Wednesday, January 20, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Legal vs. IT: The Data Archiving Disconnect

by Eileen Sweeney
November 5, 2015
in Compliance
Legal vs. IT: The Data Archiving Disconnect

In the past, the main drivers for data archiving centered on legal and compliance initiatives and business continuity, including eDiscovery, records retention, audits and disaster recovery. But as more companies are looking to take advantage of information in an effort to gain competitive advantage in their markets, data archiving has taken on a new role. However, there are major organizational disconnects related to archive accountability and lines of authority, particularly between IT and the legal and compliance departments that are holding enterprises back from maximizing the full value of their archives.

According to a recent IDC survey, the underlying reason for the data archiving disconnect very likely stems from a fundamental difference in roles and objectives between IT and legal. Whereas responsibilities for things like troubleshooting computer and technology issues or approving vendor contracts are clearly defined and don’t have overlap between the two groups, the management and usability of an enterprise’s data archives can pit them against each other. The research showed that although 70 percent of IT respondents see data archives as enhancing revenue, only 38 percent of legal and compliance teams agree, which makes sense in light of how each group utilizes the archive.

While legal and compliance departments focus on risk mitigation and limiting access to information in the archives, IT departments continue to evolve into a more service-like organization, supporting lines of business (LOB) with their information needs. These contradicting objectives drive a perception wedge between the two groups, creating further disconnect.

Legal and compliance aren’t even on the same page with IT regarding which department has the primary responsibility for archiving. IT is the least likely to see legal and compliance as responsible for archiving, and both are much more likely to see themselves as responsible for many aspects of data archiving, from determining what to archive to ensuring data archives are secured.

image001

IT seems to be blind to legal and compliance frustrations, with more than three-quarters of IT respondents rating their internal customer satisfaction with their management of their company’s electronic data archives as high. However, though almost 80 percent of legal and compliance respondents use archived data, less than half are satisfied with their ability to access this data, and only one in five legal and compliance professionals say they’re satisfied with IT’s performance across data archiving metrics.

These frustrations with electronic archiving from legal and compliance teams are a real problem for organizations. Businesses and IT organizations cannot focus solely on the needs of the business at the risk of ignoring legal departments. For businesses to succeed, they need to put in place tools, procedures and governance that will satisfy both sets of internal constituents’ needs and objectives.

With more than one-third of companies reporting $1 million or more in additional revenue during the past year from monetizing their archives, and no slowdown in the rapid growth of enterprise data in sight, it has never been more critical that IT and legal find a way to balance their competing objectives for the good of the bottom line, but there are a few concrete steps that businesses can take to address these challenges:

Appoint a Chief Data Officer

A CDO can help oversee the development and implementation of programs to derive value from the data archive while working closely with the Chief Operating, Chief Technology and Chief Information Officers to set long-term business and data strategies. The CDO would not only make sure that the enterprise’s general counsel and legal teams are appropriately involved and represented, but also ensure that all sides are brought to the table, educating everyone on the unique needs and pain points of each group to reach a common ground.

Create a Cross-functional Archiving Committee

Spearheaded by the CDO and including representatives from IT, LOB, legal and compliance, an archiving committee would certainly help foster collaboration toward implementing effective and efficient data archive management processes that address key concerns around access, protection and business needs.

Deploy Secure Data Archive Technology

Depending on what is already in place, the committee should explore implementing or updating the enterprise’s data archiving technology with secure, cost-effective solutions such as tape, restoration assurance and secure cloud storage in order to effectively meet the demands of IT, LOB and the legal and compliance teams. IT can strive to make data as secure as possible from the beginning to avoid conflict and proactively address concerns throughout implementation.

Consider Partnering with a Third-Party Vendor

Vendors with specific expertise and technology offerings can help relieve the data-archiving burden and provide great value to the CDO and the Archiving Committee. The right vendor will be able to deliver a solution that provides legal and compliance with the repeatable and defensible access they need to mitigate risk while also freeing up internal IT resources to focus on more strategic and innovative work.


Previous Post

Noncompliance with New EU Data Privacy Rules can be Costly

Next Post

RSA Archer® GRC Inspires Everyone to Own Risk Within the Enterprise

Eileen Sweeney

November 5 - Eileen Sweeney headshot (266x400)Eileen Sweeney is Senior Vice President and General Manager of Data Management at Iron Mountain; the division provides service to more than 30,000 customers across 75 markets via nearly 100 data management facilities. Sweeney is responsible for the continued development of the data management portfolio to support customers’ evolving information management needs. Prior to joining Iron Mountain, Sweeney served as Vice President and General Manager of CSC’s global manufacturing segment, where she improved the group’s pipeline development and increased operating growth. She spent 20 years with CSC and held a number of senior positions, including global president of the manufacturing sector and managing director of the consulting group. Prior to CSC, Sweeney worked at Coopers & Lybrand Consulting and General Electric. She holds a Master of Business Administration and Master of Science in Industrial Engineering from Northwestern University, as well as a Bachelor of Science in Electrical Engineering from Union College.

Related Posts

hand showing three fingers on gray background

A Culture of Compliance: The 3 R’s

January 19, 2021
2021 with light bulb in place of zero on orange background

Why 2021 is a Fresh Start for Compliance Training

January 18, 2021
wrench with 100 dollar bills

DOJ Launches 2 Criminal Prosecutions of Illegal No-Poach and Wage-Fixing Agreements

January 14, 2021
mobile health care app

Prioritizing Compliance Along Health Care’s Digital Transformation Journey

January 14, 2021
Next Post
RSA Archer® GRC Inspires Everyone to Own Risk Within the Enterprise

RSA Archer® GRC Inspires Everyone to Own Risk Within the Enterprise

Access realtime data

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights