Thoughts and Information on IG, Compliance and eDiscovery


 

 

Here are some thoughts and information for you that illustrates our approach in the information governance, compliance and eDiscovery markets. We want to share some important points learned and tested in successful implementations:

  • The technological support for all three areas is largely the same with nuances of difference reflected in applications that support them. There are always requirements to deal with unstructured data that is legacy as well as that introduced to a system from ongoing operations.
     
  • With regard to legacy data (both on-line and, on backup tapes and decommissioned systems), we have experience in dealing directly with information that may not have been organized, or if so, lacking in attributes to make it useful in a business context.  In many instances, we can reduce content through the application of sophisticated de-duplication and superfluous data identification methods to achieve very high data reduction rates -- 70% not unusual.
     
  • Our methods simultaneously enable the vetting and application of records and information security taxonomies to help ensure organization and proper security designations exists for information. In the instance of the petroleum company use case that we described in prior Xpriori Reports, a team of 10 or so people was able to do the work of hundreds using manual methods. We deploy a team that consists of several technical people and what we call data controllers -- people who have subject matter expertise or an experiential based understanding of the subject matter. Clusters of information are reviewed by them and accepted, rejected, refined etc. and used to refine the taxonomy. We direct our efforts to specific enterprise activities – small bites, one at a time. The code base for the clustering is preserved and other rules developed and refined.
     
  • Once the analysis and remediation of the legacy data set has been completed, the code base for the clustering of the data is stored so that new information presented to a series of managed file shares can inherit the appropriate designations and classifications based on the new data’s similarity to the items that have been previously classified. In effect, it becomes a “machine learning system” which carries forward and builds on the knowledge that has been created. This is a rather new implementation, where implemented the process is meeting the best of expectations. Information/content generated to unstructured documents from day to day operations is automatically being classified and stored. Our team developed this approach and it is part of our offering. We can provide reference and support for this type of implementation.
     
  • One of the more interesting challenges we address is that of “dark data”. CEO’s and CFO’s of public companies have a fiduciary obligation to provide the SEC with assurances as to the efficacy of financial controls and the information that underlies it. In this case, we have the ability to help identify hidden risks and unknown liabilities or evidence of potential contingent liabilities that should be a part of your financial disclosures.
     
  • Another challenge organizations face in today’s environment is heightened need to engage in ongoing, monitoring and compliance related activities to prevent the inadvertent disclosure of trade secrets, compromised IP, insider trading or overt industrial espionage.
     
  • We treat data governance policies as part of a holistic data management framework comprised of technology, people and processes within an existing corporate culture. Properly implemented, we are finding that our holistic approach makes the right information available to stakeholders when they need it, eliminates the superfluous, and limits associated risks. While this sounds like a big project, you can start small with discrete activities or projects and build on what you have learned and completed. That process is illustrated in the petroleum company use case.
     
  • When we engage, we engage to a proof of concept leading to a statement of work to limit risk and to assure success. In most instances, we are happy to load up a sample dataset to illustrate our effectiveness.

We invite you to investigate our methods and technologies to help you plot a course toward real information policy, management and governance.  Let us hear from you.
 

To View or Download a pdf of this blog, click here.