Monday, October 1, 2012

Report from Charlotte Risk Roundtable (Client Audits, Information Governance & More)

Last week, we held a  Risk Roundtable session in Charlotte, North Carolina. Many thanks to Parker Poe for hosting. Brian Lynch, chair of the Risk Roundtable Compliance Consortium, delivered a presentation updating attendees on current risk issues and trends, and moderated group discussion. He sends this update:
  • Dan, I'm pleased to report back a successful Risk Roundtable session in Charlotte, North Carolina. Parker Poe was generous enough to host our group of risk managers and technology leaders, who are blazing trails into risk management territory.
  • We spent a good deal of time discussing open vs. closed document management systems. With the ever-increasing pressures from many different sources, it has become difficult to manage varied levels of confidentiality across multiple systems of record. Open and closed approaches have their limitations. Could there be a middle approach, where business rules could automatically lock down sensitive information? The answer is tying together risk expertise and intelligent technology to reduce the risk of under-secured and over-secured information.
  • Many firms are subject to client audits, and these are more widespread than ever. Some firms that represent clients in highly regulated industries have reported multiple on-site audits per month. This trend is driving firms to adopt specific security standards and processes to be best prepared for the inevitable auditor's visit. In response, many firms are considering ISO 27001 certification.
  • For firms looking for a lighter alternative, ILTA's LegalSEC initiative is developing a set of "standards" to best equip a firm to standardize their security processes and perform well in audits.
  • Mark Brophy - IT Director at Rogers Townsend - shared some of the progress and initial thinking from the LegalSEC initiative. One of their objectives is to understand the ethical requirements per jurisdiction of lawyers in regards to security. In our upcoming November sessions in San Francisco and Los Angeles, we will connect those dots of bar requirements.
As Brian noted, dates and locations for several additional Roundtable sessions will be announced shortly. Watch this space for details.

No comments:

Post a Comment