EDRM Announces Security Audit Project
EDRM, the leading standards organization for the e-discovery market, announced the establishment of a new project to develop and provide a security survey. A team of experienced and qualified EDRM members will develop and publish a straightforward and easy tool for evaluating the security capabilities of corporations, law firms, cloud providers and third parties offering electronic discovery or managed services.
The security survey evaluates an organization’s data security and practices, allowing potential customers to assess the risk of entrusting sensitive data to the vendor. The tool can be used to assess data protection from destruction or unauthorized access, as well as to assure regulatory compliance with data-related legislation such as HIPAA, the Sarbanes-Oxley Act and security breach notification laws.
The goal of the security survey project is to provide organizations with an overview of the critical questions to ask when assessing the data security of an e-discovery vendor or partner. The overview includes specific sections on risk management, asset security, communications and networking security and identity and access management. The evaluation allows the assessor to determine the level of risk the organization may be assuming by engaging the vendor or partner and to make suggestions to improve security practices and enhance the service provided.
EDRM project leads are Julie Hackler, regional sales manager at Avansic, and Amy Sellars, senior litigation attorney with The Williams Companies. Project deliverables are in the development stage. Interested professionals in electronic discovery, data management or security disciplines are invited to join the team and contribute to the project. Those interested may direct questions or volunteer interest by email to Tom Gelbmann: firstname.lastname@example.org.