Three Components to Assessing Your Organization’s eDiscovery Readiness from the Ground Up
Written by Doug Austin, Editor of eDiscovery Today
A few weeks ago, I wrote about updating your “SWOT” analysis (Strengths, Weaknesses, Opportunities, and Threats) matrix to understand how your organization is addressing opportunities and threats associated with a specific business objective. Certainly, those opportunities and threats have changed significantly with the onset of the COVID-19 pandemic. But, the SWOT analysis isn’t completed in a vacuum – chances are that you have some information to gather to complete that SWOT analysis fairly and accurately.
Over the years, I’ve conducted discovery readiness assessments for organizations where my team has gathered information and then prepared a report for the organization to not only complete a SWOT analysis for them, but also to identify several recommendations for them to consider to improve their handling of current litigation and to be better prepared for future litigation. Those recommendations are categorized along the lines of 1) Planning, 2) Identification, Preservation and Collection, 3) Processing, 4) Review and 5) Production and they are designed to help an organization improve their approach to discovery over the life cycle of a litigation, as well as to be better prepared to plan for litigation support in the first place.
Gathering information to generate a SWOT analysis and identifying recommendations in these five categories consist of three components, as follows:
Evaluating Company Documentation: Several organizational documents are needed to learn more about the organization and how it currently manages discovery for various cases. Review of these documents is necessary to understand the issues facing the organization and identify personnel for potential interviews. Examples of the documents to be reviewed include:
- Organizational chart for relevant departments (e.g., legal department, IT and records management);
- Copies of document/data retention policies with retention/destruction schedules;
- Copies of any other relevant policies, such as Bring Your Own Device (BYOD) policies;
- Examples of litigation hold notices or a standard template for litigation hold notice (to demonstrate how holds are implemented);
- General metrics on their litigation portfolio, including total number of litigation cases, overall and by practice area;
- Any litigation budget documentation they could provide, at an annual level for each practice area;
- Examples of questionnaires given to custodians regarding identification and/or potential collection of ESI;
- Sample chain-of-custody logs for handling documents and data and any available procedures for using the logs;
- Policies and procedures for backup and restore of company data;
- Policies and procedures for managing data for employees when they depart the company.
Those documents enabled us at a high level to understand the policies, challenges and constraints associated with the organization. Needless to say, lack of documentation in any of these critical areas could become a noted weakness on the SWOT analysis to be addressed.
Conduct Interviews of Key Personnel: Documentation can only get you so far, especially when there are certain policies and procedures missing. Understanding what’s going on at a company requires interviews of key personnel within relevant departments to determine how processes are handled that may not be documented, or whether certain documented policies are being followed as intended. Typically, this should entail interviews with at least one or two key representatives of the legal department, IT and records management departments, and possibly other departments as well.
The number of interviewees and the questions being asked vary from company to company and can be influenced by 1) organizational structure, 2) litigation portfolio and types of cases being litigated and 3) policies and procedures currently in place. While there are certain topics an organization will always want to address, others will be customized depending on the organization and the three parameters noted above. Not only that, but some questions will be identified as you go and there may be a need for follow-up with personnel already interviewed if subsequent questions are identified during the process that only they can answer.
Conduct a Survey of a Broader Group of Employees in Key Departments: This approach can flush out potential issues about which the key personnel may not even be aware and identify some of the frustrations encountered by the “rank and file”. For example, we did a survey once for an IT department where we found out that even though there were policies in place for how to handle computer for departed employees, those policies weren’t being followed and there were one or two storage closets containing laptops and desktop computers of former employees that the IT director wasn’t aware of, but the rank and file knew about. You can’t expect to get a complete picture by just interviewing the leadership team of various departments; you also have to gather information across those departments to paint a complete picture of what’s going on in the department.
These three mechanisms for gathering information are going to be key to not only complete your SWOT analysis, but also to identify recommendations for improving your organization’s overall discovery readiness. Without them, your SWOT analysis might not reflect the complete picture of your organization’s strengths, weaknesses, opportunities and threats.
For more educational topics from Doug Austin related to eDiscovery, cybersecurity and data privacy, follow, eDiscovery Today! And as part of the continued educational partnership between Ipro and eDiscovery Today, he’ll be here in the Ipro Newsroom next week with more educational content!