Enterprise Risk Management

Our attorneys provide enterprise-level guidance to help identify and mitigate risks and keep our clients’ businesses moving forward.

We recognize that these issues are often not purely “legal,” so we coordinate a team effort alongside our clients’ business and IT/security experts to ensure business, technical and legal priorities are addressed in a holistic way. We understand the limitations of written policies and focus heavily on implementation strategies and practical approaches to risk management.

Our work in this area includes:

  • Advising on enterprise-level risks specific to each client;
  • Identifying relevant legal or industry-specific cybersecurity and privacy obligations;
  • Developing compliance strategies;
  • Reviewing, drafting and revising privacy and information security policies, including incident response plans;
  • Conducting audits of cybersecurity and privacy policies and practices;
  • Assisting with policy implementation; and
  • Advising on insurance coverage specific to cybersecurity and privacy risks.

We place great importance on building efficient lines of communication with our clients, paving the way for a quick response should an urgent situation arise.