In the days of paper, the term "information governance" referred to the tracking and storing physical assets that had been designated as business records, ensuring their safekeeping and ultimate disposition according to pre-defi ned retention policies. By placing the "record" in a box, labeling it properly, and ensuring someone owned the retention and disposition process, information governance was complete. The policies on how to identify, preserve, retrieve and produce those records for litigation was managed on a case-by-case basis.

In today's world of electronically stored information (ESI), in which evidence is created at the speed of electrons and replicated at gigabit-per-second speeds, the practice of governance becomes infi nitely more complex. What constitutes a record, and knowing where and how records are created, duplicated, modifi ed or deleted (or not), varies from department to department and organization to organization. Understanding how to handle the billions of bits of information not defi ned as records (and now subject to discovery under the Federal Rules of Civil Procedure), such as personal communications, document drafts, and database content, can be even more confusing.

With one "gigabit" equaling a billion bits and constituting 75,000 pages of printed materials, the amount of ESI that must be managed for e-discovery is mind-boggling. Ensuring records management practices refl ect information governance policies, should such policies exist in the fi rst place, can be a monumental challenge for any organization. Taking a disciplined approach to information governance for electronic discovery is crucial.

Information Governance for e-Discovery Defined

The term governance typically refers to IT or records management developing "consistent policies, practices, processes and decision rights for a given area of responsibility." These same concepts can be applied to actions taken to limit the risks, cost and burden associated with responding to e-discovery. Information governance for e-discovery specifi cally addresses how ESI is captured, organized, accessed, replicated, managed and ultimately disposed of as part of a routine course of business. Governance policies and practices for ediscovery should include consistent guidance on:

• Restricting the amount of data that is being retained
• Defining timeframes and processes for disposition
• Controlling, or minimizing, the replication of ESI across multiple repositories
• Establishing "metadata" to aid in classifi cation and retrieval of ESI
• Outlining the accessibility and security of ESI in its native form

Strategies for improving information governance, which can have enormous impact on readiness and response for e-discovery, can be organized into fi ve key areas:

1. Acquire Less - identify opportunities to limit the amount of ESI being captured and stored in the fi rst place
2. Organize Better - improve the way ESI is organized to facilitate awareness and utilization
3. Improve Access - enhance the ability to access ESI where and when it is needed as a routine course of business
4. Replicate Less – reduce or eliminate unnecessary copies of ESI
5. Retain Less - limit retention and dispose of ESI when appropriate

Practicing Information Governance for e-Discovery

A disciplined approach to improving information governance for e-discovery involves four steps:

1. High-Level Data Mapping. To help focus efforts, start by identifying the content repositories that store relevant ESI, based on the anticipated litigation portfolio and discovery intensity for the organization. This stage requires input from IT, legal, records management and others working collaboratively.
2. Assessing Current Practices. The step involves assessing current information management policies and practices. How well is the organization performing in the areas of personal data management, e-mail management, content management, application data management, storage management and retention management? Are policies and practices in place to achieve the strategic goals for information governance?
3. Analyzing Gaps. Third, analyze the gaps between existing and best practices, relative to the organization's discovery intensity and risk profi le, and understand how these gaps affect cost, burden and risk to the organization. Such analysis will assure initiatives have immediate and meaningful impact.
4. Recommendations. Finally, establish a set of key recommendations and next steps for moving forward. These should address some or all of the fi ve strategies outlined above – acquire less, organize better, improve access, replicate less and retain less – and need to refl ect people, process and technology considerations.

By taking a disciplined and structured approach to information governance for e-discovery, organizations can reduce the overall costs and burden of discovery, minimize the risks associated with response, and manage ESI as a strategic asset rather than a liability.

About the Author

Brad Harris is the Director of the Discovery Center of Excellence for Fios, Inc. Harris has more than 20 years experience in product management, electronic discovery consulting and marketing for enterprise software and technology service companies. His expertise is in helping corporations identify process improvements that reduce the cost, risk and time when responding to e-discovery related to complex litigation and investigation.