Global menu

Our global pages


Security Policy

Eversheds Sutherland (hereinafter Eversheds Sutherland or the Organization) is highly committed to offering comprehensive advice covering the needs of our clients in the main areas of law, where the increasing digitalization makes it essential to implement good practices in security to achieve the objectives of confidentiality, integrity, availability and legality of all the information managed by the Organization during the execution of its business processes.

Consequently, the Organization maintains the following application guidelines to be taken into account within the framework of the Information Security Management System (ISMS):

  • Confidentiality : The information processed by Eversheds Sutherland will be known only by authorized persons, after identification, at the time and by the means provided.
  • Integrity : The information processed by Eversheds Sutherland will be complete, accurate and valid, and its content will be provided by those concerned without any kind of manipulation.
  • Availability : The information processed by Eversheds Sutherland will be accessible and usable by authorized and identified users at all times, being guaranteed its own persistence in case of any foreseen eventuality.
  • Legality : Eversheds Sutherland will guarantee compliance with all applicable legislation. In particular, the regulations in force related to the processing of personal data.

By means of this policy, the General Management assumes the responsibility to support and promote the establishment of the organizational, technical and control measures necessary to comply with the security guidelines described herein.

Likewise, all policies and procedures included in the ISMS will be reviewed, approved and promoted by the General Management of Eversheds Sutherland.

This Security Policy will be maintained, updated and adequate to the organization's purposes, aligned with the organization's strategic risk management context. To this end, it will be reviewed at planned intervals or whenever significant changes occur to ensure that its suitability, adequacy and effectiveness are maintained. A formally defined risk assessment procedure is also defined to manage the risks faced by Eversheds Sutherland.