What is this standard about?
Electronic discovery (eDiscovery) is the process of discovering pertinent Electronically Stored Information (ESI) by parties involved in an investigation, litigation or something similar. The last few years have seen an explosion in the volume of ESI and hence the growth of an eDiscovery industry.
This standard is Part 1 in a four part series that seeks to help organizations manage ESI in the context of eDiscovery and assist them with any form of investigation of ESI. It will also assist with any legal and regulatory requirements that are impacted by technology developments and the growth of big data.
Who is this standard for?
It will be of value to any organization that has digital systems, holds or receives ESI and must review and produce that data for any form of investigation. This will cover government departments, law firms and businesses in any sector.
Why should you use this standard?
It provides an overview of electronic discovery, including terminology, concepts and processes that can be leveraged by other parts of this standard and other standards.
The following standards are referenced in Part 1:
- ISO/IEC 27000, Information technology — Security techniques — Information security management systems — Overview and vocabulary
- ISO/IEC 27040:2015, Information technology — Security techniques — Storage security
- ISO/IEC 27037:2012, Information technology — Security techniques — Guidelines for identification, collection, acquisition, and preservation of digital evidence
- ISO/IEC 27041:2015, Information technology — Security techniques — Guidance on assuring suitability and adequacy of investigation methods
- ISO/IEC 27042:2015, Information technology — Security techniques — Guidelines for the analysis and interpretation of digital evidence
- ISO/IEC 27043:2015, Information technology — Security techniques — Investigation principles and processes
- ISO/IEC 38500:2015, Information technology — Governance of IT for the organization
- ISO/IEC 29100:2011, Information technology — Security techniques — Privacy framework
- ISO 15489:2016, Information and documentation — Records management