Information Security at LPO Vendors

September 17, 2009

In a previous post I discussed a number of characteristics that could help General Counsels (GCs) cull the list of LPO vendors.  One consideration at the top of every GC’s list is security.  The importance of information security and the related disciplines of confidentiality, integrity and availability of information cannot be overstated.  CGs should require that LPO vendors choose an applicable standard, implement it rigorously, and subject their operations to periodic testing by an independent third party.  Some uses of LPO will be less critical with regard to the information security (e.g. general contract management), but for corporations intending to use multiple LPO vendors or to outsource work requiring heightened security, (e.g. M&A doc review, litigation) a single standard will be easiest to evaluate and monitor over time.

Read the rest of this entry »