SlideShare uma empresa Scribd logo
1 de 9
Information Governance- a programmatic
perspective on driving value through RIM
Practical Goals and Directions for managing information assets..


 Richard Gomes
 Citigroup- Director of Information Governance




                              Richard R Gomes                February 2010
Information Management Services from Citi Global RIM
RETENTION, DISPOSITION, AND ARCHIVING ARE CONSIDERED A SUPER-JURISDICTIONAL RISK

 It isn’t always clear what we are obliged
 to keep or how long it should be kept.
                                                     INFORMATION MANAGEMENT SERVICES MITIGATE
 Though many Citi employees realize that             RISK AND SAVE COST                      Questions about physical and
 they may be dealing with Records in the                                                     electronic files come in via a
                                                                                                               call or email
 course of their daily activities, only a
                                                                                                     Clients
 Records Management Officer (RMO)                                                     Internal
 can tell for certain.
                                                          The query goes to the               Employees
 The type of Record it turns out to be, the               RMO responsible for the
                                                          Sector, Global Function,
 jurisdiction it belongs to, and the type of              Region, and Country                                  • Record Status
 data it contains are just some of the many               associated with the files
                                                                                                               • Jurisdiction of Record
 factors an RMO must take into account                                                       Identify          • IS/Privacy flags
 to ensure we comply with our Legal and                      The RMO compiles the                              • Record Class/Code
 Regulatory obligations to compliantly                           retention, disposal,
                                                                                                               • Retention Schedule
                                                               archive, and retrieval
 retain and dispose of Citi’s information.                                                   Classify          • Deviation if required
                                                                      requirements.
 Contact your RMO before you act-                                                                              • Assign RM-Unit
                                                         The issue is tracked and                              • Update Inventory
 <link>                                                                                Inventory               • Declare Datasource
                                                         managed by RIM until a
 The mishandling of Citi information is a                compliant BAU retention
 big risk that can damage our reputation,                and disposition process is in
                                                         place                    Manage and Facilitate
 and cost us a lot of money.
                                                              Retention,      Disposal                             Active Matter
                                                  Policy and                                                                     Collection and
 After all, only Records Management                          Backup, and   Eligibility and       (e)Discovery      Preservation
                                                 Governance                                                                        Custody
                                                              Archiving      Approval                                  Holds
 Officers are trained and authorized to
 classify records, set retention periods,
 and process deviations.
                               Richard R Gomes                  February 2010
Records and Information Management (RIM) is a key competency that drives
down the cost of protecting our information assets.
The less information we retain, the lest costly it is to securely maintain.

                                                               RIM Assets and Deliverables
                                                 POLICY DRIVEN DISPOSAL.
                                                   ‘Retain only what we are obliged to retain’
                                                 IAI (Information Asset Inventory) targeted protection
                                                   Worldwide golden source of the Information Citi has, where it is,
                                                    and who is responsible for it.
                                                 DEFENSE-IN-DEPTH against Super Jurisdictional- Risk
                                                   Preventive Control- Information Asset Inventory (IAI) identifies IS
                                                    and Privacy control gaps
                                                   Detective Control – Disposition Scheduling identifies IS and
                                                    Privacy operational gaps
                                                   Corrective Control- GOC aligned RIM-organization coordinates
                                                    and facilitates CAP responses
                                                 Service Delivery Model driven cost savings
                                                     Legal Matter Response – ‘eDiscovery’
                                                     Storage Demand
                                                     Data Privacy
                                                     Data Protection
                                                     Information Classification
                                                     Data Classification


                         Richard R Gomes                         February 2010                                       3
                                Citi Internal
Program History at a Glance
                  “a packaged service that focuses on direct and timely benefits”
    CMM Level                                                 Global Program Evolution

   1 – Ad Hoc
                                        2005 – Policy and Governance standards
• Policy and Control Process
                                             • Five Important Control elements developed- Master Record Catalog, Spans of Authority,
                                               Country Retention, Inventory Manifest, Custody Map
   2– Repeatable                        2006 – Organization and Control Processes
• Platform Development and Deployment
                                             • Rev 1 of the IAI (Information Asset Inventory) with integrating the 5 important controls
                                               implemented, Physical Information BAU disposition (‘IC ‘)Project delivered
   3– Defined                           2007 – Enterprise Data Map and Global Process Control
• Improved Process Fidelity                  • Continuous Data Disposition (CDD) of Structured and unstructured electronically stored
                                               information (ESI) initiated in NA, eMail disposition rules introduced
• Broadened Scope and Effectiveness
                                        2008 – CDD Process Development and Regionalization
                                             • Expanded CDD for structured ESI Globally, Prototype CDD for some unstructured ESI,
                                               Legal Hold process reengineering begun
                                        2009 – CDD as BAU, Deploy RIM as a Service
• Embedded RIM into the Data Centers         • BAU Tape backup disposition and extended Archiving deployed, SharePoint and First
                                               Archive automated disposition process delivered (BAU eMail disposition in test in First Archive NA)
  4– Managed                            2010 – RIM Services Global Rollout and Regionalization
• Major Gap in Reporting to be closed
                                             • Close Metrics and Reporting GAP, Improve Financial Reporting of Green and Blue $
                                               saves, deploy automated classification and tagging for unstructured ESI
                                        2011 – Push to CMM Level 4 RIM
• Full benefit Capture                       • Deploy integrated dashboard to track effectiveness of savings, risk, and strategy
                                               enablement (Divestiture, M&A, Storage Reduction, etc)

                                          Richard R Gomes                              February 2010                                                 4
RIM is an effective way to manage the growth rate of retained
Information volume because its about empowering people to act.
         RIM leads to less information in a form that is easier to manage
 Strategic
 1.   Minimally Intrusive to the business-
      Basis of advisory services that help business clients optimize their approach to compliance
 2.   Consistent in the eyes of auditors, regulators and the courts-
      Policy and Control Processes based on legal and regulatory requirements as interpreted by case law and regulatory findings
 3.   Straightforward and well documented –
      RIM is supported by job-aids and guidance and delivered through advisory teams composed of RMs, ISOs, and CoB personal

 Tactical
 1.   Policy aligned framework and methodology-
      Operational processes based on RM Policy which is risk based and integrated with RCSA, and ARR’s SAP
 2.   Enterprise-wide consistent, defensible, and actionable
      Global rules for Local application.
 3.   Serves all constituencies
      Addresses core Information Retention and Handling requirements that apply equally to the Business, Legal, Compliance and
      O&T,


 Actionable
 1.   Clearinghouse / CoE for process development and technology enablement initiatives
 2.   Cost saving identification and capture program
 3.   Knowledge exchange for collaborative sharing of locally developed practices


                                  Richard R Gomes                              February 2010                                       5
Service Focus Cost Containment
Over-retention creates a large drag on performance and is relatively easy to fix.


                            Retention Driven Cost and Risk Factors
Primary and secondary information handling costs
   Electronically Stored Information (ESI) costs about $1.88 / GB-Year – (All in estimate of ESI on-line
    storage and administration costs this translates to at least $MM of savings in North America alone)
   Back-up and Archive costs
      System Back-up Times- (the need for more costly high throughput solutions and increased tape
          volumes)
         Offline ESI-Archive Inventory Overhead- (indexing, retrieval, sampling, and restore overhead drive
          incremental storage requirements)
   eDiscovery costs-
      Collection, Culling, and 3rd Party review cost many large companies $10s of Millions annually
Legal and Regulatory Exposure.
 Matter Scope – (Out of context eMail, EUCs, logs, etc. widen investigation scope and drive up costs)
 Missed/Overlooked information – (Untimely disclosure [e.g. Merrill $1.4B], Inaccurate Data Map [e.g.
    Qualcomm $200MM] resulting in large financial penalties and judicial prejudice)
   Disposition Framework – (Retention inconsistency (e.g.. Intel, Arthur Andersen) resulting in serious and
    costly threats to the Franchise..




                               Richard R Gomes                        February 2010                            6
Internal Clients are a broad and diverse population


       Client Organization                                                     Expected Service Benefit
                                              Risk facing activities (e.g. Data Privacy, Data Protection, IDEM) derive direct expense and
O&T/ Risk Organizations                       FTE benefits from volume reduction and efficiency benefits from a common Data Map-
                                              Case: IDEM u-ESI initiative
                                              Enterprise Data Map and Retention Schedules enable large scale economies
O&T/ Technology Organizations                 associated with Info-centric architectures
                                              Enterprise Data Map provides baseline for Data Classification and forms the basis of a
ISO Organization                              comprehensive Enterprise-Security Data Dictionary governing the risk based handling
                                              of Information in transit and at rest
                                              Right-sizing and cost management of the Information Infrastructure build-out based on
Technology Infrastructure Organizations       rules based predictive growth and volume information derived from well defined
                                              retention scheduling
                                              In aggregate, direct capital and expense savings are in the $.5B range with realization
Financial Control                             within 12-24 months

                                              As a principle user of the Data Map and the Retention Processes associated with
Legal Services / eDiscovery                   CDD, the direct benefit is in significant FTE / external resource reduction associated
                                              with the preservation, collection, culling, review, and production activities.
                                              Based on the effectiveness of the CDD methodology and the consistency of its
Legal / Litigation                            implementation (e.g. SLAs) attorneys responsible for litigation can confidently delegate
                                              eDiscovery oversight to lower levels within their organization and improving skills alignment
                                              Framework for the development of Info-Centric applications that are aware of the
Business / Application Development            information they handle, can look up the rules for handling it, and can systematically
                                              enforce the information lifecycle

                                Richard R Gomes                                February 2010                                                  7
Information Management Services from Citi Global RIM
RETENTION, DISPOSITION, AND ARCHIVING ARE CONSIDERED A SUPER-JURISDICTIONAL RISK

 It isn’t always clear what we are obliged
 to keep or how long it should be kept.
                                                     INFORMATION MANAGEMENT SERVICES MITIGATE
 Though many Citi employees realize that             RISK AND SAVE COST                      Questions about physical and
 they may be dealing with Records in the                                                     electronic files come in via a
                                                                                                               call or email
 course of their daily activities, only a
                                                                                                     Clients
 Records Management Officer (RMO)                                                     Internal
 can tell for certain.
                                                          The query goes to the               Employees
 The type of Record it turns out to be, the               RMO responsible for the
                                                          Sector, Global Function,
 jurisdiction it belongs to, and the type of              Region, and Country                                  • Record Status
 data it contains are just some of the many               associated with the files
                                                                                                               • Jurisdiction of Record
 factors an RMO must take into account                                                       Identify          • IS/Privacy flags
 to ensure we comply with our Legal and                      The RMO compiles the                              • Record Class/Code
 Regulatory obligations to compliantly                           retention, disposal,
                                                                                                               • Retention Schedule
                                                               archive, and retrieval
 retain and dispose of Citi’s information.                                                   Classify          • Deviation if required
                                                                      requirements.
 Contact your RMO before you act-                                                                              • Assign RM-Unit
                                                         The issue is tracked and                              • Update Inventory
 <link>                                                                                Inventory               • Declare Datasource
                                                         managed by RIM until a
 The mishandling of Citi information is a                compliant BAU retention
 big risk that can damage our reputation,                and disposition process is in
                                                         place                    Manage and Facilitate
 and cost us a lot of money.
                                                              Retention,      Disposal                             Active Matter
                                                  Policy and                                                                     Collection and
 After all, only Records Management                          Backup, and   Eligibility and       (e)Discovery      Preservation
                                                 Governance                                                                        Custody
                                                              Archiving      Approval                                  Holds
 Officers are trained and authorized to
 classify records, set retention periods,
 and process deviations.
                               Richard R Gomes                  February 2010
Questions




            Richard R Gomes   February 2010   9

Mais conteúdo relacionado

Mais procurados

Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationThomas Bronack
 
Simeio e-Brochure
Simeio e-BrochureSimeio e-Brochure
Simeio e-BrochureDirectAxs
 
Joburg cobit assurance
Joburg cobit assuranceJoburg cobit assurance
Joburg cobit assuranceAldee2013
 
ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4guest66dc5f
 

Mais procurados (6)

Achieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate CertificationAchieving Enterprise Resiliency and Corporate Certification
Achieving Enterprise Resiliency and Corporate Certification
 
Simeio e-Brochure
Simeio e-BrochureSimeio e-Brochure
Simeio e-Brochure
 
Guardian 8 media kit
Guardian 8   media kitGuardian 8   media kit
Guardian 8 media kit
 
Ruth edge presentation
Ruth edge   presentationRuth edge   presentation
Ruth edge presentation
 
Joburg cobit assurance
Joburg cobit assuranceJoburg cobit assurance
Joburg cobit assurance
 
ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4ccmigration_09186a008033a3b4
ccmigration_09186a008033a3b4
 

Destaque

eDiscovery without the headaches
eDiscovery without the headacheseDiscovery without the headaches
eDiscovery without the headachesLedjit
 
Srs sample
Srs sampleSrs sample
Srs samplesriniefs
 
Whale Rider.Ya Money.Project.Tools
Whale Rider.Ya Money.Project.ToolsWhale Rider.Ya Money.Project.Tools
Whale Rider.Ya Money.Project.ToolsWRider
 
Introduction
IntroductionIntroduction
Introductionsriniefs
 
Documents and Discovery in Government - Alberta’s Perspective
Documents and Discovery in Government - Alberta’s PerspectiveDocuments and Discovery in Government - Alberta’s Perspective
Documents and Discovery in Government - Alberta’s PerspectiveLedjit
 
CEIC 2010 international panel
CEIC 2010 international panelCEIC 2010 international panel
CEIC 2010 international panelLedjit
 
2014 04-03 061837-mana_telangana
2014 04-03 061837-mana_telangana2014 04-03 061837-mana_telangana
2014 04-03 061837-mana_telanganasriniefs
 
Satin Usability Working Place
Satin Usability Working PlaceSatin Usability Working Place
Satin Usability Working PlaceWRider
 
The Effective eDocument Retention Program - Policies, Processes and Solutions
The Effective eDocument Retention Program - Policies, Processes and SolutionsThe Effective eDocument Retention Program - Policies, Processes and Solutions
The Effective eDocument Retention Program - Policies, Processes and SolutionsLedjit
 
Jess
JessJess
JessJORGE
 
eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...
eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...
eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...Ledjit
 
The radio shack court
The radio shack courtThe radio shack court
The radio shack courtLedjit
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic MethodologiesLedjit
 
The Portable Courtroom
The Portable CourtroomThe Portable Courtroom
The Portable CourtroomLedjit
 
Whale Rider устраняем шумы в коммуникациях
Whale Rider   устраняем шумы в коммуникацияхWhale Rider   устраняем шумы в коммуникациях
Whale Rider устраняем шумы в коммуникацияхWRider
 
Production of Documents, Technology and Costs
Production of Documents, Technology and CostsProduction of Documents, Technology and Costs
Production of Documents, Technology and CostsLedjit
 
developing a financial services brand
developing a financial services branddeveloping a financial services brand
developing a financial services brandPete Bennett
 

Destaque (17)

eDiscovery without the headaches
eDiscovery without the headacheseDiscovery without the headaches
eDiscovery without the headaches
 
Srs sample
Srs sampleSrs sample
Srs sample
 
Whale Rider.Ya Money.Project.Tools
Whale Rider.Ya Money.Project.ToolsWhale Rider.Ya Money.Project.Tools
Whale Rider.Ya Money.Project.Tools
 
Introduction
IntroductionIntroduction
Introduction
 
Documents and Discovery in Government - Alberta’s Perspective
Documents and Discovery in Government - Alberta’s PerspectiveDocuments and Discovery in Government - Alberta’s Perspective
Documents and Discovery in Government - Alberta’s Perspective
 
CEIC 2010 international panel
CEIC 2010 international panelCEIC 2010 international panel
CEIC 2010 international panel
 
2014 04-03 061837-mana_telangana
2014 04-03 061837-mana_telangana2014 04-03 061837-mana_telangana
2014 04-03 061837-mana_telangana
 
Satin Usability Working Place
Satin Usability Working PlaceSatin Usability Working Place
Satin Usability Working Place
 
The Effective eDocument Retention Program - Policies, Processes and Solutions
The Effective eDocument Retention Program - Policies, Processes and SolutionsThe Effective eDocument Retention Program - Policies, Processes and Solutions
The Effective eDocument Retention Program - Policies, Processes and Solutions
 
Jess
JessJess
Jess
 
eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...
eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...
eDiscovery - Advising your Clients on how to be Litigation Ready in the 21st ...
 
The radio shack court
The radio shack courtThe radio shack court
The radio shack court
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic Methodologies
 
The Portable Courtroom
The Portable CourtroomThe Portable Courtroom
The Portable Courtroom
 
Whale Rider устраняем шумы в коммуникациях
Whale Rider   устраняем шумы в коммуникацияхWhale Rider   устраняем шумы в коммуникациях
Whale Rider устраняем шумы в коммуникациях
 
Production of Documents, Technology and Costs
Production of Documents, Technology and CostsProduction of Documents, Technology and Costs
Production of Documents, Technology and Costs
 
developing a financial services brand
developing a financial services branddeveloping a financial services brand
developing a financial services brand
 

Semelhante a Manage Risk and Save Cost with Information Governance

Powerpoint tom
Powerpoint   tomPowerpoint   tom
Powerpoint tomaiimnevada
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011Satish Hemachandran
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
Df2012 securing information_assets_in_saa_s_clouds_3_0
Df2012 securing information_assets_in_saa_s_clouds_3_0Df2012 securing information_assets_in_saa_s_clouds_3_0
Df2012 securing information_assets_in_saa_s_clouds_3_0debbanerjee
 
Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record managementGreenLeafInst
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Avirot Mitamura
 
Life & Work Online Protecting Your Identity
Life & Work Online Protecting Your IdentityLife & Work Online Protecting Your Identity
Life & Work Online Protecting Your IdentityInnoTech
 
Metadata Use Cases You Can Use
Metadata Use Cases You Can UseMetadata Use Cases You Can Use
Metadata Use Cases You Can Usedmurph4
 
Metadata Use Cases
Metadata Use CasesMetadata Use Cases
Metadata Use Casesdmurph4
 
Integrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCIntegrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCDATAVERSITY
 
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels – “The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels – TEAM Informatics
 
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking
 
Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009Collabor8now Ltd
 
Simplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentSimplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentEngine Yard
 
Course Outline - Disaster Preparedness and Vital Records Protection
Course Outline - Disaster Preparedness and Vital Records ProtectionCourse Outline - Disaster Preparedness and Vital Records Protection
Course Outline - Disaster Preparedness and Vital Records ProtectionLorson Resources Limited
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security  complying with pci dss encryption rulesVormetric data security  complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rulesVormetric Inc
 

Semelhante a Manage Risk and Save Cost with Information Governance (20)

Powerpoint tom
Powerpoint   tomPowerpoint   tom
Powerpoint tom
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 
Df2012 securing information_assets_in_saa_s_clouds_3_0
Df2012 securing information_assets_in_saa_s_clouds_3_0Df2012 securing information_assets_in_saa_s_clouds_3_0
Df2012 securing information_assets_in_saa_s_clouds_3_0
 
Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record management
 
Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10Guardium value proposition for fss pn 12 02-10
Guardium value proposition for fss pn 12 02-10
 
Life & Work Online Protecting Your Identity
Life & Work Online Protecting Your IdentityLife & Work Online Protecting Your Identity
Life & Work Online Protecting Your Identity
 
SYMCAnnual
SYMCAnnualSYMCAnnual
SYMCAnnual
 
Metadata Use Cases You Can Use
Metadata Use Cases You Can UseMetadata Use Cases You Can Use
Metadata Use Cases You Can Use
 
Metadata Use Cases
Metadata Use CasesMetadata Use Cases
Metadata Use Cases
 
Integrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCIntegrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLC
 
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels – “The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
“The Fountain of Truth” Web-based Contract Management for Starwood Hotels –
 
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance Requirements
 
Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009
 
Cloud Auditing
Cloud AuditingCloud Auditing
Cloud Auditing
 
Simplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS EnvironmentSimplifying PCI on a PaaS Environment
Simplifying PCI on a PaaS Environment
 
Course Outline - Disaster Preparedness and Vital Records Protection
Course Outline - Disaster Preparedness and Vital Records ProtectionCourse Outline - Disaster Preparedness and Vital Records Protection
Course Outline - Disaster Preparedness and Vital Records Protection
 
Vormetric data security complying with pci dss encryption rules
Vormetric data security  complying with pci dss encryption rulesVormetric data security  complying with pci dss encryption rules
Vormetric data security complying with pci dss encryption rules
 
Securityinsideout
SecurityinsideoutSecurityinsideout
Securityinsideout
 
TripleTree eDiscovery
TripleTree  eDiscoveryTripleTree  eDiscovery
TripleTree eDiscovery
 

Mais de Ledjit

Rixe sur la preuve électronique
Rixe sur la preuve électroniqueRixe sur la preuve électronique
Rixe sur la preuve électroniqueLedjit
 
Numérisation de substitution
Numérisation de substitutionNumérisation de substitution
Numérisation de substitutionLedjit
 
Le web2.0, une mine d'information juridique et judiciaire
Le web2.0, une mine d'information juridique et judiciaireLe web2.0, une mine d'information juridique et judiciaire
Le web2.0, une mine d'information juridique et judiciaireLedjit
 
Une nouvelle administration de la preuve
Une nouvelle administration de la preuveUne nouvelle administration de la preuve
Une nouvelle administration de la preuveLedjit
 
Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...
Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...
Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...Ledjit
 
Preuve électronique + Procédure
Preuve électronique + ProcédurePreuve électronique + Procédure
Preuve électronique + ProcédureLedjit
 
Gestion De L’Information - Obligations et responsabilités du conseiller jurid...
Gestion De L’Information - Obligations et responsabilités du conseiller jurid...Gestion De L’Information - Obligations et responsabilités du conseiller jurid...
Gestion De L’Information - Obligations et responsabilités du conseiller jurid...Ledjit
 
60 Trucs et astuces Word en 60 minutes
60 Trucs et astuces Word en 60 minutes60 Trucs et astuces Word en 60 minutes
60 Trucs et astuces Word en 60 minutesLedjit
 
Salle d'audience portable
Salle d'audience portableSalle d'audience portable
Salle d'audience portableLedjit
 
Le Web2
Le Web2Le Web2
Le Web2Ledjit
 
L'administration de la preuve électronique
L'administration de la preuve électroniqueL'administration de la preuve électronique
L'administration de la preuve électroniqueLedjit
 
Présentation de la preuve électronique
Présentation de la preuve électroniquePrésentation de la preuve électronique
Présentation de la preuve électroniqueLedjit
 
Rédaction et mise en place d’une politique de gestion de l'information
Rédaction et mise en place d’une politique de gestion de l'informationRédaction et mise en place d’une politique de gestion de l'information
Rédaction et mise en place d’une politique de gestion de l'informationLedjit
 
Révision et analyse des documents
Révision et analyse des documentsRévision et analyse des documents
Révision et analyse des documentsLedjit
 
L'administration de la preuve électronique - présnentation à CAP
L'administration de la preuve électronique - présnentation à CAPL'administration de la preuve électronique - présnentation à CAP
L'administration de la preuve électronique - présnentation à CAPLedjit
 
L'Administration de la preuve électronique - Cours de droit du cyberespace
L'Administration de la preuve électronique - Cours de droit du cyberespaceL'Administration de la preuve électronique - Cours de droit du cyberespace
L'Administration de la preuve électronique - Cours de droit du cyberespaceLedjit
 

Mais de Ledjit (16)

Rixe sur la preuve électronique
Rixe sur la preuve électroniqueRixe sur la preuve électronique
Rixe sur la preuve électronique
 
Numérisation de substitution
Numérisation de substitutionNumérisation de substitution
Numérisation de substitution
 
Le web2.0, une mine d'information juridique et judiciaire
Le web2.0, une mine d'information juridique et judiciaireLe web2.0, une mine d'information juridique et judiciaire
Le web2.0, une mine d'information juridique et judiciaire
 
Une nouvelle administration de la preuve
Une nouvelle administration de la preuveUne nouvelle administration de la preuve
Une nouvelle administration de la preuve
 
Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...
Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...
Le Procès Sans Papier - Objection... à toute la preuve présentée devant les t...
 
Preuve électronique + Procédure
Preuve électronique + ProcédurePreuve électronique + Procédure
Preuve électronique + Procédure
 
Gestion De L’Information - Obligations et responsabilités du conseiller jurid...
Gestion De L’Information - Obligations et responsabilités du conseiller jurid...Gestion De L’Information - Obligations et responsabilités du conseiller jurid...
Gestion De L’Information - Obligations et responsabilités du conseiller jurid...
 
60 Trucs et astuces Word en 60 minutes
60 Trucs et astuces Word en 60 minutes60 Trucs et astuces Word en 60 minutes
60 Trucs et astuces Word en 60 minutes
 
Salle d'audience portable
Salle d'audience portableSalle d'audience portable
Salle d'audience portable
 
Le Web2
Le Web2Le Web2
Le Web2
 
L'administration de la preuve électronique
L'administration de la preuve électroniqueL'administration de la preuve électronique
L'administration de la preuve électronique
 
Présentation de la preuve électronique
Présentation de la preuve électroniquePrésentation de la preuve électronique
Présentation de la preuve électronique
 
Rédaction et mise en place d’une politique de gestion de l'information
Rédaction et mise en place d’une politique de gestion de l'informationRédaction et mise en place d’une politique de gestion de l'information
Rédaction et mise en place d’une politique de gestion de l'information
 
Révision et analyse des documents
Révision et analyse des documentsRévision et analyse des documents
Révision et analyse des documents
 
L'administration de la preuve électronique - présnentation à CAP
L'administration de la preuve électronique - présnentation à CAPL'administration de la preuve électronique - présnentation à CAP
L'administration de la preuve électronique - présnentation à CAP
 
L'Administration de la preuve électronique - Cours de droit du cyberespace
L'Administration de la preuve électronique - Cours de droit du cyberespaceL'Administration de la preuve électronique - Cours de droit du cyberespace
L'Administration de la preuve électronique - Cours de droit du cyberespace
 

Último

Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdftbatkhuu1
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdftbatkhuu1
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges --  Guest House in Jhang.M.C Lodges --  Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetDenis Gagné
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
 
Progress Report - Oracle Database Analyst Summit
Progress  Report - Oracle Database Analyst SummitProgress  Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 

Último (20)

Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
A305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdfA305_A2_file_Batkhuu progress report.pdf
A305_A2_file_Batkhuu progress report.pdf
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdf
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges --  Guest House in Jhang.M.C Lodges --  Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature SetCreating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
Creating Low-Code Loan Applications using the Trisotech Mortgage Feature Set
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
 
Progress Report - Oracle Database Analyst Summit
Progress  Report - Oracle Database Analyst SummitProgress  Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 

Manage Risk and Save Cost with Information Governance

  • 1. Information Governance- a programmatic perspective on driving value through RIM Practical Goals and Directions for managing information assets.. Richard Gomes Citigroup- Director of Information Governance Richard R Gomes February 2010
  • 2. Information Management Services from Citi Global RIM RETENTION, DISPOSITION, AND ARCHIVING ARE CONSIDERED A SUPER-JURISDICTIONAL RISK It isn’t always clear what we are obliged to keep or how long it should be kept. INFORMATION MANAGEMENT SERVICES MITIGATE Though many Citi employees realize that RISK AND SAVE COST Questions about physical and they may be dealing with Records in the electronic files come in via a call or email course of their daily activities, only a Clients Records Management Officer (RMO) Internal can tell for certain. The query goes to the Employees The type of Record it turns out to be, the RMO responsible for the Sector, Global Function, jurisdiction it belongs to, and the type of Region, and Country • Record Status data it contains are just some of the many associated with the files • Jurisdiction of Record factors an RMO must take into account Identify • IS/Privacy flags to ensure we comply with our Legal and The RMO compiles the • Record Class/Code Regulatory obligations to compliantly retention, disposal, • Retention Schedule archive, and retrieval retain and dispose of Citi’s information. Classify • Deviation if required requirements. Contact your RMO before you act- • Assign RM-Unit The issue is tracked and • Update Inventory <link> Inventory • Declare Datasource managed by RIM until a The mishandling of Citi information is a compliant BAU retention big risk that can damage our reputation, and disposition process is in place Manage and Facilitate and cost us a lot of money. Retention, Disposal Active Matter Policy and Collection and After all, only Records Management Backup, and Eligibility and (e)Discovery Preservation Governance Custody Archiving Approval Holds Officers are trained and authorized to classify records, set retention periods, and process deviations. Richard R Gomes February 2010
  • 3. Records and Information Management (RIM) is a key competency that drives down the cost of protecting our information assets. The less information we retain, the lest costly it is to securely maintain. RIM Assets and Deliverables  POLICY DRIVEN DISPOSAL.  ‘Retain only what we are obliged to retain’  IAI (Information Asset Inventory) targeted protection  Worldwide golden source of the Information Citi has, where it is, and who is responsible for it.  DEFENSE-IN-DEPTH against Super Jurisdictional- Risk  Preventive Control- Information Asset Inventory (IAI) identifies IS and Privacy control gaps  Detective Control – Disposition Scheduling identifies IS and Privacy operational gaps  Corrective Control- GOC aligned RIM-organization coordinates and facilitates CAP responses  Service Delivery Model driven cost savings  Legal Matter Response – ‘eDiscovery’  Storage Demand  Data Privacy  Data Protection  Information Classification  Data Classification Richard R Gomes February 2010 3 Citi Internal
  • 4. Program History at a Glance “a packaged service that focuses on direct and timely benefits” CMM Level Global Program Evolution 1 – Ad Hoc 2005 – Policy and Governance standards • Policy and Control Process • Five Important Control elements developed- Master Record Catalog, Spans of Authority, Country Retention, Inventory Manifest, Custody Map 2– Repeatable 2006 – Organization and Control Processes • Platform Development and Deployment • Rev 1 of the IAI (Information Asset Inventory) with integrating the 5 important controls implemented, Physical Information BAU disposition (‘IC ‘)Project delivered 3– Defined 2007 – Enterprise Data Map and Global Process Control • Improved Process Fidelity • Continuous Data Disposition (CDD) of Structured and unstructured electronically stored information (ESI) initiated in NA, eMail disposition rules introduced • Broadened Scope and Effectiveness 2008 – CDD Process Development and Regionalization • Expanded CDD for structured ESI Globally, Prototype CDD for some unstructured ESI, Legal Hold process reengineering begun 2009 – CDD as BAU, Deploy RIM as a Service • Embedded RIM into the Data Centers • BAU Tape backup disposition and extended Archiving deployed, SharePoint and First Archive automated disposition process delivered (BAU eMail disposition in test in First Archive NA) 4– Managed 2010 – RIM Services Global Rollout and Regionalization • Major Gap in Reporting to be closed • Close Metrics and Reporting GAP, Improve Financial Reporting of Green and Blue $ saves, deploy automated classification and tagging for unstructured ESI 2011 – Push to CMM Level 4 RIM • Full benefit Capture • Deploy integrated dashboard to track effectiveness of savings, risk, and strategy enablement (Divestiture, M&A, Storage Reduction, etc) Richard R Gomes February 2010 4
  • 5. RIM is an effective way to manage the growth rate of retained Information volume because its about empowering people to act. RIM leads to less information in a form that is easier to manage Strategic 1. Minimally Intrusive to the business- Basis of advisory services that help business clients optimize their approach to compliance 2. Consistent in the eyes of auditors, regulators and the courts- Policy and Control Processes based on legal and regulatory requirements as interpreted by case law and regulatory findings 3. Straightforward and well documented – RIM is supported by job-aids and guidance and delivered through advisory teams composed of RMs, ISOs, and CoB personal Tactical 1. Policy aligned framework and methodology- Operational processes based on RM Policy which is risk based and integrated with RCSA, and ARR’s SAP 2. Enterprise-wide consistent, defensible, and actionable Global rules for Local application. 3. Serves all constituencies Addresses core Information Retention and Handling requirements that apply equally to the Business, Legal, Compliance and O&T, Actionable 1. Clearinghouse / CoE for process development and technology enablement initiatives 2. Cost saving identification and capture program 3. Knowledge exchange for collaborative sharing of locally developed practices Richard R Gomes February 2010 5
  • 6. Service Focus Cost Containment Over-retention creates a large drag on performance and is relatively easy to fix. Retention Driven Cost and Risk Factors Primary and secondary information handling costs  Electronically Stored Information (ESI) costs about $1.88 / GB-Year – (All in estimate of ESI on-line storage and administration costs this translates to at least $MM of savings in North America alone)  Back-up and Archive costs  System Back-up Times- (the need for more costly high throughput solutions and increased tape volumes)  Offline ESI-Archive Inventory Overhead- (indexing, retrieval, sampling, and restore overhead drive incremental storage requirements)  eDiscovery costs-  Collection, Culling, and 3rd Party review cost many large companies $10s of Millions annually Legal and Regulatory Exposure.  Matter Scope – (Out of context eMail, EUCs, logs, etc. widen investigation scope and drive up costs)  Missed/Overlooked information – (Untimely disclosure [e.g. Merrill $1.4B], Inaccurate Data Map [e.g. Qualcomm $200MM] resulting in large financial penalties and judicial prejudice)  Disposition Framework – (Retention inconsistency (e.g.. Intel, Arthur Andersen) resulting in serious and costly threats to the Franchise.. Richard R Gomes February 2010 6
  • 7. Internal Clients are a broad and diverse population Client Organization Expected Service Benefit Risk facing activities (e.g. Data Privacy, Data Protection, IDEM) derive direct expense and O&T/ Risk Organizations FTE benefits from volume reduction and efficiency benefits from a common Data Map- Case: IDEM u-ESI initiative Enterprise Data Map and Retention Schedules enable large scale economies O&T/ Technology Organizations associated with Info-centric architectures Enterprise Data Map provides baseline for Data Classification and forms the basis of a ISO Organization comprehensive Enterprise-Security Data Dictionary governing the risk based handling of Information in transit and at rest Right-sizing and cost management of the Information Infrastructure build-out based on Technology Infrastructure Organizations rules based predictive growth and volume information derived from well defined retention scheduling In aggregate, direct capital and expense savings are in the $.5B range with realization Financial Control within 12-24 months As a principle user of the Data Map and the Retention Processes associated with Legal Services / eDiscovery CDD, the direct benefit is in significant FTE / external resource reduction associated with the preservation, collection, culling, review, and production activities. Based on the effectiveness of the CDD methodology and the consistency of its Legal / Litigation implementation (e.g. SLAs) attorneys responsible for litigation can confidently delegate eDiscovery oversight to lower levels within their organization and improving skills alignment Framework for the development of Info-Centric applications that are aware of the Business / Application Development information they handle, can look up the rules for handling it, and can systematically enforce the information lifecycle Richard R Gomes February 2010 7
  • 8. Information Management Services from Citi Global RIM RETENTION, DISPOSITION, AND ARCHIVING ARE CONSIDERED A SUPER-JURISDICTIONAL RISK It isn’t always clear what we are obliged to keep or how long it should be kept. INFORMATION MANAGEMENT SERVICES MITIGATE Though many Citi employees realize that RISK AND SAVE COST Questions about physical and they may be dealing with Records in the electronic files come in via a call or email course of their daily activities, only a Clients Records Management Officer (RMO) Internal can tell for certain. The query goes to the Employees The type of Record it turns out to be, the RMO responsible for the Sector, Global Function, jurisdiction it belongs to, and the type of Region, and Country • Record Status data it contains are just some of the many associated with the files • Jurisdiction of Record factors an RMO must take into account Identify • IS/Privacy flags to ensure we comply with our Legal and The RMO compiles the • Record Class/Code Regulatory obligations to compliantly retention, disposal, • Retention Schedule archive, and retrieval retain and dispose of Citi’s information. Classify • Deviation if required requirements. Contact your RMO before you act- • Assign RM-Unit The issue is tracked and • Update Inventory <link> Inventory • Declare Datasource managed by RIM until a The mishandling of Citi information is a compliant BAU retention big risk that can damage our reputation, and disposition process is in place Manage and Facilitate and cost us a lot of money. Retention, Disposal Active Matter Policy and Collection and After all, only Records Management Backup, and Eligibility and (e)Discovery Preservation Governance Custody Archiving Approval Holds Officers are trained and authorized to classify records, set retention periods, and process deviations. Richard R Gomes February 2010
  • 9. Questions Richard R Gomes February 2010 9