While information governance is often thought about in the context of data security and IT efficiency, there is an equally important factor that deeply resonates with a corporation’s board and C-suite: reputational risk. Trust is essential among shareholders, clients, customers and employees for a business to thrive. Ultimately, top company leadership are responsible for managing reputational risk and ensuring that the overall direction of the company will uphold trust in the brand. Many of the efforts that help companies mitigate this risk require IG, and often fall on the GC’s desk.

In an article contributed to Ethical Boardroom magazine, Jake Frazier and I from FTI’s Information Governance & Compliance Services (IG&CS) team discussed how the GC can impact IG decisions and key drivers coming in 2017 that should be on the GC’s radar as they look to establish or evolve IG. These high priority agenda items discussed in the article include:

• E-Discovery Process Optimisation: Over the last 10 years, we’ve seen an evolution in e-discovery processes among certain corporations, such as financial services or other highly regulated organisations that face high volumes of complex litigation. Now, with process maturity, a broader variety of organisations are beginning to take similar steps to standardise and streamline e-discovery.
• Increased Cloud Adoption & Migration to the Cloud: Implementation of cloud services will introduce a variety of IG considerations, ranging across email archiving issues, data preservation requirements, cross-border regulations, data security and e-discovery processes. As a corporation’s cloud strategy develops, legal and compliance teams should be engaged early on to advise on regulatory and legal hold considerations, as well as varying cross-border and security sensitivities.
• GDPR: This new European data protection directive will come into force in 2018, and corporations need to spend the coming year putting a response strategy into place; ensuring budget to implement the necessary programmes and technology needed to comply. Any IG effort that is aimed at getting the data house in order will help with preparing for this wide sweeping regulation.
• Cyber Security: Globally, there are dozens of laws that regulate how corporations need to approach and maintain cyber security, and what they must do in the event of a data breach. As cyber security threats and regulations evolve, it is important that legal teams remain informed about the legal aspects of managing cyber risks and map out unique programmes for handling them in each region where the corporation does business.
• AI and Machine Learning: Advanced technology has emerged that can accelerate IG remediation and support in investigations and litigation. While many lawyers are beginning to adopt advanced analytics for e-discovery purposes, we are just scratching the surface for how they can be applied to IG projects. As legal teams evaluate predictive coding and advanced analytics, it is important to secure qualified experts that can advise on how the technology can best be utilized.

In addition to these drivers, we also discussed actions the GC can take in partnership with the board and other C-level stakeholders. To read the full article, visit Ethical Boardroom.