Investigating Your eDiscovery Project Assumptions Series, Part 3

A multi-part series providing guidance on how to effectively scope and plan eDiscovery projects

In the first Part of this series, we reviewed the value of preparation, planning, and checklists, as well as the evolving challenges and expectations associated with eDiscovery project planning.  In the second Part, we discussed the initial eDiscovery project scoping steps you must take.  In this Part we begin our discussion of the investigative steps that can follow.

Coming Back Down to Earth

Once you have collaborated with knowledgeable individuals to brainstorm hypothetical materials and potential sources (and prioritize them), you are ready to begin investigating the facts on the ground to bridge the gap from your imagination to actual reality.  A variety of investigative options are available for accomplishing this, including: targeted interviewing; data mapping; surveying; and, sampling.  Which one (or more than one) will be most useful to you will depend on your circumstances – in particular, your expected number and types of sources.  For example:

• The larger your project, the more investigative steps you’ll need to take
• The more systems and sources by count, the more useful a data map is
• The more custodians by count, the more useful surveys and samples are

Targeted interviews are the easiest investigative step and a common first one.  In this context, conducting targeted interviews is like conducting a limited number of custodian interviews with key personnel.  This process is typically less formal (i.e., no full script) and less complete (i.e., most individual custodians aren’t included) than the official custodian interview process, which will come later in the project.  (As we noted in the first Part, “planning an eDiscovery project is an iterative process that overlaps and intersects with other early project activities.”)

Your goal in the targeted interviews is to review your list of prioritized, hypothetical materials with individuals that have knowledge of the potentially relevant enterprise, departmental, and third party systems – as well as the computers and devices typically issued to individual custodians within the organization – to confirm or deny your assumptions and gather the information you will need to scope and plan further.

Although these targeted interviews are fewer and less formal than custodian interviews, much of the same guidance on conducting them effectively is useful.  You can download our recent, free Practice Guide on Conducting Effective Custodian Interviews here.

Let’s Do Some Quick Cartography

Your next investigative option is data mapping.  Data mapping is the process of “mapping” the various data stores and sources in an organization.  Many organizations do some version of this already for non-legal purposes.  For example, the IT or IS department may have “maps” of the organization’s servers, computers, and enterprise systems, along with directories of installed software.  A data map for the legal activities like eDiscovery, however, is a related but distinct thing.  This kind of data map needs to combine system details, content details, and other key details (e.g., who owns it, any built in export tools, etc.) to facilitate preservation and collection.

Ideally, data mapping for legal activities would be undertaken on a proactive, organization-wide basis rather than in response to a specific matter, but engaging in some targeted, reactive data mapping is better than none and well worth doing.  (And, it can form the basis for proactively proceeding to organization-wide data mapping once the current matter has concluded.)

In this context, you would be working your way down your potential materials/hypothetical sources list, reviewing them with relevant individuals (from IT/IS, Records Management, etc.) and reviewing relevant (information systems and records management) documentation, attempting to flesh out that list with concrete details.  What you will be attempting to build is less a literal “map” than a spreadsheet or matrix.  Your final product will be a searchable, sortable, filterable reference tool listing sources in rows and relevant details about them in columns.  Things you may want or need to know about each source include:

• Source type (e.g., enterprise, department, individual custodian)
• Owner/manager of source (e.g., specific IT contact, department manager, or custodian)
• Types, models, and years for source’s hardware systems or custodian devices
• Versions, years, and other details for source’s relevant software
• Available native search and export tools/features, if any, and relevant details
• Limitations of such tools, if any (e.g., one mailbox at a time, can’t search nested content)
• Desired materials expected to be there (including expected formats, dates, etc.)
• Expected volume of materials from source (e.g., record count, file volume)
• Relative priority (and sensitivity, if applicable) of those desired materials

Gathering and organizing this information (or as much of it as time and circumstances permit) will enable you to scope and plan your needed preservation and collection activities with a high degree of precision.  You will know which sources can be handled internally and which require specialists, which are likely to present technical challenges and which can be had quickly, and which are most likely to be really important and which are most likely to be duplicative.

Investigation Activity Checklists

As we noted in the first Part, checklists are invaluable tools for ensuring consistency and completeness in your efforts.  Here are model checklists for targeted interviews and for data mapping, which you can customize for your organization:

Targeted Interviews

1. Who is familiar with enterprise, departmental, and/or third party systems?
2. Who can provide details about employee computers, devices, and usage?
3. Who else might be able to confirm or deny assumptions about what’s there?
4. What details would you ideally like to know about the potentially relevant sources?
5. Has everything from your prioritized list been reviewed, detailed, and documented?

Data Mapping

1. What kinds of hypothetical systems and devices are implicated by your list?
2. What details about those systems would it be most useful for you to know?
3. From where and whom within the organization could those details be gathered?
4. Have all relevant (and reasonably obtainable) source details been gathered?
5. Are those details consistently described in a manipulable spreadsheet or matrix?

Upcoming in this Series

In the next Part of this series, Surveying and Sampling During eDiscovery Project Planning, we will continue our discussion of investigation activities by discussing surveys and sampling.