Due to the nature of their work, CPA firms have been entrusted with their clients’ most sensitive and personal information. Historically, this information was stored on paper and was fairly easy to secure. However, in today’s interconnected digital landscape, protecting this data has become complex and even more important. With evolving threats and regulations, our firm has decided to implement the ISO/IEC 27001:2013/2022 and ISO/IEC 27701:2019 standards. ISO 27001 and ISO 27701 are the new benchmarks for managing and protecting digital data and personal information. These certifications are important to us because it not only demonstrates our commitment to robust information and data security practices, but also enhances our credibility and trust among our clients and stakeholders.
What is ISO 27001?
ISO 27001 is an internationally recognized standard that outlines the requirements for establishing, maintaining, and continually improving an Information Security Management System (ISMS).
The ISMS is focused on identifying, assessing, and mitigating risks related to information security.
What is ISO 27701?
ISO 27701 is another internationally recognized standard that is an add on to the ISO 27001 standard. ISO 27701 outlines requirements for establishing, maintaining, and continually improving a Privacy Information Management System (PIMS).
The PIMS is focused on identifying, assessing, and mitigating risks related to the protection of privacy data and personally identifiable information (PII).
Why did McConnell Jones Pursue Certification?
Legal and Regulatory Compliance: Compliance with both ISO standards align with legal and regulatory requirements, thus ensuring that we stay ahead of the curve.
Risk Mitigation: As a CPA firm, we handle extremely sensitive financial, personal, and business information which makes us a prime target for cyber threats. Having these certifications helps us proactively address risks and vulnerabilities.
Client Confidence: Maintaining these certifications demonstrates our actionable commitment to information and data security. We want our current and prospective clients to be confident in our ability to safeguard their data and privacy.
Our Strategic Commitment to Data Security
In the ever-evolving world of cybersecurity threats, ISO/IEC 27001:2013/2022 and ISO/IEC 27701:2019 certification empowers firms like us to protect our clients, uphold integrity, and thrive in a digital world. By embracing the ISO standards, McConnell Jones can lead the charge in securing financial data and set new standards for excellence.
For more information on McConnell Jones’ data security measures, visit https://mcconnelljones.com/company-and-people/data-security/.