Sunday, April 06, 2008

Rule-Set Reset: Evidence Life Cycles...

Here are a few of the "Top of Mind" topics these days at the nexus of Legal Risk and "Defining the New Rules Sets" for Information Management and Digital Forensics. What is a "Rule-Set Reset"?

When a crisis triggers your realization that your world is woefully lacking certain types of rules, you start making up those new rules with a vengeance (e.g., the Patriot Act and the doctrine of preemption following 9/11). Such a rule-set reset can be a very good thing. But it can also be a very dangerous time, because in your rush to fill in all the rule-set gaps, your cure may end up being worse than your disease.

  • The Computer as Witness--What The Courts Allow.
  • Improper and Negligent Records Hold Practices.
  • Calculating Settlement Values in a Digital World..
  • Economics of Electronic Discovery.
  • Evaluating Outside Law Firms: Competing for Client Revenue.
  • Discovering the Legal Value of Electronic Information.
  • Chain of Custody Controls and Vulnerabilities.
  • Logs, Metadata and Backups.
  • Evidence Life Cycle Management.
  • Operational Risks in Existing Corporate Information Management Practices.

These topics and more are worth investing time, resources and manpower for vital learning, education and convergence within the legal department of your institution. Why? Just ask Waters Edge Consulting. Because just preparing for ESI custodian depositions under Rule 30(b)(6) will not be enough for your team to win these days. It's going to take substantially more investment in governance strategy execution within the ranks of the CIO, CSO and General Counsel in the aftermath of the sub-prime "Armageddon."

Today, many organizations have Enterprise Records Management (ERM) systems that provide clear guidelines for data retention and destruction. In addition, organizations facing frequent lawsuits often use Electronic Data Discovery (EDD) vendors and outside counsel to process and review electronically stored information (ESI) during discovery.

Unfortunately, neither solution creates a framework that recognizes all data as potential evidence and puts a consistent methodology in place for handling it efficiently and cost effectively.

Evidence Lifecycle Management (ELM) is such a framework. An ELM system, such as MatterSpace from WorkProducts, provides:

  • Automated identification, preservation, and collection of structured and unstructured matter-specific ESI from all accessible eRecords sources
  • Role-based collaboration and communications that drive all case-specific ESI activities
  • Auditing and reporting of all ESI communications and events, including litigation holds

ELM bridges the gap between ERM and EDD, speeding up ESI delivery while reducing the risk and cost of ESI processing and legal review.


A prudent governance execution strategy would include a ratio of new learning, education and policy development combined with the correct tools and managed services. Yet how do you determine the right recipe for your institution? After all, you are unique and unlike any other organization out there.

The fact is that it has to be customized to your exact size, exposures and vulnerabilities. You first have to establish the baseline and develop the foundation for making the right decisions in the right order. Most importantly, it has to be co-designed with the legal team and the custodians of the information if you are to ever find any chance of success. Underlying all of the dialogue on who a particular matter relates to and where the information is located brings up another area that is imperative to the overall resilience of the organization. Continuity of Operations.

At the end of the day, this is what you are really buying. True DataVaulting means exchanging the headaches and liability of maintaining your own backups for the simplicity and convenience of contractually backed Service Level Agreements (SLAs).

Without effective DataVaulting, DRP and overall Continuity of Operations as an underlying foundation for managing the life cycle and longevity of your institutions records, you may already be subjected to the increased risk of fines and non-compliance sanctions from FINRA or the SEC.

The correct Business Resilience Architecture begins with a firm statement of applicability for your institution. The statement of applicability (SOA) is the architectural blueprint that identifies controls that are pertinent to your environment, and explains how and why they are appropriate. The SOA is derived from the output of a comprehensive operational risk assessment and development of an enterprise wide "Early Warning System."

Centre-left leaders from around the world called on Saturday for urgent reform of global financial institutions to prevent a recurrence of the credit crisis.

About a dozen leaders, brought together by Prime Minister Gordon Brown, issued a communique urging the International Monetary Fund to help develop an effective early warning system to guard against financial risks to the global economy.

Australian Prime Minister Kevin Rudd said the world had to learn the lessons from the credit crisis, sparked eight months ago by massive default on U.S. sub-prime mortgage debt.

"Too often in the past when these sorts of events have occurred ... the lessons are lost. The lessons must be learned and applied, otherwise we will face a very rocky future indeed," Rudd told a news conference after the "Progressive Governance" conference outside London.

The leaders, also including South African President Thabo Mbeki, New Zealand Prime Minister Helen Clark and Austrian Chancellor Alfred Gusenbauer, gathered just before key Group of Seven and IMF meetings in Washington next week which will discuss the financial turbulence.

Also attending were the heads of the IMF, World Trade Organisation (WTO), the African Development Bank and several U.N. agencies.