Exterro's Legal GRC Breakdown

Get your daily dose of news, best practices, and technology from Exterro's e-discovery, privacy, and digital forensics experts here.


Defensible Disposition and the Convergence of IG, Compliance and E-Discovery

Created on October 29, 2014

Following is a guest post by Jim FitzGerald, Exterro's sr. product marketing manager, who attended ARMA International's conference this week in San Diego. You can also read previous ARMA-related posts on applying analytics to information governance and the challenge of employee status changes.

This year's ARMA event had much richer content in the area of information governance, compliance, and e-discovery. The intersection of these topics is getting much more play this year and last, and it's heartening to see so many organizations stepping back and taking a broader perspective. I'm hopeful their widened aperture will help clients see the convergence of these topics as a unique opportunity to rethink siloed approaches.

One frequent example at ARMA of such a converged topic was defensible disposition. There were a number of companies exhibiting tools that perform file analysis or data profiling of repositories like file shares and SharePoint sites. These tools help you see the age, file type composition, ownership, and duplicates in the environment. From there, you can set up tasks to purge redundant, obsolete and trivial (ROT) content.

Defensible DispositionNumerous sessions highlighted the value of disposing of ROT. Paring down storage costs, helping users find the content of value, and, particularly reducing the risks and costs of unnecessary e-discovery. Susan Cisco, an experienced consultant at Gimmal led a great session where she laid out a sensible set of steps necessary to turn disposition of ROT into a standard business process. Quite rightly, she described the changes in organization behavior necessary to carry this out. Humans by nature are tentative when it comes to making choices about what to dispose of, and so most of us fail to take document housecleaning seriously. We just procrastinate while the dust bunnies take over. Susan recommends putting a straightforward schedule-based process in place by which data either matures to first-class corporate records under formal retention (a small minority of data, typically less than 5%), or gets periodically evaluated to see whether it is low-value temp file stuff that should get purged in 90 or 120 days from last use or fits a work-in-process (WIP) category for potentially valuable content. This WIP category of content might endure for 12 to 15 months, but it doesn't last forever.

Implementing a disposition regime like this requires quite a bit more than a tool and some scripting. Susan laid out the changes in the people and process components to get the technology of defensible disposition running like clockwork. She stressed the value of a “lean startup" to pilot a disposition process within an organization in order to demonstrate success. All sensible recommendations that IG professionals should keep in mind when working on projects in the turbulent vortex of IG, records management, e-discovery and compliance.