Digital forensics and eDiscovery are two closely related fields in the realm of computer science and information technology. A sound governance structure is the foundation of an effective information or data security program. It includes the board of directors and senior management setting the tone at the top and hiring skilled and qualified professionals in different domains, including but not limited to compliance, risk management, audit, internal controls, and fraud investigations. The hired professionals need to be aware of the digital channels and systems used by the organization to capture, process and record data or information.
Professionals that which board of directors hires include the Chief Information Security Officer, Chief Compliance Officer, Chief Technology Officer, Fraud Investigator, and Chief Risk Officer. These professionals collectively work to develop and implement policies and processes to ensure that digital financial crime risks are timely identified and managed appropriately.
In an organization such as a bank or a financial institution, the board of directors is primarily responsible for setting strong digital forensics and electronic discovery mechanisms and processes to ensure that the data and information remain transparent and not manipulated by internal or external stakeholders or criminals.
Oversight of Digital Forensics and eDiscovery and Governance Structure
The “tone at the top” is a public commitment at the highest levels of the organization to comply with information and data protection requirements as part of its core mission and recognition that this is critical to the overall information and data protection risk management framework. To ensure appropriate oversight of the information and data protection compliance culture, the board of directors forms a board-level sub-committee to periodically monitor the information and data protection issues and related regulatory compliances.
The board of directors may delegate the responsibility to the board-level committee to periodically meet and discuss significant compliance financial crimes or issues, breaches, and new regulatory requirements related to digital forensics, digital financial crimes, and management of information security risks.
The board ensures that a strong compliance culture and control environment is maintained. The board provides oversight and guidance to the senior management to implement the information security compliance program and allied policies duly approved by the board. The management forms the set of processes, reporting lines, systems, and structures that provide the basis for carrying out regulatory requirements across the organization. The control environment relates to the commitment of management and employees to integrity and ethical values.
For internal controls to be effective, an appropriate information and data protection control environment should demonstrate the following behaviors:
- The board reviews policies and procedures periodically and ensures their compliance;
- The board determines whether there is an audit and control system in place to periodically test and monitor compliance with internal control policies or procedures and to report to the board instances of noncompliance;
- The board ensures the independence of internal and external auditors such that the internal audit directly reports to the audit committee of the board, which is responsible to the board, and that the external auditor interacts with the said committee and presents a management letter to the board directly;
- The board ensures that appropriate remedial action has been taken when the instance of noncompliance is reported and that system has been improved to avoid recurring errors or mistakes;
- Management information systems provide adequate information to the board so that the board can have access to records if the need arises; and
- The board and management ensure communication of compliance policies within the organization.
The Business and Finance Consulting or BFC ensures that senior management implements board-approved digital forensics and e-discovery policies to avoid the risk of data and information losses. The BFC forms a management-level committee known as the Digital Forensics Investigations Management Committee or DFIMC. The DFIMC works on behalf of the BFC to regularly review and provide appropriate feedback to the management and employees regarding the organization’s overall compliance profile.
The DFIMC may comprise members, including Chief Information Security Officer, Chief Compliance Officer, Chief Technology Officer, Fraud Investigator, and Chief Risk Officer. They periodically meet to discuss the compliance status and progress of any digital financial crime investigations initiated by the relevant financial crime investigation team.
Digital forensics is the process of investigating and analyzing digital devices and data sources in order to gather evidence for legal, criminal, or administrative purposes. This includes the recovery, preservation, and analysis of electronic data that may be used as evidence in a court of law.
eDiscovery, on the other hand, refers to the process of identifying, collecting, and producing electronically stored information (ESI) in response to a legal request or regulatory investigation. It involves the use of technology tools and techniques to locate and analyze data that may be relevant to a legal case or dispute.
While both digital forensics and eDiscovery involve the use of similar tools and techniques, their primary focus is different. Digital forensics is focused on investigating and analyzing digital devices and data to uncover evidence of wrongdoing, while eDiscovery is focused on finding and producing relevant digital evidence for legal purposes.