Information Governance for E-Discovery
The Key to Readiness

In the days of paper, the term "information governance" referred to the tracking and storing of physical assets that had been designated as business records, ensuring their safekeeping and ultimate disposition according to pre-defined retention policies. By placing the "record" in a box, labeling it properly and ensuring someone owned the retention and disposition process, information governance was complete. The policies on how to identify, preserve, retrieve and produce those records for litigation was managed on a case-by-case basis.

In today’s world of electronically stored information (ESI), in which evidence is created at the speed of electrons and replicated at gigabit-per-second speeds, the practice of governance becomes infinitely more complex. What constitutes a record, and knowing where and how records are created, duplicated, modified or deleted (or not), varies from department to department and organization to organization. Understanding how to handle the billions of bits of information not defined as records (and now subject to discovery under the Federal Rules of Civil Procedure), such as personal communications, document drafts and database content can be even more confusing.

With one gigabit equaling a billion bits and constituting 75,000 pages of printed materials, the amount of ESI that must be managed for e-discovery is mind-boggling. Ensuring records management practices reflect information governance policies—should such policies exist in the first place—can be a monumental challenge for any organization. Taking a disciplined approach to information governance for electronic discovery is crucial.

Information Governance for E-Discovery Defined
The term "governance" typically refers to IT or records management developing "consistent policies, practices, processes and decision rights for a given area of responsibility." These same concepts can be applied to actions taken to limit the risks, cost and burden associated with responding to e-discovery.

Information governance for e-discovery specifically addresses how ESI is captured, organized, accessed, replicated, managed and ultimately disposed of as part of a routine course of business. Governance policies and practices for e-discovery should include consistent guidance on:

• Restricting the amount of data that is being retained;
• Defining timeframes and processes for disposition;
• Controlling, or minimizing, the replication of ESI across multiple repositories;
• Establishing "metadata" to aid in classification and retrieval of ESI; and
• Outlining the accessibility and security of ESI in its native form.

Strategies for improving information governance, which can have enormous impact on readiness and response for e-discovery, can be organized into five key areas:

Acquire less: Identify opportunities to limit the amount of ESI being captured and stored in the first place.
Organize better: Improve the way ESI is organized to facilitate awareness and utilization.
Improve access: Enhance the ability to access ESI where and when it is needed as a routine course of business.
Replicate less: Reduce or eliminate unnecessary copies of ESI.
Retain less: Limit retention and dispose of ESI when appropriate.

Practicing Information Governance for E-Discovery
A disciplined approach to improving information governance for e-discovery involves four steps:

High-level data mapping. To help focus efforts, start by identifying the content repositories that store relevant ESI, based on the anticipated litigation portfolio and discovery intensity for the organization. This stage requires input from IT, legal, records management and others working collaboratively.
Assessing current practices. This step involves assessing current information management policies and practices. How well is the organization performing in the areas of personal data management, email management, content management, application data management, storage management and retention management? Are policies and practices in place to achieve the strategic goals for information governance?
Analyzing gaps. Third, analyze the gaps between existing and best practices, relative to the organization’s discovery intensity and risk profile, and understand how those gaps affect cost, burden and risk to the organization. Such analysis will assure initiatives have immediate and meaningful impact.
Recommendations. Finally, establish a set of key recommendations and next steps for moving forward. These should address some or all of the five strategies outlined above—acquire less, organize better, improve access, replicate less and retain less—and need to reflect people, process and technology considerations.

By taking a disciplined and structured approach to information governance for e-discovery, organizations can reduce the overall cost and burden of discovery; minimize the risk associated with discovery response; and manage ESI as a strategic asset rather than a liability.