In 2016 De Pinna decided to put in place an information security management system (ISMS) to safeguard the assets and information we hold. ISO/IEC 27001 is one of the world’s best-known standard that specifies the requirements for an ISMS. An ISMS is a framework of policies, processes and procedures that helps to protect the confidentiality, availability and integrity of a company’s assets, which includes information, service, application, infrastructure and people.
With cyber-crime on the rise and new threats constantly emerging, it is important to be risk-aware and have systems in place to proactively identify and address weaknesses.
In 2016 our ISMS received the ISO/IEC 27001 accreditation. Over the last seven years to date De Pinna has undergone annual in-depth audits carried out by external auditors. On each occasion we have had to demonstrate that any security weaknesses previously highlighted have been addressed and that our ISMS has improved. As a result, we can now reassure our clients and prospective clients that we have established an ISMS which is robust and well tested.
“Our ISO/IEC 27001 certification (probably unique amongst specialist notary practices) demands that De Pinna focus constantly on maintaining and improving our information technology and security techniques, by implementing, communicating and pro-actively monitoring internationally recognised best practice information security controls. Ensuring document and data security and confidentiality is a strategic commitment from the management team. Day-to-day compliance is now routine for all employees and an integral part of the business.” (Phillip Journeaux, Partner)
“Engagement from partners and employees to adopt the disciplines that are essential to a successful ISMS is the most difficult challenge – but we have managed that successfully!” (Ryan Moody, Partner)
De Pinna is proud to still be the only specialist firm of notaries in London to have achieved ISO/IEC 27001 Information Security Management certification. We are committed to continue improvement and development of our ISMS by implementing appropriate risk assessments, policies and control. De Pinna believes that security is not just about technology but must be a fundamental part of culture and business practice.
If you want to find out more about our journey to achieve and maintain ISO/IEC 27001, how it can help you and your clients, or even how what we have done might inform your own plans for introducing ISO/IEC 27001 or more effective data security in your team or your business – call us on +44 (0)207 208 2900 or email us at firstname.lastname@example.org to find out what we can do for you.