanted a methodology and a framework that ensures we’re using best practices for information security. We also wanted third party-verification that proved our commitment to information security.”
The project, which was completed in September 2014, wasn’t without its challenges, including the competition for time and resources with client-based projects. Anderson says, “The hardest part was finding a way to balance the internal time commitments of developing all the policies and procedures and the day-to-day responsibilities of everyone involved in the project. It took about 18 months to complete the project, which is a typical timeframe for most firms.”
Speaking about the CIO 100 award, Anderson says, “Winning this award was very gratifying because winners were selected by a team of external judges and editors at CIO magazine. They picked us because of the business value the certification provides to our firm. The fact that we received an award from a non-legal source made it especially gratifying.”
Looking to the future of law firms and cyber protection, Anderson notes, “This and other certifications are becoming more important and will probably by required by clients and regulatory agencies in the future. Getting started on them sooner rather than later could be a very good idea.”
While discussing Shook’s decision to pursue ISO certification, Anderson says, “We wanted a methodology and a framework that ensures we’re using best practices for information security. We also wanted third party-verification that proved our commitment to information security.”
The project, which was completed in September 2014, wasn’t without its challenges, including the competition for time and resources with client-based projects. Anderson says, “The hardest part was finding a way to balance the internal time commitments of developing all the policies and procedures and the day-to-day responsibilities of everyone involved in the project. It took about 18 months to complete the project, which is a typical timeframe for most firms.”
Speaking about the CIO 100 award, Anderson says, “Winning this award was very gratifying because winners were selected by a team of external judges and editors at CIO magazine. They picked us because of the business value the certification provides to our firm. The fact that we received an award from a non-legal source made it especially gratifying.”
Looking to the future of law firms and cyber protection, Anderson notes, “This and other certifications are becoming more important and will probably by required by clients and regulatory agencies in the future. Getting started on them sooner rather than later could be a very good idea.”