Date: Thursday March 17, 2022
Time: 2:00PM - 3:00PM ET
About this event
Webinar hosted by BSI and Seratos
Join us on March 17, 2022 at 2pm ET and listen to Santana Stallberg and Cristian Dragnef talk about the benefits of integrating eDiscovery and litigation support processes into your Information Security Management System (ISMS).
Why is it important?
Corporations and businesses are required to answer to regulatory requirements, meet litigation deadlines, or respond to data privacy requests. Regulatory requests have become the main reason for eDiscovery worldwide.
Although business organizations are often diligent in implementing security controls to prevent unauthorized access from external parties, sometimes lack of appropriate internal expertise can lead to the spoliation of Electronically Stored Information (ESI) or physical documents due to mishandling and destruction.
Electronic discovery is the process of discovering pertinent Electronically Stored Information (ESI) or data by one or more parties involved in an investigation or litigation, or similar proceedings (ISO 27050).
To minimize the risk of spoliation, that is, the non-compliant or non-authorized modification, deletion, removal, and movement of ESI and physical documents, it is imperative that organizations establish an Information Governance Program and integrate Legal hold and eDiscovery processes into their Information Security Management System (ISMS) framework.
Legal holds/eDiscovery processes extend beyond the regular retention policies and protection from deletion, stipulating how relevant records and documents must not be copied, altered, or destroyed to ensure their authenticity and integrity is preserved in accordance with the requirements.
What is ISO 27050?
ISO 27050-1/2/3 series of standards defines related terms and describes the concepts, including, but not limited to, identification, preservation, collection, processing, review, analysis, and production of ESI.
To satisfy all the requirements of legal holds and eDiscovery processes for litigation, regulatory requests and forensic investigations, relevant risks associated with spoliation can be identified using the information risk management framework set by ISO 27001 and effectively be addressed by integrating the technical controls set by ISO 27050 into the Statement of Applicability (SoA).
As a result of incorporating ISO 27050 controls in their ISO 27001 certified ISMS, organizations can be better equipped to satisfy and protect any ESI or physical documents. However, most organizations do not have effective processes, procedures, and controls in place to address these risks.
Our speakers
Santana Stallberg, CEDS, ACT – eDiscovery and Privacy Consultant at Seratos Consulting
Santana is a privacy and compliance consultant and certified eDiscovery Specialist with experience in the healthcare, legal and information security industry. By applying various standards within these industries, Santana has been pivotal in optimizing processes, writing technical procedure, and standard documents, and ensuring quality and compliance.
Cristian Dragnef, ISMS LA, CRM - Consulting Lead and President at Seratos Consulting.
As a management consultant, lead auditor and trainer, Cristian has more than twenty five years of experience and extensive expertise in information risk and security management, quality management systems, IT service management, and software development.
For the past ten years, Cristian is working as a trusted compliance and certification advisor to top-tier firms (AmLaw 100) helping them to achieve and maintain their information security goals and objectives.
Our host
Caio Cologni - Business Development Manager - Information Security BSI