Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Discovery (eDiscovery) Chad Meyer & John Vyhlidal ConAgra Foods.

Published byRosalind Rice Modified over 9 years ago

Similar presentations

Presentation on theme: "Electronic Discovery (eDiscovery) Chad Meyer & John Vyhlidal ConAgra Foods."— Presentation transcript:

1 Electronic Discovery (eDiscovery) Chad Meyer & John Vyhlidal ConAgra Foods

2 Overview Background Risks and Security Concerns Effective eDiscovery program Assurance Considerations Wrap up

3 Background Discovery – The process of identifying, locating, securing and producing information and materials for the purpose of obtaining evidence for utilization in the legal process – Additionally the process of reviewing all materials that may be potentially relevant to the issues at hand and/or that may need to be disclosed to other parties, and of evaluating evidence to prove or disprove facts, theories or allegations What is eDiscovery: – The process of collecting, preparing, reviewing, and producing electronically stored information (ESI) in the context of legal discovery

4 Background 2006 updates to Federal Rules of Civil Procedure (FRCP) by US Supreme Court Applies to all US enterprises, public or private Set strict expectations that an enterprise must be able to produce electronically stored information as evidence within a practical time frame Litigation and eDiscovery are key drivers for enterprise records retention

5 Risks and Security Concerns Un/Intentional removal of records Un/Intentional alteration of records Privacy considerations Inability to recover/identify records Providing unnecessary/wrong records Losing litigation cases (macro level risk) Fines for non-compliance (macro level risk)

6 eDiscovery Program

7 Goals for an effective program Ability to provide any discovery-requested ESI – Regardless content type and storage location Responding to requests for discovery efficiently, effectively and completely Well documented process – Policies and procedures prior to discovery – Search methods in response to discovery Refraining from providing information not requested

8 Assurance considerations Identify key risks Consider the existing control environment Evaluate the design of current controls as related to eDiscovery Identify gaps Consider cost benefit of mitigating existing gaps Select and implement solutions Monitor

9 Identify key risks Risks vary based on size, industry or other unique factors Top down risk assessment Involve key stakeholders – Legal – Records management – IT Security – System/Data owners Understand all potential sources/locations 1234567

10 Consider existing control environment Existing controls may aid in mitigating risks associated with eDiscovery – SOX, HIPAA, PCI Review existing control libraries for applicable controls Conduct interviews with key members of legal, risk management, and IT 1234567

11 Evaluate existing controls related to eDiscovery Consider purpose and scope of existing controls Many controls may aid an eDiscovery program, but not fully – Records retention policies – Backups – Logical Security 1234567

12 Identify gaps Classify gaps by ERDM process and responsible function – Information Management, Identification, Collection, Preservation, etc. Link gaps to existing controls (where applicable) 1234567

13 Identify Gaps Source:An EDRM White Paper – part of the EDRM White Paper Series September, 2010 – Adam Hurwitz, BIA CIO, Business Intelligence Associates, Inc.

14 Cost/Benefit of risk treatment Typical risk treatment plans include options – Avoid – Reduce/Mitigate – Transfer – Accept Consider probability and magnitude Factor ROI against noncompliance and/or alternative methods (typically manual) 1234567

15 Select and implement solutions Entity level controls IT general controls Other controls Prepackaged solutions 1234567

16 Select and implement solutions (cont.) Gartner classifies eDiscovery solutions into the following categories for analysis: – Information governance and archiving tools – Identification, collection, preservation and processing – Analysis tools 1234567

17 Monitor Maintained records retention and legal hold policies and procedures Clear ownership of each portion of the EDRM process Legal hold tracking process Include selected solutions in enterprise risk assessments and audits 1234567

18 Recap Background Risks and Security Concerns Effective eDiscovery program Assurance Considerations Conclusion

19 ISACA White Paper Published 3/10/2011 (Link to ISACA download)

20 Questions? Chad Meyer chad.meyer@conagrafoods.com John Vyhlidal john.vyhlidal@conagrafoods.com

Download ppt "Electronic Discovery (eDiscovery) Chad Meyer & John Vyhlidal ConAgra Foods."

Similar presentations

Considerations for Records and Information Management Programs in Light of the Pension Committee and Rimkus Consulting 2010 Decisions.

Considerations for Records and Information Management Programs in Light of the Pension Committee and Rimkus Consulting 2010 Decisions.
© 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP TRIM HP Information Management.

© 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP TRIM HP Information Management.
Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group 209-754-9130

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group
Ethical Issues in Data Security Breach Cases www.ScottandScottllp.com Presented by Robert J. Scott Scott & Scott, LLP 800-596-6176.

Ethical Issues in Data Security Breach Cases Presented by Robert J. Scott Scott & Scott, LLP
E-Discovery for System Administrators Russell M. Shumway.

E-Discovery for System Administrators Russell M. Shumway.
E-Discovery LIMITS ON E-DISCOVERY. No New Preservation Rule When does duty to preserve attach? Reasonably anticipated litigation. Audio sanctions.

E-Discovery LIMITS ON E-DISCOVERY. No New Preservation Rule When does duty to preserve attach? Reasonably anticipated litigation. Audio sanctions.
W W W. D I N S L A W. C O M E-Discovery and Document Retention Patrick W. Michael, Esq. Dinsmore & Shohl LLP 101 South Fifth Street Louisville, KY 40202.

W W W. D I N S L A W. C O M E-Discovery and Document Retention Patrick W. Michael, Esq. Dinsmore & Shohl LLP 101 South Fifth Street Louisville, KY
1 Best Practices in Legal Holds Effectively Managing the e-Discovery Process and Associated Costs.

1 Best Practices in Legal Holds Effectively Managing the e-Discovery Process and Associated Costs.
Decided May 13, 2003 By the United States Court for the Southern District of New York.

Decided May 13, 2003 By the United States Court for the Southern District of New York.
EDiscovery and Records Management. Records Management- Historical Perspective- Paper Historically- Paper was the “Corporate Memory” – a physical entity.

EDiscovery and Records Management. Records Management- Historical Perspective- Paper Historically- Paper was the “Corporate Memory” – a physical entity.
EMS Auditing Definitions

EMS Auditing Definitions
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
1 © Copyright 2008 EMC Corporation. All rights reserved. Litigation Response Planning: eDiscovery Best Practices Stephen O’Leary Sr. eDiscovery and Compliance.

1 © Copyright 2008 EMC Corporation. All rights reserved. Litigation Response Planning: eDiscovery Best Practices Stephen O’Leary Sr. eDiscovery and Compliance.
IS Audit Function Knowledge

IS Audit Function Knowledge
1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,

1 E-Discovery Changes to Federal Rules of Civil Procedure Concerning Discovery of Electronically Stored Information (ESI) Effective Date: 12/01/2006 October,
Audit Planning and Documentation

Audit Planning and Documentation
RST processes Session 6 Presentation 3. A framework for RST processes Establishing an RST Membership Terms of reference Work programme (schedule, agenda,

RST processes Session 6 Presentation 3. A framework for RST processes Establishing an RST Membership Terms of reference Work programme (schedule, agenda,
AIIM Presentation Selecting and Implementing A Records Management System June 5, 2008.

AIIM Presentation Selecting and Implementing A Records Management System June 5, 2008.
The Evolution of IT Risk & Compliance February 2012 Rosalyn Ellis, CRISC Susan Hoffman, CISA,CGEIT 1.

The Evolution of IT Risk & Compliance February 2012 Rosalyn Ellis, CRISC Susan Hoffman, CISA,CGEIT 1.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing

Similar presentations

Ads by Google