Forensic Update

Reflections on information management within the legal and regulatory arena

Posts Tagged ‘FINRA’

“Controlling your Data Avalanche” Webinar…

Posted by Johnny Lee on October 27, 2011


I am pleased to announce that I will join luminaries from Vedder Price, a prominent U.S. law firm, in a discussion on “Managing your Data Avalanche” on November 16, 2011.  This webinar will delve into strategies for satisfying an organization’s legal obligations associated with Records Retention, eDiscovery, Litigation Holds, and Data Privacy.

“All too often, companies approach their data management obligations reactively and in a piecemeal fashion. This need not be the case; in fact, companies can satisfy their legal obligations with greater certainty — and more economically — through comprehensive data management strategies.”

This Webinar will be of interest to General Counsel, Chief Compliance and Information Officers, and those with a key role in managing eDiscovery or litigation within an organization.  This Webinar will provide an overview of legal trends in data management, with a specific focus on social media, cloud computing, eDiscovery, litigation holds, and data breach preparedness and response.  We will discuss ways in which companies can better manage their data through proactive data-management strategies.

To register for this webinar, please click here.  (Login information and presentation materials will be sent to registrants prior to the webinar.)

Click to learn more about Grant Thornton’s Forensics, Investigations and Litigation practice.   Click to learn more about Vedder Price’s Records Management, eDiscovery and Data Privacy practice.

Posted in Announcement, Computer Forensics, Data Governance, ECM, eDiscovery, Forensic Accounting, Information Security, Investigations, Litigation Hold, Privacy, Records Retention, Social Networking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on “Controlling your Data Avalanche” Webinar…

Excellent Session with the IT GRC experts at annual ISACA Conference…

Posted by Johnny Lee on October 26, 2011

ISACA_ITGRC-LogoLast week, I had the pleasure of presenting to a lively audience at the world’s leading conference for IT governance, risk and compliance professionals. The event, hosted at the Ritz-Carlton Hotel in Orlando by the good folks at ISACA, brought together a panoply of experts in the auditing, compliance, privacy, and information security space.

I presented on the subject of Data Governance and Electronic Discovery, and how these concepts represent “flip sides of the same coin.” What was particularly rewarding for me was the level of interest and participation during our interactive case study. Thanks to all who attended and participated last week…I enjoyed myself immensely, and I hope that you found it a rewarding discussion.

Posted in Computer Forensics, Data Governance, ECM, eDiscovery, Fraud, Information Security, Investigations, Litigation Hold, Privacy, Records Retention, Social Networking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Excellent Session with the IT GRC experts at annual ISACA Conference…

Trick or Tweet? Radio show appearance discussing recent issues on social media…

Posted by Johnny Lee on July 27, 2011

“Social media follows you around. Unlike Vegas, what happens online stays online forever with participants, leaving behind a wake of electronic information. As millions of smart-phone, Twitter, and Facebook users take to the Internet to send messages and post updates, they may place themselves and their businesses at risk.”

ForensicUpdate editor recently hit the airwaves with colleague Philip Ratliff on San Diego’s popular legal talk radio show with Jeff Isaac, host of “The Lawyer in Blue Jeans” program, to illuminate the concerns and issues related to the risks of social media use by individuals and businesses alike.

Listen as Philip Ratliff and Johnny Lee of Grant Thornton LLP’s Atlanta Forensic & Litigation practice discuss social media risks that can become serious issues if not dealt with carefully. Please note that the views and opinions expressed are personal views and are not necessarily those of Grant Thornton; click here for more on this.

Posted in Announcement, Computer Forensics, Data Governance, ECM, eDiscovery, Fraud, Investigations, Privacy, Social Networking | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Trick or Tweet? Radio show appearance discussing recent issues on social media…

Enterprise E-mail Management…Why it Matters So Much

Posted by Johnny Lee on February 21, 2011

Email Archive

Let’s face it, the thought of enterprise email management simply is not topping the list of sexy, self-evident corporate priorities these days.  Of course, there’s nothing like the negative treatment of genuinely embarrassing news coverage or court sanctions (or worse) to get organizations to revisit the necessity of this vital portion of data governance.

Simply put, it’s hard to fund (much less carry to fruition) an enterprise program that focuses on data management.  While litigation and prosecutions may make headlines, email management is not merely about avoiding culpability and other pitfalls in those arenas.  Properly done, enterprise email management can reduce IT spend, make business processes more efficient, and save hundreds of thousands (if not millions) of dollars annually for companies facing any sort of regulatory scrutiny or civil litigation.

Indeed, companies in every industry and geography are seeing an increase in the rate of litigation and regulatory scrutiny.  This increase is changing not just the way organizations handle such matters but the way in which they do business generally.

According to the latest installment of the annual Corporate Litigation Trends from international law firm Fulbright & Jaworski, many organizations are anticipating not only an increase in litigation and regulatory activity, but half believe that the “legal industry” will permanently change the way their business is conducted.  The survey also highlights the belief that legal and regulatory changes related to corruption and bribery investigations, data privacy, and social media will force organizations to think more proactively about their data governance initiatives.

Of course, there is no shortage of literature detailing why data governance is a good idea.  Despite this, few organizations get this right.  The profound disconnect between stakeholders within IT, Legal, HR, and Finance seems to be the principal explanation for why more organizations are not successful in these programs.  Historically, most companies launch an earnest (though myopic and frequently doomed) effort from the IT group.  When this effort failed for lack of consensus or effectiveness, organizations would effectively shelve effort for another year, chalking it up to insurmountable obstacles.  For a long time, this “charmed life” syndrome was permitted because companies so rarely faced a bet-the-company proposition that hinged on something as mundane as records management.  Today’s legal and regulatory arena makes this attitude a substantial gamble, and fewer executives, boards of directors, and audit committees are willing to tolerate it any longer.

More and more organizations are taking a proactive stance, and they seem to start with what is typically the most substantial data repository: electronic mail.  This is probably a wise gambit, though it should be tackled circumspectly.  While true that corporate users exchanged over 60 billion e-mails daily in 2009, it is sheer folly to consider this issue as strictly a technological headache.

The failure to integrate policy, training, monitoring, and PROCESS is the chief reason cited by courts and regulators for sanctions—not the breakdown of a given technology.  Accordingly, if you are in an organization that is finally seeing the light and embracing data governance, learn from the missteps of your colleagues: treat the enterprise initiative of data governance like…well, an enterprise initiative.  Lead with the notion of a “program” (not a project) and manage change from the top down (i.e., establish policy stances that extend to everyone; design process that aligns with policy; then select technology that aligns with these processes).  Finally, don’t forget about training, custodian acknowledgements, and monitoring controls.

Posted in Data Governance, ECM, eDiscovery, Litigation Hold, Privacy, Records Retention | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Comments Off on Enterprise E-mail Management…Why it Matters So Much

%d bloggers like this: