Skip to main content
Case studies

Information Security PP

Information Security Case Study

Requirement

Assist a large law firm based in Southern California with developing a wide-range of information security and data privacy documentation.

Issues

The client had experienced rapid growth in recent years, and with over 500 lawyers, senior leadership decided it was time to put in place a comprehensive InfoSec and data privacy program.

Additional issues for the client

No Experience with Security and Privacy Programs at this Level: While the client was well aware of the need for strong security and privacy controls, they had never embarked on such a mission or program in the past.

No Security Officer: The client had no official security officer in terms of a CIO or CTO, only a Director of I.T. who had no experience in developing security and data privacy policies and procedures.

Missing Security and Privacy Culture: Unfortunately, information security and data privacy did not seem to be high on the list in terms of organizational importance. While the client was well aware of growing cybersecurity threats, they still had not invested in any real initiatives on InfoSec and data protection.

Solution

Centris deployed a team of experts specializing in information security and data privacy policy development that successfully accomplished the following:

  • Defined project scope and client participation.
  • Identified all security and data privacy control gaps and recommendations for remediation.
  • Completely reviewed all current security and privacy policy documentation and began authoring new documentation.
  • Established contact and working relationships with all in-scope third-party vendors to begin the all-important task of identifying all external suppliers.

Outcome

  • Built and deployed an all-new information security, governance, and regulatory compliance program, one complete with policies, procedures, and processes.
  • Created a true culture of compliance where employees now understand and value information security, cybersecurity, and data privacy.
  • Implemented a robust security awareness training program for all employees.

Duration: 4.5 Months

Get the case study

Download the case study
Why Centris
As an internationally recognized business consulting firm, our highly trained employees work in every conceivable industry/sector in the global business arena. Centris has the knowledge and expertise you need for solving the challenges you’re facing. Our professionals are at the forefront of many of today’s most pressing risk, privacy, cybersecurity and compliance issues affecting organizations. We have a deep bench of talented professionals ready to go to work for you.
Ready to talk?