We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
ISACA: Policy and technology key to reducing e-discovery risks

ISACA: Policy and technology key to reducing e-discovery risks

Consistent approach required, it says

Article comments

Having the right policies and technology in place is key to reduicing e-discovery risks, according to IT governance organisation ISACA.

To help enterprises effectively search, classify, preserve and present information that is stored electronically, ISACA has published a free Electronic Discovery whitepaper.

The whitepaper provides steps to identify and mitigate the risks related to potential litigation, and helps organisations establish a formal e-discovery programme.

ISACA, the information security association for 95,000 IT professionals, recommends the following steps:

-Assess regulatory requirements specific to the organisation

-Ensure the proper mix of policy, process and technology to reduce reliance on any specific individual and maintain consistency

-Apply a consistent approach to e-discovery, giving the organisation time to evaluate and validate the information

-Establish information security controls - in line with the organisation’s security policies - to protect information extracted.

-Conduct employee training and awareness

“An added bonus of creating an e-discovery programme is that it not only reduces risk related to litigation, but can also improve an organisation’s compliance posture,” said Kamal Dave, chief architect at Hewlett-Packard, who co-authored the Electronic Discovery whitepaper.

"It can also help control costs by eliminating a ‘keep everything’ mentality that exists when an organisation is unclear about the type of information to retain and how long to store it,” said Dave.

Now read IBM acquires e-discovery vendor PSS Systems

Share:

Comments

Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *