Adapting eDiscovery Software - Legal Technology LLC

Adapting eDiscovery Softwareto Achieve Governance Objectives BY GEORGE J. SOCHA, JR., ESQ.SOCHA CONSULTING LLC

Sponsored by:

THE PRACTICAL GUIDE TO REDUCE, REUSE, & REPURPOSE

E-DISCOVERY SOFTWARE

eDiscovery & Information Management

y:

EDUCE, REUSE, & REPURPOSE

SCOVERY SOFTWARE

overy & Information Management

Copyright © 2012 ZyLAB Technologies B.V. All rights reserved. No part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written consent of ZyLAB Technologies B.V. The information contained in this document is subject to change without notice. ZyLAB Technologies B.V. assumes no responsibility for any errors that may appear. All computer software programs, including but not limited to microcode, described in this document are furnished under a license, and may be used or copied only in accordance with the terms of such license. ZyLAB Technologies B.V. either owns or has the right to license the eDiscovery computer software programs described in this document. ZyLAB Technologies B.V. retains all rights, title and interest in the computer software programs.

This White Paper is for informational purposes only. ZyLAB Technologies B.V. makes no warranties, expressed or implied, by operation of law or otherwise, relating to this document, the products or the computer software programs described herein. ZYLAB TECHNOLOGIES B.V. DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. In no event shall ZyLAB Technologies B.V. be liable for (a) incidental, indirect, special, or consequential damages or (b) any damages whatsoever resulting from the loss of use, data or profits, arising out of this document, even if advised of the possibility of such damages.

ZyLAB is a registered trademark of ZyLAB Technologies BV. All other brand and product names are trademarks or registered trademarks of their respective companies.

Copyright

3 Foreword by Mary Mack, Esq.4 Introduction4 The eDiscovery Process

4 eDiscovery Defined5 An Overview of the eDiscovery Process

The Triggering EventPresentationProductionIdentification, Preservation & CollectionProcessingReview & AnalysisProject & Process ManagementInformation Management / Information Governance

10 eDiscovery Versus Information Governance10 Information Governance Defined

ARMA GARP PrinciplesARMA Information Governance Maturity ModelInformation Governance Reference Model (IGRM)Tying GARP, Maturity Model & IGRM Together

17 The Differences Between eDiscovery & Information GovernanceInformation Governance Has No Beginning & No EndeDiscovery as a Specific Information Governance FunctioneDiscovery as a Connector to the Outside World

19 Repurposing eDiscovery Tools19 Applying eDiscovery Methodologies for More Effective Information Governance20 The EDRM as an IG Template

Identification, Preservation & CollectionProcessingReviewAnalysisProduction

28 Implementing a New Tool for eDiscovery & IGMake Sure You Have Buy-inInclude Key StakeholdersProcesses, People AND TechnologyWhere You Are Today, Where You Want to Be, and How to Get ThereCosts - Hard and SoftStart SmallTest and Re-Test

31 Conclusion31 ZyLAB eDiscovery & Information Management Software

Table of Contents

Dear Colleague,

George Socha has been thinking-ahead for several decades, combining his trial acumen with his love of computers. He and his colleague, Tom Gelbmann, formed the EDRM community which yielded the ubiquitous EDRM—the drawing in every sales presentation—which has brought order to the chaos of eDiscovery. In this report, George moves the conversation from the process-centric and reactive “tam-ing-of-the-wild eDiscovery beast”, to the whole- systems view of information governance.

Savvy eDiscovery providers have long been talking about the cost savings of reuse of work product, the risk reduction of consistent privilege calls and the ability to use eDiscovery software for other informa-tion projects. In fact, many an information governance system has been paid for by the “no choice” sunk cost of eDiscovery software or services. But with the right eDiscovery system, they aren’t sunk costs; Once the tools are in place and people are trained, the ROI on information governance projects is much easier to obtain.

Use this seminal work as a foundation for your own internal work, or to understand how your clients are beginning to think about information, and its place in the corporate ecosystem. While not everything will apply to your particular organization and challenge, there will undoubtedly be a paradigm, a calcula-tion, a tool, a worksheet or a roadmap you can use to save some time and money.

At ZyLAB, home of the Gartner Leading eDiscovery and Information Management software, we are eager for your feedback about this document and about how we might help you truly govern your infor-mation assets – both in and outside the context of eDiscovery.

Whether you are starting an information disposition project, a rational legal hold project, or whether you just want to start collecting the work product and redacted TIFFs from the distributed network of service providers, we welcome an opportunity to help you on your journey to stop the tail from wagging the dog.

Warm regards,

Mary Mack, Esq.Enterprise Technology Counsel

Warm regards,

eDiscovery & Information Management

FOREWORD

Adapting eDiscovery Software to Achieve Governance:Sponsored by:A PRACTICAL GUIDE by George J. Socha, Jr., Esq. 4

INTRODUCTIONAs organizations and individuals, we have too much information. Too often, we don’t know what we have, where it came from, where it has gone to, what has been done with it, where it is located today, and when it should be disposed of. Our attempts to govern it feel Sisyphean. We labor to roll the data up to the summit of Mount Control, only to have it barrel back over us yet again. No one seems to be accountable for the data. We aren’t sure that we can vouch for the data’s authenticity or integrity. We don’t know whether we are staying on the safe side of the myriad laws, and other authorities control how we are supposed to handle our data.

This paper offers suggestions for how to use e-dis-covery tools to better address those challenges. The paper starts with the e-discovery process. From there it moves into a comparison of e-discovery and infor-mation governance, paying particular attention to the

interplay between ARMA International’s Generally Ac-cepted Recordkeeping Principles® (GARP), its Maturity Model, and EDRM’s Information Governance Refer-ence Model. The third section discusses repurpos-ing e-discovery tools to suit information governance needs, and the final section looks at some of the is-sues to consider when implementing e-discovery tools.

THE E-DISCOVERY PROCESSE-DISCOVERY DEFINEDDiscovery is a process where information is identi-fied, preserved and/or collected, processed, reviewed, analyzed, produced and ultimately presented. More effective management of information by an organiza-tion or individual prior to the initiation of discovery can translate into a smoother discovery process, lower costs and risks, and a higher quality result.

“More effective management of information ... prior to the initiation of discovery can translate into a smoother discovery process, lower costs and risks, and a higher quality result.”

Figure 1. Electronic Discovery Reference Model / (c) 2009 / v2.0 / edrm.net


Historically, discovery focused on information stored in three ways: in people’s heads, in tangible objects, and on paper. Today, that focus ought to include electroni-cally stored information (“ESI”).

AN OVERVIEW OF THE E-DISCOVERY PROCESSFirst published in 2005, the EDRM diagram (see Figure 1 on page 4) provides a framework to use when at-tempting to address e-discovery needs. The rest of this section will step through that diagram. For more detailed information about the diagram and its stages, go to www.edrm.net. Often discussions of the EDRM diagram start with the left-most box and move to the right, but we are going to go through the boxes in a different order in this document.

The Triggering EventGenerally an e-discovery process is launched as the result of a triggering event.

A triggering event might be the anticipated or actual onset of a lawsuit. It might be the first steps in an an-ticipated or actual government investigation, merger or acquisition, or similar activity. Or it might be the deci-sion to conduct an internal investigation.

Whatever form it takes, the triggering event signals the time to begin taking action. What action you can take will depend on the extent to which you already have in place the appropriate processes, people and technol-ogy.

PresentationAlthough the last box in the EDRM diagram, presenta-tion is the conceptual starting point of any e-discovery activity.

A defense attorney upon first receiving the complaint in a new lawsuit might start by preparing draft jury instructions. In the same way, if you are responding to a triggering event then you ought to begin by trying to map out the most likely ways in which ESI ultimately will be presented to an audience.

Factors to consider include:

• The type of audience: Common examples are clients, interviewees, your fact witnesses, oppos-ing parties’ fact witnesses, your expert witness-es, opposing parties’ expert witnesses, media-tors, arbitrators, neutral experts, special masters, trial court judges, juries, and appellate judges.

“Although the last box in the EDRM diagram, presentation is the conceptual starting point of any e-discovery activity.”


• The type of ESI to be presented to the audi-ence: Common examples are email messages, word processing files, spreadsheet files, presen-tation files, picture files, databases, audio files, and video files.

• The specific content that matters in your presentation: With a spreadsheet file, for ex-ample, do you want to show how a formula func-tions, what happens when a filter is changed, or a PivotTable is modified? With a website, do you want to be able to follow hyperlinks? Does the file contain embedded audio or video that you want to play to the audience?

• The extent to which a “native” depiction of the ESI matters: Does the look and feel of the file matter? Or do you just need to get across some content without great concern for the format?

ProductionWorking back from presentation, you should address form-of-production issues because the form chosen for production may limit the presentation options.

There are four forms of production (which also are the four forms used in presentation):

• Native: Files produced in their “native” form are ones produced in the same form they were in when they were identified during the earlier stages of the e-discovery process. Common examples are standard office files (spreadsheets, word processing files, and presentation files); smaller database files; and image files (.jpg, .gif, .png, etc.).

• Near-native: Files produced in a “near-native” form are ones produced in a form similar to but not the same as their “native” form. Most so-called “native” productions of email messages actually are “near-native” productions. An in-dividual email message might start as part of a Microsoft .pst or a Lotus Notes .nsf file. It gets extracted from that file, probably along with quite a few other messages. It gets converted into some other form to facilitate review - .eml or .htm, for example. During the review process it gets selected as a relevant, non-privileged file to produce to the other side. For production, it might get stuffed back into a .pst or an .mbox container and be produced that way – a “near-native” production. Or it might be produced in one of the various forms commonly used for single email messages - .msg, .eml, etc. – again a “near-native” production.

Another common example of near-native production is when you start with a large, complex or proprietary database, extract a subset of information from that da-tabase, and produce that subset as an Access file, an Excel file, or something similar. Most of the functional-

“Any given production of files might contain multiple forms of production, for example with spreadsheets produced in native form, databases in near-native, redacted email messages as .tif images.”


ity is maintained, but with a form that may be more reasonably useable.

• Near-paper: Files produced in “near-paper” form are ones that have been converted to an image format, typically .tif or .pdf. Think of it as paper-on-a-screen. Often the image files are accompanied by extracted text and/or extracted metadata.

• Paper: The “traditional” way to produce ESI is to print it to paper, apply a Bates number to each page, and make a copy. One copy then gets produced to the other side and the second copy is kept by the producing party. Sometimes another copy is made and kept by the producing party, to be used as a backup should something happen to the working copy.

Generally, any given file is produced to the other side in only one of these forms. For example, if an Excel spreadsheet is produced as an .xlsx file it generally is not also produced as a .tif file.

At that same time, any given production of files might contain multiple forms of production, for example with spreadsheets produced in native form, databases in near-native, redacted email messages as .tif images.

Whatever the form of production, produced files regularly are accompanied by load files. A load file is a computer file containing information needed to load the produced files and accompanying data (text, meta-data, etc.) into software programs designed for litiga-tion support or electronic discovery. There are many different load file types from which to choose, most are designed for use primarily with one specific software program.

Identification, Preservation & CollectionFrom production we return to the first steps after the triggering event: Identification, Preservation and Col-lection. These three can be treated as a group. Within these three boxes fit both the legal hold process and the actively inaptly named “early case assessment” which is better referred to as “early data assessment.”

Identification entails determining what types and sources of ESI may warrant further attention. Types and sources to consider include:

• Custodians – individual; organizational; legacy; non-party; and expert

• Systems – communications, including email; data storage; backup; content management and archival; legal; and user

• Formats – communications; storage; office; structured data; graphics; audio; video; foreign language; residual data; system-created data; markup language files; programming source code; and operating system and program files

“[Preservation] always takes place in an environ-ment where goals and expectations can shift with no notice and where everyone involved is working with fragmentary information.”


• Media types – hard drives; tapes; optical me-dia; flash drives and memory cards; floppy disks and other legacy formats; mobile communication devices; and third-party storage.

For a more detailed list, go to the EDRM Metrics Code Set at www.edrm.net/1532.

Preservation is the process of isolating and protecting potentially relevant ESI located during the identification stage. In theory, preservation ought to be conducted in a timely, legally defensible, proportionate, efficient, and auditable fashion. The practice is messy and challenging, as it always takes place in an environment where goals and expectations can shift with no notice and where everyone involved is working with fragmen-tary information.

Collection is the acquisition of ESI identified as poten-tially relevant, for further use in the matter. ESI might be collected from previously preserved materials, or the collection of ESI might also constitute its preservation.

Adequate identification often requires both gather-ing information from people and sending instructions to people. Sometimes this is the legal hold process. Sometimes it is part of a more expansive legal hold process that also includes preservation and collection. Sometimes it is an activity that happens in addition to or along side a legal hold process.

Similarly, to the extent ESI is evaluated during these early stages, that is, in essence, early data assess-ment: Look at the data early, look at it often, and try to figure out what it tells you about the matter you are handling.

ProcessingAt the processing stage, two broad ranges of activities take place. ESI is manipulated to make it more readily useable at the review and analysis stages, as well as sometimes to allow for its production in a more reason-ably usable form. Processing also involves steps to reduce the volume of ESI to be handled from that point on.

Common processing activities include extracting individual files from container files (such as .msg files from .pst files); indexing the text and metadata of files; converting non-machine-readable information into machine-readable information via Optical Character Recognition and similar technologies; identifying and isolating duplicate and sometimes near-duplicate files; and conversion of ESI from one format to another to better allow for indexing, viewing and the like.

Review & AnalysisReview focuses on two objectives – review for rel-evance and review for privilege.

Review often is performed as a linear process. Re-viewers are assigned batches of files, which they look at one virtual page at a time. There tends to be limited

“Increasingly a variety of techniques and technologies are used to speed up the review process and reduce the associated costs.”


communication between reviewers, and even less between the review team and the trial lawyers, mean-ing that review insights may have limited chances of influencing the case strategy.

Increasingly a variety of techniques and technologies are used to speed up the review process and reduce the associated costs. These include identifying dupli-cate and near-duplicate files, clustering together like materials, and most recently machine-assisted review tools like predictive coding and rules-based auto-coding.

Analysis has two goals: improving the discovery process by examining what actually happens at each stage, and evaluating ESI to better inform the handling of the substantive side of the case. Analysis ought to be a key part of every e-discovery project but it often falls by the wayside, a victim of high review costs.

Project & Process ManagementProject and process management are the glue holding the e-discovery process together.

One approach to tackling e-discovery project and process management is by following the EDRM Project Management Framework. That consists of two top-

level models – the project management team model and the project management process model.

The team model envisions collaboration at the project management level between the three types of enti-ties most frequently involved in e-discovery activities: clients, their law firms, and the providers delivering software and services to those other two groups.

The process model divides the management of e-dis-covery processes into seven phases: scoping, pre-liminary planning, team and vendor selection, detailed planning, startup, execution, and closeout.

For additional information, go to www.edrm.net/1526.

Information Management / Information GovernanceWhich takes us all the way to the left side of the EDRM diagram to information management and information governance. The fundamental idea here is that the

“The more effectively an organization governs and manages its ESI, the smoother the e-discovery process can go, the lower the risks and costs involved, and the higher the quality of the results.”

Figure 2. EDRM Project Management Framework


more effectively an organization governs and manages its ESI, the smoother the e-discovery process can go, the lower the risks and costs involved, and the higher the quality of the results.

E-DISCOVERY VERSUS INFORMATION GOVERNANCEINFORMATION GOVERNANCE DEFINEDAs defined by the Gartner Group, “Information gover-nance is the specification of decision rights and an ac-countability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and ef-ficient use of information in enabling an organization to achieve its goals.“1

There have been numerous attempts to set forth mod-els relating to information governance. Three discussed below are, from ARMA International2 (“ARMA”), its Generally Accepted Recordkeeping Principles® (“GARP®)3 and its Maturity Model of Information Gov-ernance4, and from EDRM, its Information Governance Reference Model (“IGRM”)5.

ARMA GARP® PrinciplesARMA’s eight GARP® principles are intended to guide activities used to effectively support an organization’s recordkeeping – activities such as record creation, organization, and security maintenance. The eight prin-ciples are shown in Figure 3 on page 11.

“[Information Governance] includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.”


“An organization shall maintain records in a manner that ensures efficient and accurate retrieval of needed information.”

ACCOUNTABILITY

TRANSPARENCY

INTEGRITY

PROTECTION

COMPLIANCE

AVAILABILITY

RETENTION

DISPOSITION

“An organization shall assign a senior executive who will oversee a record-keeping program and delegate program responsibility to appropriate individuals, adopt policies and procedures to guide personnel, and ensure program auditability.”

“The processes and activities of an organization’s recordkeeping program shall be documented in an understandable manner and be available to all personnel and appropriate interested parties.”

“A recordkeeping program shall be constructed so the records and infor-mation generated or managed by or for the organization have a reason-able and suitable guarantee of authenticity and reliability.”

“A recordkeeping program shall be constructed to ensure a reasonable level of protection to records and information that are private, confidential, privileged, secret, or essential to business continuity.”

“The recordkeeping program shall be constructed to comply with appli-cable laws and other binding authorities, as well as the organization’s policies.”

“An organization shall maintain records in a manner that ensures timely, efficient, and accurate retrieval of needed information.”

“An organization shall maintain its records and information for an appropri-ate time, taking into account legal, regulatory, fiscal, operational, and historical requirements.”

“An organization shall provide secure and appropriate disposition for records that are no longer required to be maintained by applicable laws and the organization’s policies.”

Figure 3. ARMA GARP Principles


ARMA Information Governance Maturity ModelBased on the GARP® principles, ARMA’s Maturity

Model of Information Governance defines key charac-teristics of recordkeeping programs. It describes five levels of information governance maturity.

“These organizations have recognized that effective information governance plays a critical role in cost containment, competitive advantage, and client service.”

“This level describes an environment where recordkeeping concerns are either not addressed at all, or are addressed in a very ad hoc manner. Organizations that identify primarily with these descriptions should be concerned that their programs will not meet legal or regulatory scrutiny.”

“This level describes an environment where there is a developing recog-nition that recordkeeping has an impact on the organization, and that the organization may benefit from a more defined information gover-nance program. However, in Level 2, the organization is still vulnerable to legal or regulatory scrutiny since practices are ill-defined and still largely ad hoc in nature.”

“This level describes the essential or minimum requirements that must be addressed in order to meet the organization's legal and regulatory require-ments. Level 3 is characterized by defined policies and procedures, and more specific decisions taken to improve recordkeeping. However, organi-zations that identify primarily with Level 3 descriptions may still be missing significant opportunities for streamlining business and controlling costs.”

LEVEL 1 (SUB-STANDARD)

LEVEL 2(IN DEVELOPMENT)

LEVEL 3(ESSENTIAL)

LEVEL 4(PROACTIVE)

“This level describes an organization that is initiating information gover-nance program improvements throughout its business operations. Infor-mation governance issues and considerations are integrated into business decisions on a routine basis, and the organization easily meets its legal and regulatory requirements. Organizations that identify primarily with these descriptions should begin to consider the business benefits of information availability in transforming their organizations globally.”

“This level describes an organization that has integrated information gov-ernance into its overall corporate infrastructure and business processes to such an extent that compliance with the program requirements is routine. These organizations have recognized that effective information gover-nance plays a critical role in cost containment, competitive advantage, and client service.”

LEVEL 5(TRANSFORMATIONAL)

Figure 4: ARMA Maturity Model


Information Governance Reference Model (IGRM)EDRM’s Information Governance Reference Model (IGRM) depicts a framework for unified information governance by an organization’s leadership and key stakeholders. The model is intended (a) to offer guid-

ance to Legal, IT, Records Management, line-of-busi-ness leaders and other business stakeholders within organizations and (b) to facilitate dialogue among these stakeholders by providing a common language and reference for discussion and decision-making based on the needs of the organization.

“EDRM’s Information Governance Reference Model (IGRM) depicts a framework for unified information governance by an organization’s leadership and key stakeholders./”

Figure 5. information Governance Reference model / (c) 2011 / v2.1 / edrm.net


The Outer Ring. The IGRM diagram focuses on three key sets of stakeholders – those who generate, act on, and ultimately dispose of information.

• Business users who need information to operate the organization.

• IT departments who must implement the me-chanics of information management.

• Legal, risk, and regulatory departments who understand the organization’s duty to preserve information beyond its immediate business value.

The Center. Information basics are located in the center of the IGRM diagram:

• Create and use information – primarily a business function.

• Store and secure information – in large part an IT function.

• Hold and discovery information – often managed by legal and/or RIM.

• Retain and archive and then ultimately dispose of information – responsibilities that fall on all groups.

Business Users: Lines of business create and use information. They bear primary responsibility for defin-ing and declaring the specific value of information to the organization.

Lines of business have interest in information propor-tional to the information’s value – the degree to which the information helps drive the purpose of the enter-prise.

“Lines of business create and use information. They bear primary responsibility for defining and declaring the specific value of information to the organization.”


Once the information’s business value is gone, busi-ness users quickly lose interest in managing the infor-mation, cleaning it up, or paying for its storage.

IT Departments: IT stores and secures information under its management.

IT personnel tend to focus on efficiency and they typi-cally are under great pressure to increase efficiency while also lowering cost.

IT personnel need business users to tell them what information has business value to the organization, and they need legal and RIM personnel to identify the du-ties with which they should comply as they store and secure the information.

Legal and Records Information Management: Legal and RIM typically are charged with managing risk for the company, including risk associated with infor-mation under the company’s control.

Legal bears primary responsibility for defining what information to put on hold, in response to a lawsuit, for example, as well as what data to collect and when to collect it for discovery purposes.

RIM is responsible for ensuring that the organiza-tion meets it regulatory obligations with respect to its information, including retention and archiving of that information.

Tying GARP, Maturity Model & IGRM TogetherEffective information governance works best with a continuous focus, hence the circular nature of the IGRM diagram as opposed to the workflow-like struc-ture of the EDRM diagram. Information governance

“Effective information governance works best with a continuous focus, hence the circular nature of the IGRM diagram as opposed to the workflow-like structure of the EDRM diagram.”


also becomes more effective as it becomes more comprehensive in its reach, spreading throughout the organization.

Combining the IGRM diagram with the GARP® prin-ciples and the Maturity Model can bring all three ap-proaches into sharper focus.

The Figure 6 shows how a mature organization might assign ownership of each of the GARP® principles to the key IGRM stakeholders

For an organization at the highest level of the Maturity Model, the following would be expected:

Accountability: Primary owner: Business. Second-ary owner: RIM. The organization’s senior manage-ment and its governing board emphasize the impor-tance to all of effective information governance. One of the organization’s senior officers directs the orga-

nization’s information governance program – a chief risk officer, chief compliance officer, chief information officer, or similar. In turn, that person works with the organization’s recordkeeping professionals, IT person-nel, and the like to ensure that the organization’s stated accountability goals are being met.

Transparency: Owners: All. Senior personnel in all the stakeholder areas – business, IT, RIM and legal – consider transparency to be a key component of effective information governance. They have people, processes and technology in place to ensure that the organization’s information governance program is documented in an understandable manner and is avail-able to all personnel and appropriate interested parties. They make continuous improvement in the program. Personnel and interested parties indicate consistent satisfaction with the program.

“Information governance permeates all aspects of how an organization creates or receives, uses and ultimately disposes of information.”

Figure 6. IGRM, GARP, and Maturity Model combined.


Integrity: Owners: All. The organization has a formal, defined process for introducing new information gover-nance systems and for providing reasonable and suit-able guarantees that the information governed through those systems is authentic and reliable.

Protection: Primary owner: IT. The organization is committed to effective protection of its information. Its audit information is regularly examined, with continuous improvement undertaken based on the results. Inap-propriate or inadvertent loss or disclosure of informa-tion is rare.

Compliance: Primary owner: Legal. Secondary owners: IT and RIM. Legal is best placed to identify and interpret laws and other authorities with which the organization must comply as it governs its information, and to define the actions to be taken. IT and RIM ex-ecute and monitor, with all groups working on continu-ous improvement.

Availability: Primary owners: IT and RIM. IT imple-ments the information governance requirements for the organization, ensuring timely, efficient and accurate retrieval of needed information. RIM helps manage the organization’s information assets through the use of tools such as taxonomies, file plans and data maps.

Retention: Primary owner: RIM. Secondary owners: IT and Legal. RIM manages continuously improving systems to ensure that information is maintained for an appropriate time, taking into consideration legal, regu-latory, fiscal, operational and historical requirements. IT assists with execution, making sure systems are capable of meeting retention needs, and Legal helps determine legal retention obligations.

Disposition: Primary owner: RIM. Secondary owner:

IT. RIM facilitates secure and appropriate disposition of information the organization no longer is required to keep pursuant to applicable laws and the organiza-tion’s policies, making sure that a transparent process is used by and for all stakeholders. IT supports execu-tion of the disposition function.

THE DIFFERENCES BETWEEN E-DISCOVERY & INFORMATION GOVERNANCEInformation Governance Has No Beginning & No EndAs suggested by the circular nature of the IGRM diagram, information governance has no beginning, no end. Rather, information governance permeates all aspects of how an organization creates or receives, uses and ultimately disposes of information.

Perspectives differ by stakeholder. Business personnel focus on using information to generate profit or other-wise help the organization achieve its core business objectives. If one were to create an information gover-nance workflow for business users, it might start with their creation or receipt of data.

IT personnel are concerned with enabling efficient use of data, ensuring that business users can easily and effectively create, receive, find, and work with the data. An IT information governance workflow might begin with identification of new or updated business user IT needs as well as an assessment of current capabilities, and go from there.

Legal and RIM personnel need to consider how to help control risk to the organization from inappropriate or ineffective use of the business users’ data and the sys-

“E-discovery can be thought of as a specific function within a broader information governance framework. Unlike the information governance writ large, e-discov-ery processes can and should look like workflows.”


tems put in place and managed by IT. For Legal and RIM, an information governance workflow might have risk identification as one of its first steps.

For all three groups, there is no real exit. As long as the organization continues to function, their information governance needs continue.

E-Discovery as a Specific Information Governance FunctionE-discovery can be thought of as a specific function within a broader information governance framework. Unlike the information governance writ large, e-discov-ery processes can and should look like workflows.

Because the triggering event for an e-discovery activity typically is a lawsuit or regulatory action, Legal person-nel usually are the primary drivers. They play a major role in defining the processes to be followed. They have varying levels of involvement in the execution of those processes. If the processes are called into ques-tion – by opposing counsel, for example – Legal bears the brunt of addressing those challenges.

Legal personnel often ask IT personnel to help them identify what data to look for and where to find it, the theory being that IT personnel generally are best placed to figure out the multitudinous places where data might be squirreled away. Legal often asks IT to help preserve and collect data – something the orga-nization’s IT personnel might, or might not, be well po-sitioned to do. Legal may ask IT to process the data, although that operation is often delegated to law firms or e-discovery providers.

Legal personnel sometimes call upon RIM for assis-tance, most commonly to assist with identification and preservation of data at the onset of a matter, or the

largely hypothetical disposition of data at the conclu-sion of the matter.

The degree to which Legal involves business personnel varies greatly. The variance is due to factors such as differences in whose budgets pay for discovery activi-ties; the level of the business personnel’s involvement in the handling of the lawsuit; the extent to which Legal needs to get information from the business units about what led to the lawsuit; and the extent to which per-sonnel from the business units have a say in how the litigation is handled.

For each of the activities discussed above, effective information governance ought to lead to higher quality and lower cost processes. In theory, at least, process-es will have been defined ahead of time, tested, and refined. Tools suitable to the necessary tasks will have been identified, evaluated, and implemented. People – both within and outside the organization – will have been chosen and prepared so that they are able to make timely and cost-effective use of those tools and processes.

E-Discovery as a Connector to the Outside WorldE-discovery also is a connector with the outside world. By definition, most e-discovery activities require that the organization deliver some portion of its information to people outside the organization.

Some of the recipients are “friendly” entities – the law firm, or law firms, representing the organization; e-dis-covery providers working directly with the organization – usually its legal department – or ones working with the organization’s outside counsel; expert witnesses engaged by the organization or its outside counsel;

“The higher the level of an organization’s infor-mation governance ... the greater the chances it will be able to control risks even as it sends its data to these various outside entities.”


and so on.

Other recipients are nominally neutral: mediators, arbi-trators, judges, juries and the like.

Yet other recipients are potentially hostile – such as regulatory agencies – or clearly so – such as opposing counsel.

The higher the level of an organization’s information governance, as described by ARMA’s Maturity Model, the greater the chances that it will be able to control risks even as it sends its data to these various outside entities.

REPURPOSING E-DISCOVERY TOOLSIf your organization already has tools it uses for “tra-ditional” e-discovery activities (from triggering event on), you may be able to use those same tools for better information governance as well. They can help you clean up legacy data, for example, or assist with your efforts to move information governance initiatives forward.

APPLYING E-DISCOVERY METHODOLOGIES FOR MORE EFFECTIVE GOVERNANCEThe EDRM framework can help to facilitate more effec-tive information governance. For example, per ARMA’s Maturity Model and its GARP Principle of Compliance, in an organization at the highest level of information governance maturity,

“The recordkeeping program shall be constructed to comply with applicable laws and other binding authori-

ties, as well as the organization’s policies.”

To accomplish this, senior management should have established and should be monitoring auditing and continuous improvement processes. In order to carry out that objective, senior management needs the collaborative efforts of all the stakeholders discussed above – Business, IT, RIM, and Legal – often with Legal at the helm.

For those efforts to succeed, the stakeholders most likely will end up following a process very similar to the one laid out with the EDRM diagram. To audit compli-ance efforts and work on continuous improvement, they will need to:

• Identify which aspects of the recordkeeping program to focus on, as attempting to encom-pass the entire program at once probably will be too much to take on, identify the laws that apply to those aspects of the program, identify other applicable binding authorities, and identify the organization’s own policies that apply in these circumstances.

• Preserve information about the program and its implementation, as examining a point in time is likely to be much easier than attempting to exam-ine a constantly changing undertaking.

• Process the collected data, both to reduce the volume of information to be evaluated through efforts such as locating and setting aside dupli-cates, and to make the information more easily evaluated by converting portions of it to more readily used formats if that is necessary.

• Analyze the data, the better to understand the

“If your organization already has tools it uses for ‘traditional’ e-discovery activities (from triggering event on), you may be able to use those same tools for better information governance as well.”


effectiveness of the compliance efforts. Look for gaps and patterns indicating potential failures to comply, for example, areas where compliance was overlooking, or opportunities to improve compliance protocols.

• Produce a portion of the data to others, such as senior management, so that they are able to turn to it as they assess the presentations delivered to them.

• Present a portion of the produced data to a specific audience, such as senior management, as part of a larger presentation about whether and how much the organization’s recordkeeping program actually complies with applicable laws, other binding authorities, and the organization’s own policies.

THE EDRM AS AN IG TEMPLATEThe EDRM framework can be used as a template for more effective information governance. If you look at information governance through EDRM lenses, you can begin to see how to use e-discovery tools to assist with information governance activities.

While which e-discovery software you use to assist you in your efforts at governing your information and how you use it are controlled by your particular circum-stances, the possibilities are great, limited mostly only by your imagination.

The following are descriptions of the types of e-discov-ery tools your organization might be using today and more specific examples of how they can be leveraged for information governance.

Identification, Preservation & CollectionThe first set of programs fall in the broad identification-preservation-collection grouping. Some of these programs cover two or more of those areas. Depend-ing on the combination and the use to which they are put, they often are put into one of two buckets – legal hold and so-called “early case assessment” (better described as early data assessment).

Identification software: Identification software gen-erally is designed to examine one or more sources of data and report back results of the examination.

Data sources can be places were data is stored. Common examples include hard drives of desktop or notebook computers, tablets, phones, etc.; server hard drives; storage devices attached to servers; removable hard drives; flash drives; and tapes.

Data sources also can be systems – email systems, content management systems, human resources sys-tems, and so on.

Reports from identification software can cover the full gamut of information available for these programs to ingest, but frequently focus on a few key areas. These include:

• Systems information: Names of systems, types and volume of data associated with sys-tems, system users, etc.

• File information: Number of files, number of files by type, number of files by size, etc.

• Custodian information: Names, volumes of data per custodian, file types and counts per custodian, etc.

“Preservation software typically is used to help ensure that selected ESI is protected against inadvertent alteration or destruction.”


• Dates: Oldest files, most recent files, date distri-butions, etc.

• With some systems, word information: Word and phrases counts, frequency, proximity to related words, etc.

Preservation software: Preservation software typical-ly is used to help ensure that selected ESI is protected against inadvertent alteration or destruction. While the goal does not change much from one program to the next, other factors do. These include:

• “Forensic” versus “non-forensic”: Software specifically designed to preserve ESI for dis-covery purposes usually is set up to allow us-ers to make forensic copies of data – exact bit by bit copies of all or portions of a hard drive. That software usually also can be used to make copies of drives or files where only active data is preserved but where the preservation is per-formed using forensically sound procedures. At times ESI is preserved using software not de-signed with these capabilities in mind, creating what can be called “non-forensic” copies of the data. There is not one correct answer for which approach to take.

• Software that must be used locally versus software that can be used remotely: Some preservation software needs to be used by someone with direct physical access to the data that is to be preserved. Other programs can be deployed across a network, sent via email, or delivered on a flash drive.

• Attended versus unattended: Some preser-vation software requires a person to be actively

involved during the preservation process. Other software can be programmed to operate without contemporaneous human involvement – set to start running at a specific time, for example.

• Overt versus covert: With some preservation software, it is obvious to the user’s whose data is being preserved that preservation is taking place. With other programs, data can be preserved with the end user not realizing that anything has been done.

“If a tool can be used to look at ESI only after the ESI already has been identified, preserved, collected, and processed, “early” has long since gone by the wayside.”

Use eDiscovery for IG:

RIM personnel seeking to ensure appropriate

disposition of ESI can turn to quite a few e-

discovery tools to help them meet their objec-

tives. Identification, preservation and collec-

tion tools can help with locating ESI that is

supposed to be slated for disposition. Process-

ing software can be used to make a subset

of that ESI more readily evaluated, perhaps

to look for gaps in the process used

by the organization to move data

through its entire lifecycle in a

reliable and cost-effective fash-

ion. Analysis tools can facilitate

the evaluation.


Collection software: Collection software is any soft-ware used to collect data to be used for additional pur-poses. The software used to preserve ESI often also is the software used to collect data. At times, however, different programs are used. A common example of this is the class of software programs used to collect information from databases.

Legal hold software: Legal hold software is designed to assist with the legal hold process. Legal hold soft-ware programs differ in the breadth. Areas addressed may include:

• Identification of potential custodians: Some legal hold programs are set up to be used as a means of identifying custodian who potentially ought to received hold notices. Some programs do this by connecting with other software pro-grams maintained by the organization, such as Active Directory. Others do this by maintaining their own independent databases that can be searched for custodians.

• Assistance with notice preparation: Most legal hold programs let users generate legal hold notices. These programs might have templates that can be used as a quick-start mechanism and that can be modified as needed. Some give users the ability to create notices using previously prepared pieces. In essence, they are special-ized document assembly programs.

• Notice delivery and tracking capabilities: Most legal hold programs have a component that allows users to send legal hold notices to a set of custodians and then track actions taken by the custodians. The specifics vary greatly from one

program to the next.

• Re-notification capabilities: Generally, legal hold programs are designed to assist users with regularly sending repeat notices.

• Preservation and/or Collection capabilities: Some legal hold programs also are designed to give users the ability to preserve and/or collect ESI that custodians indicate should be held pur-suant to a notice. Here, too, the specifics vary greatly.

Early data assessment software: Many of the pur-veyors of so-called “early case assessment” software position their offerings in the identification-preservation-collection area.

More appropriately referred to as early data assess-ment programs (if, indeed, that is what they are), these offerings need to be scrutinized closely. Too many of them cannot be used early. If a tool can be used to look at ESI only after the ESI already has been identi-fied, preserved, collected, and processed, “early” has long since gone by the wayside. Only if the tools per-mit users to take some portion of data and examine it before an activity is well underway do they deserve the descriptor “early.”

Most of these tools are not designed to facilitate as-sessment of a case, only of ESI. They do not encom-pass areas such as whether these parties have litigated against each other in the past, and how that went; whether it makes sense to handle the matter internally or to send it to outside counsel; if outside counsel are to be used, which ones to consider; whether insurance coverage is available, under what circumstances, and how much; and so forth. Only programs that assist

“The essential idea is that ESI is transformed from the form in which it was found into a form that is more readily used in the e-discovery context.”


with that type of assessment should be called “early case assessment” tools.

The better of these early data assessment tools allow for various forms of in-depth analyses of ESI. Then, a wide variety of options opens up.

ProcessingProcessing software serves five basic functions in the e-discovery arena: reducing the size of a dataset; con-verting data from a less usable format to a more usable one; extracting data; normalizing data; and indexing it.

Reducing data volumes: Processing software pro-grams use a variety of mechanisms to reduce the amount of data that is delivered to the next stage. Some of these are:

• De-duplication: Locating exact copies of files, and then passing only one copy for review, etc.

• Near de-duplication: Locating files that are similar to each other, then based on rules es-tablished for that matter, taking actions such as grouping similar files together or passing only a subset of the similar files.

• Date range: Locating files with data attributes that fall outside designated ranges.

• File type: Locating files by type and treating types according to rules established for the mat-ter.

• Custodian: Including or excluding files based on custodian.

Converting data: Data conversion as a part of pro-cessing covers a wide sweep of activities, but the

essential idea is that ESI is transformed from the form in which it was found into a form that is more readily used in the e-discovery context. These activities can include:

• Restoration of data from backups and archives

• Extraction of the contents of container files (.pst, .ost, .nsf and the like for email and .zip, .tar and .rar and so on more generally)

• Conversion of data from legacy formats into modern ones.


Any attempts at assessing information to

be governed likely will end up requiring the

same five functions – reduction, conversion,

extraction, normalization and indexing – for

a least test bodies of data. Gathering a test

body of data and processing it as described

above makes it available for rapid-fire ana-

lytical exercises designed to better under-

stand how an organization actually handles

its data. That understanding can be used to

help form more achievable information gover-

nance objectives. It also can be used to

evaluate the effectiveness of infor-

mation governance programs.

“The better of these early data assessment tools allow for various forms of in-depth analyses of ESI, Then a wide variety of options opens up.”


Extracting data: Typically e-discovery processing software is designed to extract at least two types of information from computer files, metadata and text. Some programs attempt to extract all available metadata and text, some just limited portions. Some attempt to extract yet other components, such as im-ages within files.

Normalizing data: E-discovery processing software often is used to normalize portions of the data be-ing processed. Although data normalization means different things to different people, here it is meant to describe processes used to reorganize or restructure similar sets of data so that they can be more effec-tively evaluated. For example, date information can be normalized in several ways. It can be put in a stan-dardized format, so that “Sept. 3, 2010,” “3 Septem-ber 2010” and “9/3/10” all are set to the same format, “2010/09/03,” for example.

Indexing data: E-discovery processing software almost always indexes data. To oversimplify greatly, indexing is a process whereby file contents are broken down into their component parts. Each part (such as the string of text “discovery”) is associated with a key (such as “001”). Each key is stored in an index file, along with pointers to all locations where the associ-ated text is located. When you perform a search, the software searches the keys, not the actual files.

When data is indexed and the indices rather than the underlying files are searched, searches can be per-formed much faster. Additional types of searches also can be performed, including:

• Boolean• Combined word• Concept

• Full text• Fuzzy text• Natural language• Pattern-based• Phonic• Proximity• Range• Relevance• Similar text and similar file• Stemming• Synonym• Term• Topical.

ReviewIn the e-discovery context, review software is used to help determine responsive files to produce and privileged files to withhold from production. Review software tends to be highly specialized, intended to optimize the review process.

Control: Review software usually is built to deliver a high degree of control to those running the review pro-cess. Those with administrative or similar rights can control such things as:

• Who has access to the system, what level of access they have, what they can see, and what they can do

• The options that are available to the various types of users

• Whether one action forces limits or directs users to other actions (e.g., a file tagged as responsive cannot also be tagged as non-responsive)

• Whether reviewers can download copies of files they are reviewing.

“Analysis and the use of analytical software tend to be used in two ways – to analyze content, and to analyze processes.”


Efficiency: Review platforms usually are designed to help maximize review rates. Software developers strive to make their systems operate as quickly as possible, for example, and try to structure user interfaces to minimize the number of actions a reviewer has to take to review a file.

Security: Most review systems have various levels of security built into them.

Metrics: Many review systems track actions taken by reviewers – what decisions they made, how long it took them to make those decisions, and so on. These metrics then are generally available to users with supervisory or administrative rights. In theory, those people use that data to further optimize the review process.

Organizing for review: Most review platforms allow users with administrative or supervisory rights to or-ganize materials so as to permit more effective review. Files can be organized in batches to control workflow and help reviewers and their managers measure their progress. Similar files might be grouped together, or files for a specific custodian.

Standalone versus dependent: Some review soft-ware programs stand by themselves, and can be obtained and used at whatever location is most ap-propriate – provided the software is capable of being installed at that location. These programs might be found in any of the following settings:

• Hosted by a service provider: Service provid-ers routinely install review platforms on their own networks, and then sell access to those hosted systems to law firm, corporate and governmen-tal users. Service providers also install review

platforms on third-party networks, and sell both access to and management of those systems to the same range of users.

• Hosted by a law firm: Law firms sometimes access review platforms via service providers, but sometimes they install the platforms on their own networks or on third-party networks where they maintain control of the systems.

• Hosted by an end user organization: Corpo-rations, governmental entities, and other end-user organizations tend to depend on service providers or law firms to host review platforms and then provide end user access as desired. Some end-user organizations, however, go a different route, installing the review platforms on their own networks or on third-party networks that they control.

“Performing these activities multiple times throughout the life of the litigation is far more effective than per-forming them just once, for each time the results offer counsel the chance to correct its course of action.”


Review typically does not have a

direct counterpart in the informa-

tion governance world. Nonethe-

less, review tools can be used for

analytical purposes, as discussed

in this section.

Sponsored by:


• Hosted “in the cloud”: Review platforms can also be hosted in the cloud. In essence, hosting in the cloud is a variant of hosting on a third-party network. One of the biggest differences is the question of where the data actually is stored. Those considering using the cloud to host data need to look at this and similar issues closely, and look at them before they enter into a service level agreement (“SLA”) or similar arrangement.

Other review software programs are available only in conjunction with a set of services. In this scenario, a consumer sends its ESI to a provider. The provider processes the data. The same provider loads the pro-cessed data into its proprietary review platform, which is hosted on that provider’s networks or on third-party networks that the provider controls. Reviewers and other platform users are given access to the review platform. As reviewers and others work with the ESI, information about their actions is stored in the propri-etary system.

Form of review: Review platforms deliver ESI for review in three forms: near-paper, near-native, and na-tive. Increasingly, platforms offer all three options.

• Near-paper: Near-paper comes in two flavors, .tif and .pdf. For many organizations and review-ers, this is the most comfortable format. It looks familiar, as it is essentially paper on the screen. Because each file is converted into a series of pages, each page can have a Bates number as-signed to it. And near-paper versions of ESI are comparatively easily redacted and annotated.

• Near-native: Because near-paper representa-tions of ESI mimic the paper printouts of these

files, they can be subject to any of the limitations of paper. It is harder to maintain hypertext links; normalize names and dates; allow formulas, columns and similar elements to be revealed or hidden; and make use of other functions found in native files but not on paper printouts. Near-native presentations of ESI vary – sometimes files are converted to an HTML form and displayed as if in a web browser; at other times they are displayed through the use of specialized software programs that mimic the presentation of ESI in its native format without requiring installation of the native application.

• Native: Generally review platforms do not at-tempt to display files in their native form. For files to be displayed in their native form, the native applications need to be loaded and available. Achieving this is too complicated. All necessary software needs to be identified. Appropriate ver-sions need to be found, licensed, and installed. The installations cannot conflict with other soft-ware. The licenses need to permit this type of use. And on and on. Instead, many systems let administrators grant users the rights to download copies of the native files to their local hard drives, then leave it to the users to locate software which they can use to work with the files.

AnalysisGenerally the same software used for review also is used for analysis. When analysis is called for – not just review for relevance and privilege – enhanced capabili-ties take on greater significance. Analysis and the use of analytical software tend to be used in two ways – to analyze content, and to analyze processes.

“If you look at information governance through EDRM lenses, you can begin to see how to use e-discovery tools to assist with information governance activities.”

Sponsored by:


Content analysis: Analytical tools are used to analyze content – to better understand the circumstances, facts and potential evidence related to a lawsuit, inves-tigation, or similar activity. Examples of content analy-sis include:

• Information governance: Information from legal hold systems can be analyzed to determine the effectiveness of an organizations’ information governance practices. Is ESI located through the legal hold process that ought to have been destroyed pursuant to the organization’s retention policies? Does the use of legal hold, preservation and collection systems unearth stockpiles of the ESI that were stored outside an organization’s of-ficial IT infrastructure? Do analyses of these piec-es of information reveal patterns that can help an organization better gain control of its data?

• Litigation readiness: What can be learned from analyses conducted during the process of better preparing an organization for future litiga-tion? Does looking at an organization’s litigation, investigatory or regulatory history suggest actions to be taken with the future in mind?

• Data assessment for the matter at hand: Analyzing ESI early and often can help an organi-zation map potential courses of action for litiga-tion teams to pursue. Comparative analyses can help the litigation team choose which course to follow or determine when a change in course is in order.

• Preservation and collection: Analyzing sub-sets of preserved and/or collected data – and doing so early and often – can help counsel

assess the effectiveness of the preservation and collection strategies being pursued. Is too much data being preserved, or too little? Are key phrases too broad or too narrow? Is the predictive coding strategy working or is there a mismatch between the approach as defined and the emerging needs? Does the data actually preserved fit the profile of the data that counsel sought to have preserved? Can preservation and collection objectives be met with the available time and budget, or does the scope need to be amended?

“E-Discovery software should never be selected in a vacuum, although that happens all too often. You always should start by figuring out three basic but critical things first.”


E-discovery’s analytical tools offer a

wealth of capabilities for information

governance purposes. They can be

used to evaluate the organization’s

actual data, giving views into what

actually is happening. Those views

can inform assessments concerning

every GARP principle, from

accountability through

disposition.


• Search strategies: Analyzing the results of search strategies and comparing them with the expected results can help counsel and those supporting them refine their approaches to searching data. Performing these activities mul-tiple times throughout the life of the litigation is far more effective than performing them just once, for each time the results offer counsel the chance to correct its course of action.

• Review enhancement: There can be a wide discrepancy in the capabilities of individual re-viewers as well in the effectiveness of different re-view strategies and protocols. By tracking such things as reviewer productivity, project managers can better understand what appears to be work-ing and what seems to be ineffective.

Process analysis: Process analysis in concerned with understanding the efficacy of the methods used during discovery. At each stage of the e-discovery process, analytical tools can be used to assess the extent to which specific processes are operating as anticipated.

ProductionGenerally, e-discovery production capabilities are built into other tools, such as review platforms. Those ca-pabilities are used to:

• Verify that the ESI to be prepared for production is the ESI that counsel or others intended to be produced;

• Reformat ESI in accordance with whatever pro-duction protocols are to be used; and

• Package the ESI for production.

IMPLEMENTING A NEW TOOL FOR E-DISCOVERY AND IGIf you are not yet using e-discovery tools, selecting and implementing appropriate tools can be a challenge. If you want tools that not only meet your e-discovery needs but also help further your information gover-nance objectives, the challenge sometimes can seem insurmountable.

“If you want tools that not only meet your e-discovery needs but also help further your information governance objectives, the challenge sometimes can seem insurmountable.”


Just as parties to a lawsuit eventually need to

produce data to each other, sooner or later par-

ticipants seeking to govern information need

to hand some amount of data to someone else.

They might need to include a compilation

of data with a report, or perhaps then want

to send a body of data to an outside consul-

tant for further analysis. Whatever their

objective, they still have to go through

the same production steps and can

benefit from e-discovery tools

designed to assist with that

process.


While setting forth a comprehensive selection and implementation guide is beyond the scope of a white paper, discussed below are some important consid-erations you should keep in mind. If you start with an eye toward these considerations, you should be well on your way to a positive result.

MAKE SURE YOU HAVE BUY-INBuy-in is key. If an organization’s acquisition and use of e-discovery tools is to yield successful results, stake-holders need to be committed to the decision to move forward.

It can be difficult to convince business leaders, IT managers, corporate counsel and RIM personnel that buying e-discovery software makes sense. To increase your chances of success, keep in mind the following:

• Timing: Interest in e-discovery software gener-ally is highest just after an organization has gone through a massive e-discovery exercise, making that a good time to begin looking at software. The timing should fit with the organization’s bud-get cycle as well.

• Benefits: You should be ready to offer a brief synopsis of why this matters to each group of key stakeholders. If you cannot present compel-ling arguments to each group, you may need to go back to the drawing board.

• Costs: You should have a good idea of costs associated with purchasing and implementing the desired e-discovery software. Be ready to share that information with stakeholders, and be able to explain it.

INCLUDE KEY STAKEHOLDERSMake sure you get key stakeholders involved in the selection and implementation process, and get them involved as early as you can. You will need their sup-port. You also will need their perspectives – finding out what they think they need, trying to discern what they actually need, learning what they do now, and getting a grasp on what they think they would like to do.

Who constitutes a key stakeholder will depend, of course, on a variety of factors. These likely will include the type of software you have in mind, its intended uses, the scope of its impact, and its cost. Plus, if you intend to adapt the eDiscovery software for gover-nance initiatives, you should make sure you involve the stakeholders for each affected area.

PROCESSES, PEOPLE, AND TECHNOLOGYOften people focus solely on the software. They seem to believe that if they can just buy the right piece of software their problems will be over. And, often, the folks selling the software are all too eager to encourage that approach.

For a piece of e-discovery software to be of real value, however, you cannot just buy the software. You have to make sure you also have addressed issues of people – who is going to use this software? – and processes – how is this software going to be used?

WHERE YOU ARE TODAY, WHERE YOU WANT TO BE TOMORROW, AND HOW TO GET THEREE-Discovery software should never be selected in a vacuum, although that happens all too often. You al-

“If you intend to adapt the eDiscovery software for governance initiatives, you should make sure you involve the stakeholders for each affected area.”


ways should start by figuring out three basic but critical things first: where you are now, where you want to get, and what you need to do along the way to get there.

Sometimes you can be pleasantly surprised. A few years ago, the folks from the legal department of a corporate client said that (a) they had no internal capabilities to preserve and collect ESI in a forensically sound fashion; (b) they wanted to purchase software appropriate for that task, identify internal personnel to be trained in the use of that software, and get those people trained; but (c) these costs were beyond any-thing they had budgeted for that fiscal year. As they began going through the process of identifying and pulling together key stakeholders, they discovered to their delight that their information security personnel already owned appropriate software, had been trained on its use, and used it regularly in just the ways the legal department personnel had envisioned.

Other times, going through this three-step process can help narrow the focus to a more realistic set of options. For example, if you want to use software to collect and process email messages, you need to know the range of email systems implicated. If you use IBM Lotus Notes, you will find you have a narrower set of options than if you use Microsoft Exchange.

COSTS – HARD AND SOFTChances are you will have to spend money to get the e-discovery software you want. Cost and pricing mod-els vary greatly, but some things to look for include:

• Are there usage limits based on the price you pay – how much you can use the software, who can use it, how long it can be used, etc.?

• Is the software sufficient by itself, or do you need to buy something else if you are going to use the software – other software, dedicated hardware, hardware that meets specified threshold require-ments, etc.?

• Are you making a one-time payment, or will there be ongoing fees you need to pay – maintenance fees, upgrade fees, etc.?

Then, there are the implementation costs, all too often overlooked. They can include:

• The money you pay someone else to put the software in place for you.

• The money you pay someone else to make the software work in your environment.

• Disruption costs, such as reduced productivity.

• Transition costs, as processes and people’s behaviors get modified to accommodate the new system.

START SMALLAssuming you can do so, start small and only expand later. You might be able to get an evaluation copy of a software program, or purchase a single-user version, before committing to a much larger expenditure.

Experiment with that software using a small amount of test data. See how well it fits your needs, and how well you fit with it. Try to find its limits, and then assess what those limits mean in your context.

Have some other people experiment as well. Compare and contrast your experiences.

“Chances are you will have to spend money to get the e-discovery software you want. Cost and pricing models vary greatly.”


TEST AND RE-TESTTest software before you purchase it, if at all pos-sible. Don’t stop there, however. As you are installing software and rolling it out, keep testing it. You want to make sure that it continues to do the things you wanted it to do.

CONCLUSIONThe goal of effectively and efficiently governing your data may seem overwhelming, but bringing to bear appropriate perspectives, processes and technologies can make real information governance more manage-able. The paradigms established by ARMA’s GARP and Maturity Model and EDRM’s Information Gover-nance Reference Model can help with identifying the key people to work with, setting objectives, and map-ping out ways to work with those people to meet those objectives. E-discovery tools and techniques can be turned to those ends—at each step of the way help-ing those involved better find, manage and assess the information that matters most to them.

About the Author: George Socha is the president and founder of Socha Consulting LLC, an electronic discovery consulting firm. In 2003, he and Tom Gelb-mann launched the Socha-Gelbman Electronic Discov-ery Survey, now Apersee (apersee.com) and in 2005 they started EDRM (edrm.net). George is an expert wit-ness and advisor focusing on the full range of electron-ic discovery activities. His clients include corporations, legal vertical market software and services providers, investment firms and law firms. Before launching his consulting firm, Mr. Socha spent 16 years as a litigation attorney in private practice. He received his law de-gree from Cornell Law School and his undergraduate degree from the University of Wisconsin-Madison.

ZYLAB E-DISCOVERY & INFORMATION MANAGEMENT SOFTWAREAs an innovative leader in modular eDiscovery, intel-ligent governance, and enterprise information manage-ment technology, ZyLAB software manages massive arrays of sensitive enterprise data in order to quickly capture, search, retrieve and assess information stored in disparate formats and locations. Our technology is widely utilized in more than 60-countries around the world to perform corporate, government, NGO and law enforcement investigations, to elicit business intelli-gence, and to respond to disclosure requests. ZyLAB’s eDiscovery software is among few such products that truly enable organizations to manage all EDRM phases through production in-house. The ZyLAB system does this in a user friendly, uncomplicated interface, with deeper and deeper layers for power users.

ZyLAB’s eDiscovery approach is anchored in a fully integrated and unified platform of specialized tools which, after collection or ingestion, preserves what the vast majority of vendors cannot: automated “audit-abil-ity” and chain of custody at the document level, which ultimately and inevitably bears on defensibility, effi-ciency, and cost. In other words, our system maintains an audit trail or history for every single document at the moment of collection or ingestion, through review and production. Plus, its flexible framework allows for unlimited scalability and adaptability. >>>

ZyLAB software is repeatedly positioned by Gartner as a Leader and Visionary in eDiscovery, Information Ac-cess and Records Management. To learn more about our 30-year history delivering innovative and mission-critical solutions to organizations such as the US White

“E-discovery tools and techniques can be turned to those ends—at each step of the way helping those involved better find, manage and assess the information that matters most to them.”

END


House, the European Union, the United Nations and various high-profile US trials, please visit zylab.com.

To arrange for a complimentary “Proactive eDiscovery Consultation” with Mary Mack, Esq., please send an email to [email protected] and reference the following Promo Code: REPURPOSE.

ENDNOTES1 “What is Information Governance? And Why is it So Hard?” by

Debra Logan, January 11, 2010, http://blogs.gartner.com/debra_

logan/2010/01/11/what-is-information-governance-and-why-is-it-

so-hard.

2 ARMA International (www.arma.org) is a not-for-profit profes-

sional association and the authority on managing records and

information. Formed in 1955, ARMA International is the oldest and

largest association for the information management profession

with a current international membership of more than 10,000. It

provides education, publications, and information on the efficient

maintenance, retrieval, and preservation of vital information created

in public and private organizations in all sectors of the economy.

It also publishes Information Management magazine, and the

Generally Accepted Recordkeeping Principles ® (GARP ®). More

information about GARP ® can be found at www.arma.org/garp.

3 The Generally Accepted Recordkeeping Principles®, http://www.

arma.org/garp.

4 ARMA International Maturity Model for Information Governance,

http://www.arma.org/garp/metrics.cfm.

5 Information Governance Reference Model (IGRM), http://www.

edrm.net/projects/igrm

“ZyLAB software is repeatedly positioned by Gartner as a Leader and Visionary in eDiscovery, Information Access and Records Management.”

Adapting eDiscovery Software - Legal Technology LLC

Documents

Transcript of Adapting eDiscovery Software - Legal Technology LLC