Five Words That Scare a CIO – I’ll See You in Court!

When you become CIO, you’ll probably have all of the technical skills that you need to stay on top of today’s cutting edge IT issues such as storage, bandwidth, cloud computing, etc. In fact, I’d guess that you’ve gotten the message and you will have developed your management talents so that you will be well positioned to align the IT department with the rest of the business. However, there is one thing that you may have forgotten to get: a law degree…

Why Discovery Is A Bad Word In IT

For anyone who has not had to live though a legal discovery process, thank your lucky stars! What we’re talking about here are the steps that a company has to go through when they find themselves involved in a lawsuit. Before the case even goes to trial, there is the discovery process.

Take a typical example: someone sues the firm and says that they’ve been harassed while working there. The first step that their lawyer will take will be to serve the company with a legal notice to produce all of the messages that flowed over the company’s network that contained the person’s name or email address. This, of course, includes any nicknames that the person might have been referred to by or even any derogatory names.

Can you imagine what kind of effort that kind of search would take in most companies? Sure there might be some centralized email servers, but you also have to check all of the IM chats and all documents just in case there might be something in them. Now you should be getting a feeling for the scope of work that we’re talking about.

Four Steps A CIO Can Take To Get Ready For Discovery

In any modern company, you can expect to eventually get sued and be required to go through some sort of discovery process. As CIO, your job will be to prepare the company for this eventually before it happens. This means that you are going to have to take the following steps:

  1. Create a Data Map: Sorry about this – it’s a manual process in which you take the time to locate the critical data that your company uses and then dive even deeper and understand how it is used. This will help you to understand where your most important documents are and just exactly what applications were used to create those documents.
  2. Create Clear Data-Retention Policies: you don’t have to discover what you don’t have; however, you had better have a good story for why you don’t have it. This policy has to be all encompassing: it must cover both paper and electronic. It also has to lay out the processes for storing, organizing, and destroying it.
  3. It’s All About The Workflow: …and you need to understand it. In any company, work gets done at a variety of different levels including at the department level as well as at the enterprise level. How work gets done will play a key role in how you can uncover the documents that you are looking for during a discovery.
  4. Electronic Documents Are Not All The Same: we’re not talking about a bunch of PDF files here. Lots of electronic documents that need to be searched and perhaps included in the discovery package may be in specialized forms: CAD drawings, Microsoft Project files, etc. Just finding the data is not enough, you need to print out a document with the right information that can be included in the discovery.

What All Of This Means For You

As CIO you will need to be simultaneously moving the company forward as well as protecting your backside. A single lawsuit against your company can require countless hours of work in order to locate the required documents not to mention the costs involved.

The only way to prevent this from becoming a black mark on your CIO resume will be to prepare for it before it happens. By no means will this be an easy task to do, but it can be well worth the effort.

Nobody ever said that being the CIO was going to be easy, preparing your firm to deal with a legal discovery is one way you can at least make the job look easy!