EDRM Announces Security Audit Project
Monday, August 08, 2016
Cross-functional team of professionals to focus on practical data security and risk assessment tools
St. Paul, MN – August 8, 2016 – EDRM, the leading standards organization for the e-discovery market, announced today the establishment of a new project to develop and provide a security survey. A team of experienced and qualified EDRM members will develop and publish a straightforward and easy tool for evaluating the security capabilities of corporations, law firms, cloud providers and third parties offering electronic discovery or managed services.
The security survey evaluates an organization’s data security and practices, allowing potential customers to assess the risk of entrusting sensitive data to the vendor. The tool can be used to assess data protection from destruction or unauthorized access, as well as to assure regulatory compliance with data-related legislation such as HIPAA, the Sarbanes-Oxley Act and security breach notification laws.
The goal of the security survey project is to provide organizations with an overview of the critical questions to ask when assessing the data security of an e-discovery vendor or partner. The overview includes specific sections on risk management, asset security, communications and networking security and identity and access management. The evaluation allows the assessor to determine the level of risk the organization may be assuming by engaging the vendor or partner and to make suggestions to improve security practices and enhance the service provided.
EDRM project leads are Julie Hackler, regional sales manager at Avansic, and Amy Sellars, senior litigation attorney with The Williams Companies. Project deliverables are in the development stage. Interested professionals in electronic discovery, data management or security disciplines are invited to join the team and contribute to the project. Those interested may direct questions or volunteer interest by email to Tom Gelbmann: firstname.lastname@example.org.
The Electronic Discovery Reference Model (EDRM) creates practical resources to improve e-discovery and information governance. Since 2005, EDRM has delivered leadership, standards, best practices, tools, guides and test data sets to improve electronic discovery and information governance. Member individuals, law firms, corporations and government organizations actively contribute to the direction of EDRM. Visit EDRM.net to become a member.