Potter Anderson has maintained ISO 27001 certification since 2020 and was recertified under the latest ISO/IEC 27001:2022 standard when it was released in 2023. The firm completed its most recent surveillance audit in August 2025, which confirms that the firm’s Information Security Management System continues to operate effectively and demonstrates our commitment to the security of the firm and our clients. In 2025, the firm added the ISO/IEC 27017:2015 uplift for information security controls applicable to Cloud Security.
The scope of the certification includes the following firm systems: Document Management System, Email System, Remote Access System, Mobile Device Management Service, Active Directory, File Share Service, and Information Backup System. The ISMS scope also includes the firm's personnel, systems, policies, procedures, guidelines, standards, tools, utilities, and data used in business execution and internal processes, in accordance with the statement of applicability, versioned 1.3 and dated as of August 14, 2025, and aligned to meet the control implementation guidance and additional control set of ISO/IEC 27017:2015 in the role of a cloud service customer (CSC).
Our certificate is available online here.
FSQS (Financial Services Qualification System) is a community of financial institutions including banks, insurance companies, and investment services. It provides a single standard for managing third and fourth-party information needed to demonstrate compliance to regulators, policies, and governance controls. FSQS is a rigorous, internationally recognized accreditation program that evaluates providers of financial services against high standards of data security, operational control, and risk management.
Our certificate is available online here.