Forensic Technology: Considerations for Information Governance

Similar documents
SECTION 18. INFORMATION TECHNOLOGY AND COMMUNICATION SYSTEMS RECORDS

NUIX for INVESTIGATIONS

An Automated Cornerstone to Privacy & Industry Regulations; End-to-End: Researched Legal Requirements to Defensible Disposition

Records Management at MSU. Cynthia Ghering Portia Vescio May 9, 2013

AIIM ERM Certificate Programme

Records Management at MSU. Hillary Gatlin November 24, 2014

Tackling the Challenge of Data Management and Migration to Meet Legal and Regulatory Obligations Jeff Kubacki Chief Information Officer

Basic Records Management Practices for Saskatchewan Government*

2/20/2013. Information Governance Matters: Real-World Lessons. Real-World Events. Information

Digital Oilfield: - EMC Upstream Information Management. - Aramco Records Management Strategy

Developing a Strategy to Manage Legacy Data

REQUEST FOR PROPOSAL (RFP) Records Management. In SharePoint

Managing Electronic Records: Methods, Best Practices, and Technologies

Prince William County, Virginia Internal Audit Report Records Retention and Public Requests

Corporate ITAM Directive

Records & Information Management More Than Just Retention

Rick Stirling President WesternIM

Electronic Records Management at MSU

Creating Business Value with ECM at the Region of Niagara

City of Las Cruces MOUNTAINS OF OPPORTUNITY

Passit4Sure.M _37,Q&A

Habit 4 of a RIM Program:

Final Report Audit of the Management of the Government of Canada Pension Modernization Project. Office of Audit and Evaluation

Guidelines for Information Asset Management: Roles and Responsibilities

Databases: Oracle v9i, v8i & v7.x, Legacy and Microsoft SQL Server v6.5 & v7

Implementation Practices for the Archiving and Compliance Infrastructure

Strategies for Social

ROAD ACCIDENT FUND COMPULSORY BRIEFING SESSION RFP/2017/ Date: 31 May 2017 Time: 11:00

Information Management in Microsoft SharePoint 2007

MS SharePoint 2007 and Records Management Solutions. Yuri Kharmov Evident Point Software Corp., 2007

What is ISO 30300? Who, when, where, why and how to implement

Outline of the Discussion

Records Management at MSU. Hillary Gatlin University Archives and Historical Collections November 23, 2015

SCHEDULE 2A IT SERVICE MANAGEMENT AND LIFE CYCLE SERVICES SOW. Date TBD. for

International Standards Reference

Enterprise Information Governance, Archiving & Records management

Document Management System Software Application

INFORMATION GOVERNANCE COMMUNICATION STRATEGY

Records Retention Workshop. Waukesha County June 2016

How Digital Labor Is Transforming Customer Service Operations. Karen Cheung Senior Manager Al Ochoa Senior Advisor

Introduction GUIDELINES FOR THE SELECTION OF AN ELECTRONIC DOCUMENTS AND RECORDS MANAGEMENT SYSTEM

RECORDS MANAGEMENT /4/2016 Susan McKinney, CRM University of Minnesota 1

Taming the Information Explosion

UK Research and Innovation (UKRI) Records Management Policy

Records Management System

Records Management Policy Number

Standard Statement and Purpose

relevant technology and tools to analyze data, efficiently and effectively perform assigned tasks as well as support other competencies.

Office 365 GOVERNANCE

1. EDM OVERVIEW. 1.1 EDM Objectives. 1.2 System. 1.3 Implementations

RFI Content Management System Tools Questions & Answers

Classification and Metadata. Priscilla Emery President e-nterprise Advisors

Article from: CompAct. April 2013 Issue No. 47

Reduce the time & labor to process and archive documents. Reduce document cycle times. Create audit trails of document handling activities

Dominion Dental USA, Inc. and Subsidiaries

Unified Archiving with dg hyparchive. Compliance. Security. Transparency.

University Systems Desktop Support Service Level Commitment

Network Drives Cleanup

HSCIC Audit of Data Sharing Activities:

Xerox DocuShare 7.0 Content Management Platform. Enterprise content management for every organization.

Records Management Plan

Accelerate GDPR compliance with the Microsoft Cloud Samuel Marín Sr. Sales Solutions Specialist

Records Management An Introduction


Program Lifecycle Methodology Version 1.7

INTERNAL CONTROL: COMPLIANCE, OPERATIONAL AND FINANCIAL

ATTACHMENT D SCHEDULE 2E DESKTOP SUPPORT SOW FOR COUNTY REVISION 1. Page 1 of 10

Information Is Your Most Important Asset. #AIIM Learn the Skills to Manage It.

Records & Information Management Best Practices for the 21st Century

Implementation of Alfresco s document management software into University institution

Features to meet any requirement

1003: Take Control of Discovery and Review Costs in the Era of Big Data

Washington Headquarters Services ADMINISTRATIVE INSTRUCTION

End-User IT Outsourcing Contract Number DIR-TSO-3666

R.A.C.I. Matrix for the Implementation of DEO Policy 4.09, Records Management Procedures

Gain control over all enterprise content

Enterprise Content Management & SharePoint 2013 As ECM Solution

Consolidating clinical content in truly vendor-neutral platform

A Simplified and Sustainable Approach to NERC CIP Compliance with Cyberwiz-Pro. NERC CIP Compliance Solutions from WizNucleus

Work Product Dependency Diagram

British Computer Society

Introduction to Information Security Prof. V. Kamakoti Department of Computer Science and Engineering Indian Institute of Technology, Madras

Role Profile SERVICE DESK ANALYST

HOW TO CREATE AN ENTERPRISE MOBILE STRATEGY

The Corporation of the City of Windsor Manage Changes to Information Systems

Recorded Information Management (RIM) Assessment

HP TRIM and Microsoft SharePoint Optimizing Secure Information Flow and Compliance

Transform records management

ROBOTIC PROCESS AUTOMATION

2018 Spring Conference

Records and Information Management Framework. Government Records Office Archives of Manitoba

C O N T E N T ASG-RECORDS MANAGER

ANCHOR ISO9001:2008 RPR-002 MARINE SERVICES REQUIRED PROCEDURE RECORDS CONTROL

Audit of Shared Services Canada s Information Technology Asset Management

Software Asset Management (SAM) Statement of Work (SOW) SAM Infrastructure Optimization (For use with the Microsoft SAM Services Incentives Program)

Corporate Law Department Information Governance Survey SURVEY RESULTS. hbrconsulting.com

10/27/2016. Banner Health s Journey Towards Information Governance March 2016

Global Records and Information Management Risk: Proactive and Practical Approaches to Effective Records Management. September 16, 2014

ANCHOR ISO9001:2008 RPR-004 MARINE SERVICES REQUIRED PROCEDURE NON-CONFORMING PRODUCTS

Roche Group Records Management Directive V2.0

Transcription:

Forensic Technology: Considerations for Information Governance ARMA Twin Cities Presentation April 6, 2016

Forensic Technology: Considerations for Information Governance Information Governance and Records Management uses Forensic Technology, specifically Computer Forensic Technology. In this session we will review the types of forensic technology, examples of how it is being used today and the associated benefits. We will look at the use of technology in the record life cycle, including the identification of records and information during the disposition process. To conclude we will discuss how these technologies are aiding records management and what they can do for us in the future. Greta Krapac Manager, Advisory Forensic Technology, Records and Information Management 10 S. Broadway, Suite 900, St. Louis, MO, 63102 Tel: 314-244-4270 Cell: 312-560-0506 gkrapac@kpmg.com 1

What is Computer Forensic Technology? Computer Forensics A branch of digital forensic science where evidence recovered from digital media and devices is examined in a forensically sound manner. The goal of computer forensics is to investigate evidence from digital data in order to find who was responsible for that particular incident. Computer Forensic Technology Technology used to enable computer forensics. These tools analyze the hardware, software, associated networks, personal devices and the enterprise. 2

Types of Computer Forensic Technology For better research and investigation, developers have created many computer forensics tools. These computer forensics tools can also be classified into various categories: Disk and data capture tools File viewers File analysis tools Registry analysis tools Internet analysis tools Email analysis tools Mobile devices analysis tools Mac OS analysis tools Network forensics tools Database forensics tools Focus of today s discussion are the tools looking at files, specifically the unstructured files found in multiple locations within an organization. 3

Gaining Insight Into Your Data These tools are used to gain better insight into your data/files to enable information governance and records management decisions. Information about the files as a group: Date ranges (created, modified) Regions/locations represented File types represented File authors/departments Information about the individuals files: Date created Date modified Last viewed File type Content (by search term) 4

How Organizations are using Forensic Technology Information Governance and Records Management professionals are using these analysis tools to understand the data/files they have and implementing this information in all aspects of the record life cycle. Gaining an understanding of where staff and employees are creating records. Regulating the creation of records through on-going monitoring. Creation Maintenance Understanding what data/files the organization is maintaining. Dealing with legacy records. Monitoring the use of current records. Identifying records and files that are eligible for disposition. Identifying records that are on legal hold. Disposing of records. Destruction 5

How can I use Forensic Technology for Information Governance? When and Why Computer forensic tools are used to gain an understanding of an organization s records. For information governance and records management purposes they can be used to: Deal with legacy records and conduct a clean-up Monitor information governance and records management practices Conduct audits, testing controls using business data 6

Conducting a Clean-Up A Clean Up is often the first step in dealing with legacy data/files. Organizations find that servers, files shares, personal drive and desktops are filled with information they can easily identify and associate with their retention schedule and information that is not easily identifiable. There are two types of Clean-Ups : Manual Clean Up Instruct staff/employees and personnel to apply retention and holds to their files regardless of their location Retention acted upon by staff/employees Automated Clean Up Analyze files using software Apply retention and holds based on information gathered during analysis Retention acted upon by software controlled by RM/IG staff 7

Monitoring Records Management and Information Governance Processes and Current Practices IG and RM professionals use the same tools they use for disposition decisions to gain insight into the process and current practices. Analysis includes: Creation and storage of files Location Files names File Authors Access to records Logs Restrictions Copies of files Example Report: HR File Locations Files Shares Local Drives Personal Drives SharePoint This insight can be used to see how staff/employees are adhering to policy and identify any trends. For example, a department with staff/employees that are offline often might be storing files to their hard drive. With these tools, the organization is able to identify the trend and find a solution. 8

Conducting a RM and IG Audit These tools can also be used to conduct a formal audit of the records management and information governance program, testing controls. Activities associated with an audit include: Reviewing content of specific locations (e.g. shared drives) to check for over-retention Reviewing content of specific locations for files (e.g. hard drives which per policy should not contain any files Testing access to files Testing content management ability to apply retention to files 9

Steps for Using Tools To use these tools effectively there are a number of steps required to prepare, execute and monitor their use. These include: Planning and Building the RM/IG Program Securing Management Support Communicating with the Masses Refining the Details Inventorying and Classifying Content Making RM/IG Decision Based On Analysis Measuring Success Green Prepare Blue Execute Orange Monitor 10

Prepare: Planning and Building the RM/IG Program This is a basic step that is often overlooked. Software tools offer solutions with impressive results. These results cannot be achieved with only the software. These tools require: Records Management/Information Governance Policy Record Retention Schedule List of all current legal, and investigative holds, including custodian information Records management/information governance professionals to provide oversight for the use of these tools assist with the use of these tools, including developing the decision matrix and rules for the application of retention 11

Prepare: Securing Management Support Using these tools, especially for a clean-up will impact the entire organization. Management support is critical. Steps to securing management support: Educate your audience Describe your process and plan Define your timeline Define what you need from the participants/key stakeholders Describe your planned results 12

Prepare: Communicating with the Masses This effort has the potential to impact the entire organization. It requires a detailed communication plan. This plan should include: Timeline Description of the communication event Audience Type of communication Message Timing 13

Prepare: Refining the Details The use of these tools requires extensive planning. The RM/IG team must develop a detailed methodology. This methodology should include: Goals and objectives Detailed plan to execute Process flow for decision points e.g. what makes a record eligible for disposition Approval documentation 14

Execute: Inventorying and Classifying Content Using the developed methodology and software, files can be inventoried and classified. During this step, the tools are used to analyze the files. 15

Execute: Making RM/IG Decision Based On Analysis The next step is to use the information collected and act upon it. This includes: For a clean-up this means purging information past retention and not on hold For a monitoring project this means making changes and updating your program to better meet the needs of the business For an audit this mean documenting your findings and setting out specific plans to address gaps in your established controls 16

Monitor: Measuring Success The last step is to document and measure your success. This includes: For a clean-up this may include number of files purged or moved to a more appropriate location for retention For a monitoring project this may include process changes to improve efficiency For an audit this may include information about how the RM/IG program addresses gaps in controls 17

Thank You!

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback