Ballard Spahr announced today that the firm has earned ISO 27001 certification of its information security management system, demonstrating compliance with global standards promulgated by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). Formally known as ISO/IEC 27001:2013, the designation certifies that the firm has a formal set of security and risk management policies, procedures, and controls in place to protect the confidential information of clients and employees.

The certification follows a comprehensive audit of the firm's information systems. ISO 27001, the highest level of security-related accreditation available to a business, is the most commonly used information security standard in the world.

"As we've seen the incidence of cyber incidents increase across all industries, we know that robust information security measures are more important than ever" said Edward J. McAndrew, co-leader of the firm's Privacy and Data Security Practice Group, who worked with the firm's information technology professionals on the certification process. "Our ISO 27001 certification shows that we are committed to meeting the highest standards to protect our clients' sensitive information."

Periodic ongoing audits ensure that the firm continues to comply with the standards required by the certification.