Share

Having the right policies and technology in place is key to reduicing e-discovery risks, according to IT governance organisation ISACA.

Having the right policies and technology in place is key to reduicing e-discovery risks, according to IT governance organisation ISACA.

To help enterprises effectively search, classify, preserve and present information that is stored electronically, ISACA has published a free Electronic Discovery whitepaper.

The whitepaper provides steps to identify and mitigate the risks related to potential litigation, and helps organisations establish a formal e-discovery programme.

ISACA, the information security association for 95,000 IT professionals, recommends the following steps:

-Assess regulatory requirements specific to the organisation

-Ensure the proper mix of policy, process and technology to reduce reliance on any specific individual and maintain consistency

-Apply a consistent approach to e-discovery, giving the organisation time to evaluate and validate the information

-Establish information security controls - in line with the organisation’s security policies - to protect information extracted.

-Conduct employee training and awareness

“An added bonus of creating an e-discovery programme is that it not only reduces risk related to litigation, but can also improve an organisation’s compliance posture,” said Kamal Dave, chief architect at Hewlett-Packard, who co-authored the Electronic Discovery whitepaper.

"It can also help control costs by eliminating a ‘keep everything’ mentality that exists when an organisation is unclear about the type of information to retain and how long to store it,” said Dave.

Now read IBM acquires e-discovery vendor PSS Systems