Assessing ransomware risks: our information security questionnaire

Why has the questionnaire been produced?

Together with the Bar Council, we’ve produced this questionnaire to help our members understand the information security arrangements that barristers' chambers have in place.

We want to help law firms understand how the chambers they instruct process information.

We hope that by having an agreed standardised questionnaire, the administrative burden will be much reduced for both the chambers responding to the questionnaire, and the law firms assessing those responses.

Who should use the questionnaire?

We recommend that law firms should use this questionnaire to check that the centralised information technology (IT) systems maintained by chambers are information security compliant.

What does the questionnaire consist of?

The questionnaire contains 26 questions.

It’s designed to be relevant in most circumstances.

The aim of this questionnaire is to ensure that chambers are information security compliant, and to promote a culture of change across the legal profession in terms of how law firms instruct barristers.

The questionnaire focuses on the central services which may be provided by chambers to barristers and staff.

It therefore begins by seeking a definition of the scope of such centrally provided systems and services. The remaining questions should then be answered in respect of that defined scope.

The questionnaire’s introductory paragraphs set out more details about how we expect it to be used.

The questionnaire aims to raise awareness of information security issues, including organisational security, and is not limited to chamber’s use of technology.

The questionnaire’s responses are provided for information purposes only, and do not give rise to any contractual or tortious liability on the part of chambers or individual barristers.

Neither the Law Society nor the Bar Council will maintain a repository of responses to the questionnaire which will remain confidential between the parties.