Tuesday, September 7, 2010

ILTA Risk Session Report 2: Law Firm Information Risk Management

On the second day of the annual ILTA conference, the risk track hosted a session on information risk management entitled: "Finding Where the Squirrels Hide the Nuts [and How to Manage Them]." A panel comprising Jeffrey Franchetti, CIO of Cravath, Swaine & Moore, Pat Archbold, Head of the Risk Practice at IntApp, and Neil Araujo, CEO of Autonomy iManage dug into a variety of information management challenges facing law firms.

In the session, Jeff Franchetti described how his firm vested risk management responsibility with his IT organization, which oversees records and conflicts management. To ensure all voices are heard, and emerging challenges are addressed before problems arise, he created a risk management committee which brings together cross functional participants to review IT, business continuity, conflicts and document management risk issues and concerns.

At Cravath, an initiative to roll out enterprise search technology highlighted the need to understand and manage information security risks (i.e. "where the squirrels were hiding (and finding) nuts"). In this case, the firm understood that search tools would likely internally surface a great deal of sensitive firm and client information stored across multiple electronic information repositories. To address these issues before implementing the technology, Franchetti commissioned a team to perform a "detect and clean up" exercise, performing sensitive searches (e.g. "compensation" or "offer letter") and locking down documents that were improperly classified. In parallel, the firm adopted a centralized confidentiality management software to automate confidentiality enforcement moving forward.

Pat Archbold from IntApp, provider of the confidentiality management software chosen by Cravath, described how his organization's technology integrates and works with a variety of enterprise search and document management tools to ensure that sensitive information is properly secured on an ongoing basis. The slides from this talk are available here.

No comments:

Post a Comment