Keesal, Young & Logan (“KYL”) and Privva, Inc. (“Privva”) have successfully implemented EDRM’s new Security Audit Questionnaire to complete the security assessment of KYL’s third-party eDiscovery providers. By capitalizing on Privva’s automated security assessment platform, KYL was able to streamline the process of distributing and scoring the results of the Questionnaire in a fraction of the time typically required.

On March 8, 2017, EDRM, part of the Center for Judicial Studies at Duke Law School and the top standard-setting organization for the eDiscovery market, released its new standardized Security Audit Questionnaire, designed to assess the security capabilities of cloud providers and third parties who offer electronic discovery or managed services. The Questionnaire focuses on seven crucial security areas for audit.

“Vendor security is a critical component to our cybersecurity strategy as we continue to expand to the cloud,” said Justin Hectus, CIO/CISO of KYL, who participated in the creation of the Questionnaire. “Implementing the new Questionnaire on the Privva platform benefits both law firms and their vendors, by efficiently identifying and tracking areas of high risk across vendor networks. Leveraging Privva to rapidly implement this process also enables us to collect feedback that we can provide to EDRM for consideration in subsequent versions of the Questionnaire.”

EDRM’s Questionnaire assesses the potential risk of giving a vendor access to sensitive data by evaluating their internal security practices. Privva automates the assessment process, allowing companies to perform security risk assessments in record time. The new Security Audit Questionnaire, combined with the automation provided by Privva, raises the bar for assessing the cybersecurity risk of eDiscovery providers.

About Keesal, Young & Logan

Founded in 1970, Keesal, Young & Logan (KYL) has earned an international reputation for outstanding client service, inventive legal advice, and superb trial advocacy. KYL represents clients across a wide range of industries and has proudly served many of those clients continuously for decades.

KYL’s commitment to leveraging technology for innovative and secure client service has been repeatedly recognized over the years. KYL was the first law firm to be awarded the prestigious InfoWorld 100 award and members of the KYL Keeps You Learning “community of experts” have been awarded Distinguished Peer Awards from the International Legal Technology Association (ILTA) as well as top honors from Association of Certified eDiscovery Specialists (ACEDS).  KYL continued its long run of technology “firsts” by being the first firm worldwide to pass the Legal Tech Audit in 2015 and by receiving the first-ever ACEDS Law Firm eDiscovery Department of the Year in 2016.  For more information, visit

About Privva, Inc.

Privva is a cloud-based platform designed to automate the risk assessment and reassessment process for law firms. Privva streamlines this process for its clients, saving a significant amount of time and offering a new way for clients to create reports and analyze vendors. Depending on the level of maturity of a firm’s cybersecurity measures, Privva will create, modify, or enhance critical vendor risk management programs. Centralizing risk metrics on the Privva platform creates an auditable and contractible repository of risk information to ensure compliance and identify best practices.
Privva’s top priority is making sure law firms allocate their resources to the most critical areas.

It views risk assessment as a critical component of every cybersecurity plan. Because Privva functions as an extension of a firm’s team, its solutions make the risk assessment process easier and more efficient. For more information, visit