Kutak Rock announced today that the firm has successfully renewed the three-year ISO 27001 Certification of its information security management system. Certification requires annual audits to confirm continuing compliance, with a full re-certification audit every third year. The ISO 27001 certification is one of the most widely recognized and accepted information security standards in the world. It provides all Kutak Rock clients, stakeholders and regulators with validation that the firm’s data security guidelines, policies and procedures meet international standards for best practices and demonstrates the firm’s strong commitment to the protection of client information.

The certification followed a comprehensive audit of the firm’s information systems by MSECB that commenced in November of last year. As an ANSI-ASQ National Accreditation Board (ANAB) certification body, MSECB’s ISO 27001 certification demonstrates that the firm can recognize, evaluate, and consistently control information security risks to the business proactively.

“Kutak Rock remains justifiably proud of its attention to information security and strong commitment to protect the confidentiality of client information,” noted Information Security & Privacy Counsel Elise Dieterich. “Renewal of the firm’s certification indicates that Kutak Rock continues to demonstrate an effective, integrated approach to data security, and provides our clients assurance that Kutak Rock applies a high level of protection for their most sensitive information.”

ISO/IEC 27001:2013 is an information security management standard, published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee. ISO/IEC 27001 specifies a management system that is intended to bring information security under management control. The latest revision of the standard was published in 2013.