Skip to main content

Clifford Chance

Clifford Chance

Certified information assurance

We are always mindful of our responsibility to ensure the protection of any data entrusted to us by our clients to the maximum extent possible. In order to provide clients with independent assurance of the high standards to which we fulfil this responsibility, we have attained the most recognised national and international certificates of Information Assurance.

As a business we also require any external data handlers to comply with the requirements of the certifications and provide us with confirmation of their data handling processes. Many of our suppliers already hold one or more of the certifications.

We are proud to say Clifford Chance has achieved three of the most respected certifications available worldwide.

SOC 2 Type 2

The System of Organisational Controls (SOC) is set by the American Institute of Certified Public Accountants (AICPA) representing 418,000 CPAs in 143 countries. A SOC 2 Type 2 audit report provides detailed information and assurance about a service organisation's security based on their compliance with the AICPA's TSC (Trust Services Criteria).  It confirms current compliance along with historical competence to show maturity in process.

ISO 27001; 2013

The International Organisation for Standardisation (ISO) sets a recognised and respected standard for the management, security, ongoing use and improvement of information management systems. It requires adherence to 10 clauses and 114 controls ranging from effectiveness of policies to operational security and business continuity. 

Cyber Essentials Plus

The IASME Consortium provides the oversight and assurance of the UK National Cyber Security Centre's (NCSC) Cyber Security Standard.  Cyber Essentials Plus covers five security controls and tests the system's effectiveness via a technical audit.  This certification is a requirement when handling UK Government information.

Related information