Applying Technology to Information Governance

Similar documents
GDPR: Centralize Unstructured Data Governance Across On-premises and Cloud

EU General Data Protection Regulation

This report details the responses to this industry survey with a focus on identified market trends, including:

Information Is Your Most Important Asset. #AIIM Learn the Skills to Manage It.

Information Economics

Information Governance

DE-RISK YOUR INVESTMENT IN AN INFORMATION MANAGEMENT STRATEGY.

PERSPECTIVE. GDPR - An industry and geography agnostic regulation. Abstract

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

Why CIP? AIIM International's Certified Information Professional designation was designed to allow information professionals to:

Certified Information Professional 2016 Update Outline

An Automated Cornerstone to Privacy & Industry Regulations; End-to-End: Researched Legal Requirements to Defensible Disposition

What is GDPR and Should You Care?

3 Situations, 2 Lawyers, 1 Corporation, and So Many Features

Mind the Gap: GDPR Ahead. Rakesh Sancheti. Author. July Vice President and Business Head - Analytics, Europe and Nordic

SOLUTION BRIEF RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT

Information Governance at Work An IGI Case Study Series

5-Step Guide For GDPR Compliance

An intelligent approach to unlocking value in service delivery transformation Focus on risk from the start

Implementation Practices for the Archiving and Compliance Infrastructure

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

4/26. Analytics Strategy

ECM Migration Without Disrupting Your Business:

The General Data Protection Regulation (GDPR): Getting in good shape for the deadline Copenhagen, 19 September 2017 Janus Friis Bindslev Partner,

Securing Intel s External Online Presence

Why Most Migration Projects Fail Don t Be a Statistic

10/27/2016. Banner Health s Journey Towards Information Governance March 2016

Hennepin County Technology Plan Presented by Craig Troska, Chief Enterprise Architect

Veritas 360 Data Management Suite. Accelerating Digital Transformation Through Multi-Cloud Data Management.

Data Governance. Data Discovery.

General Data Privacy Regulation: It s Coming Are You Ready?

GDPR and Microsoft 365: Streamline your path to compliance

Making the Case for Governance IoT Data

Cloudy skies. How to bring clarity to your cloud platform in order to optimize your investment. September 2016

INFORMATION GOVERNANCE, PRIVACY & SECURITY SERVICES REDUCING COST AND RISK

RSA ARCHER MATURITY MODEL: AUDIT MANAGEMENT

AHIMA Information Governance & The Information Governance Adoption Model (IGAM )

Information Server: 11.x Information Governance Catalog. Marc Haber Senior Offering Manager, Governance Catalog & Tools

IBM Software White Paper. Information lifecycle governance in a big data environment

3 STEPS TO MAKE YOUR SHARED SERVICE ORGANIZATION A DIGITAL POWERHOUSE


INSIDE. 2 Introduction 12 Conclusion 4 6. How Prepared Are Corporate Law Departments?

Instilling a Culture of Security Starts With Information Governance

Application Migration to Cloud Best Practices Guide

GDPR and Canadian organizations: Addressing key challenges GDPR and Canadian organizations: Addressing key challenges

Create your ideal data quality strategy. Become a more profitable, informed company with better data insight

Statistics Canada s Modern and Comprehensive Information Management (IM) Strategy

The GDPR Are you ready?

Standards for Establishing

12 STEPS TO PREPARE FOR THE GDPR

Federal Enterprise Architecture

A Vision of an ISO Compliant Company by Bruce Hawkins, MRG, Inc.

Operational Risk Management (#DOpsRisk) Solutions suite

Microsoft Services. Transform your digital security strategy to 04mitigate business risk

Article from: CompAct. April 2013 Issue No. 47

Top Information Governance Predictions of 2018

Sustainability Policy of the Eletrobras Companies

Leading Practice: Approaches to Organizational Change Management

Not if, But When You Get Hacked Measuring and Proactively Managing Information Risk

TWELVE STEP PLAN TO BECOME COMPLIANT WITH THE GENERAL DATA PROTECTION REGULATION

Data protection in light of the GDPR

INFORMATION SERVICES FY 2018 FY 2020

How to Drive Business Value with Capacity Management

Enterprise Information Governance, Archiving & Records management

ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015

SPHERA CUSTOMER CASE STUDIES. ADVANCING OPERATIONAL EXCELLENCE A focus on Incident Management

Department of Navy Audit Update

Deloitte Forensic Predict. Detect. Respond.

Cloud Computing Opportunities & Challenges

Legacy Decommissioning and System Consolidation

Les Schwab How a Leading Retailer Got on the Road to IG With Key Partners & A Practical approach

CGEIT Certification Job Practice

Today s CFO: Changing the game plan for tomorrow

AUDIT ADVANTAGE: IMPROVING MISSION READINESS

COBIT Control Assessment Questionnaire

CONSULTATION DOCUMENT AML/CFT SUPERVISORY STRATEGY

VENDOR RISK MANAGEMENT FCC SERVICES

Revenue synergies in acquisitions In search of the Holy Grail

FATCA Onboarding & Compliance Solution. kpmg.com

Integrated Care Information Management Readiness. An IDC InfoBrief, Sponsored by Dell EMC October 2016

REUTERS/Yuya Shino. Thomson Reuters Compliance Learning. Promoting a Culture of Integrity and Compliance

Accelerating Cloud Value through Analytics

Data Breaches and Security Rights in SharePoint Webinar

Asset Performance Management from GE Digital. Enabling intelligent asset strategies to optimize performance

Speed to Value in Portfolio Management

Thomson Reuters Regulatory Change Management

Best Practices In Government for ediscovery and Compliance

The new EU data protection Regulation: The business opportunity beyond legal compliance. Kalliopi Spyridaki Chief Privacy Strategist, Europe

Silicon Valley SharePoint Users Group 8/15/2013. Records Management and ediscovery For Business Users and IT. Rajesh Agadi Principal Consultant

CMMI-DEV V1.3 CMMI for Development Version 1.3 Quick Reference Guide

White Paper. Code Maintenance Best Practices. 4 Essential Skills for Lean Times

Liberty Healthcare Management, Inc.

PREPARING YOUR ORGANISATION FOR THE GENERAL DATA PROTECTION REGULATION YOUR READINESS CHECKLIST DATA PROTECTION COMMISSIONER

Enterprise Content Management & SharePoint 2013 As ECM Solution

Information Governance and Records Management Policy March 2014

What you need to know. about GDPR. as a Financial Broker. Sponsored by

Practical Fundamentals for Master Data Management

Tata Technologies PLM Analytics Maturity Assessment Program

GDPR Compliance Checklist

Transcription:

Applying Technology to Information Governance Eric Robinson, KrolLDiscovery February 24, 2017 1

The Bots are Coming! Or, are they???? 2

Overview What is Information Governance (IG) How to Develop IG Programs IG Projects Companies are Undertaking Today Defensible Data Remediation Intelligent Migration Legal Hold Ediscovery and Analytics for IG 3

1 What is Information Governance? 4

Management v. Governance Information Management HOW information flows through an enterprise Information Governance WHY an organization has information in the first place 5

Definition: Information Governance 6

Information Governance Reference Model (IGRM) Linking Duty and Value to a Company s Information Assets Information Governance allows companies to manage data assets consistent with their value in enhancing business performance or mitigating legal or regulatory risk. Valuable data is better identified, protected, and analyzed, to support business optimization and risk mitigation objectives. Valueless data (ROT) is better identified, and disposed of, to reduce IT complexity and costs. 7

IGI Survey: Disciplines of Information Governance A coordinating function between various disciplines Top-ranking disciplines for which IG serves as a coordinating function: - RIM - InfoSec - Compliance - ediscovery - Data Governance - Privacy IG helps companies identify, manage, and analyze data to reduce risks and costs associated with all of the above disciplines 8

The International Case for Effective IG Keeping an eye on the GDPR (EU s General Data Protection Regulation) Adopted April 2016, effective May 2018. Replaces EU s 1995 Data Protection Directive Primary objectives: give citizens back the control of their personal data and simplify regulatory environment for international business Right to Erasure and Right to Data Portability are key developments that will require stronger IG Applies to foreign companies that process data of EU residents Right to Erasure and Right to Data Portability are key developments that will require stronger IG Primary objectives: give citizens back the control of their personal data and simplify regulatory environment for international business Clients need to know where their data is stored Applies to foreign companies that process data of EU residents To meet GDPR obligations To proactively identify data that may present risk 9

2 How to Develop IG Programs? 10

Build on These Key Tenets Determine the information needed to achieve objectives Define organizational objectives (business, legal, regulatory) Dispose of the information when it is no longer valuable Ascertain the value of the information and when that value declines Organize information in the way best suited to meet objectives (access, security, privacy) 11

Five Guiding Principals of Information Governance An effective program controls costs, efficiencies, and legal risks 1. Protect and enhance your company: Mitigate risks and use valuable information 2. Each company is unique: Your solution needs to be customized to your company s objectives, aspirations, needs, budget, structure, and vulnerabilities 3. Consider the impact: Approach the project in an integrated manner, avoiding piecemeal or compartmentalized solutions 4. Cooperation is critical: Work with stakeholders throughout the organization (e.g., Legal, Sales, Research and Development, Human Resources, etc.) because information challenges often transcend departments 5. Think global: In a world where business, legal and technological issues are inherently cross-border in nature, a global approach to information management is essential. 12

Achieving Success in Information Governance Build a mature model around valuable data Map & Assess Find the data you are looking for. Analyze & Classify Understand the data that is there. Manage, Preserve & Remediate Eliminate the data noise. Build Context & Monitor Know what your data is telling you. Establish Enhanced Operating Model Make your data practices repeatable. Define, Implement, Integrate, Enhance & Enforce Policies & Practices 13

A Foundation for Success in Information Governance Breaking down a phased approach Assess Policies vs. Practices Existing Documentation Technical Environment Legal and business requirements Recent Data- Driven Events Plan Define or Refine Objectives Address Findings Select Technology Map tasks to timeline Assign team members Implement Prepare policies & documentation Create or enhance data map Improve data management standards Start discovery readiness program Address legal and regulatory requirements Train Finalize training plan Finish documentation Prepare Quick Reference Guides Prepare and conduct multimedia presentations Provide on-site, departmentlevel support Refresh Review program performance Evaluate current compliance Consider technical updates Make program updates Communicate to employees 14

3 IG Projects Companies are Undertaking Today 15

Transitioning from Reactive to Ready Use your last event as a starting point Convene key stakeholders and institute Information Governance Committee Basic, initial charter: Enhance litigation readiness Debrief your last ediscovery event to identify key lessons learned, do s and don ts Build a Legal Data Map for data sources from your last matter Focus on business units likely to be subject to future ediscovery Implement Discovery Management Program Legal Hold Process and Technology Assess, enhance and expand Legal Data Map Establish ediscovery standards for preservation, collection, processing, review and production Strategically Enhance Readiness Assess exposure of private information in the event unstructured or semi-structured data sources are breached (impact study of employee, customer, and proprietary data) Prioritize data mapping for other business units (subject to regulation; proprietary data; heavy data volumes) 16

First Steps to Implementing IG Programs Repurpose skill sets of current employees to IG Update policies and procedures, including review, support and approval at all levels Identify low-hanging fruit to foster reasonable, easy to understand and defensible processes Clearly communicate IG initiatives at all levels 17

What are Companies Doing Today? 18

Defensible Data Remediation WHAT IS IT? Defensible Deletion involves securely removing and destroying data Increasingly important IG measure to manage data retention EXAMPLES:» Removing old and unused legacy data systems» Eliminating personally identifiable information within company archives» Erasure verification services (EVS) analysis of erased data to determine if any data exists after an erasure has been performed 19

Intelligent Migration WHAT IS IT? Intelligent Migration helps organizations get smarter about the data they move or leave behind Another important IG measure that can help prioritize highvalue files and current legal holds EXAMPLES:» Processing data from legacy email archives» Provides metadata in records management systems, making data more easily searchable 20

Legal Hold WHAT IS IT? A Legal Hold preserves all forms of relevant information when litigation is reasonably anticipated An important factor of IG related to data retention EXAMPLES:» Legal departments look for ways to dispose of unnecessary data to lower costs associated with review while ensuring compliance with the legal hold 21

Ediscovery and Analytics for IG WHAT IS IT? Leveraging ediscovery and analytics technology to streamline the information governance process EXAMPLES:» Use of predictive coding» Auto-classification programs» A more recent development in IG, ediscovery and analytics technology can reduce costs when applied to IG data while organizing that data for future use» Can also help reduce the total volume of data across the IG program, as well as in legal matters 22

Information Governance, ediscovery, and Litigation Readiness 23

Summary Why implement or enhance your information governance program? Your most valuable assets are in your information You can leverage our decades of experience recovering, uncovering, and discovering valuable data You need to invest company assets in profitable endeavors 24

Conclusion IG changes a reactive process to a proactive process by understanding what information assets are available and the value that each asset provides Ediscovery is just one driver of IG other critical drivers: compliance, security, privacy In coming years, watch for increasing uptick of formal ownership of IG at the C-level (CIGO/CDO) 25

26

Eric Robinson, Kroll Ontrack Eric Robinson Solution Architect/Senior Consultant Richmond, Virginia Email: erobinson@krollontrack.com Phone: 804-615-0278 Eric Robinson is a Solution Architect and Senior Consultant. He is charged with consulting and collaborating with clients to identify challenges, create solutions and to implement those solutions to enhance client efficiencies, defensibility of process, risk management and cost reductions. He is a core member of KrolLDiscovery s Business Solutions, Information Governance and Discovery Readiness consulting teams engaging with clients on strategic and tactical projects. 27

Eric Robinson Solution Architect/Senior Consultant Richmond, Virginia erobinson@krollontrack.com T: 804-615-0278

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback