Seven years ago this month, BIA co-published on edrm.net the industry’s first E-Discovery Maturity Model. The model was designed to help organizations better understand how they were handling e-discovery and how they can improve their processes and reduce costs over time.
As the effects of the Great Recession were still being felt, corporate and organizational leaders were looking for ways to increase efficiency and reduce costs, and the E-Discovery Maturity Model helped outline a path for organizations to do just that. And then when the spotlight on data security began to grow even brighter, the impetus to truly take control of the organization’s data and e-discovery process became even more important, and the model helped there as well.
Back in 2010, most organizations still found themselves ranked in the lower levels of the model, with the majority still outsourcing nearly all of their e-discovery needs to their law firms or other service providers, with little to no oversight or involvement. But over the past seven years, things have changed at an increasing pace, with more and more companies starting to take control of their e-discovery processes, and thereby moving up the levels in this model.
Given that shift, we felt it time to revisit our E-Discovery Maturity Model and discern how well it has held up to real world practices. As the graphic illustrates, the Model covers four key areas of growth and maturity across five levels, from an entirely reactionary, ad-hoc and chaotic experience to a well-defined, automated and integrated business process.
After some examination, including a look at how our own clients have grown over the period, we found that the Model has held up and continues to provide an accurate and effective roadmap for organizations that want to improve their e-discovery practices.
While some organizations may jump a few levels at once, for the most part, we found that most tended to follow the process one step at a time. We also found, not surprisingly, that the speed at which these steps are achieved correlates with the number of legal events an organization experiences.
At Level 1, the organization has little to no experience with legal events generally or e-discovery procedures specifically. When that first event occurs, organizations at this level typically find themselves floundering in unfamiliar waters — struggling to accomplish even some of the most routine data preservation tasks. Decisions are often made outside of the enterprise, data collections are done in a haphazard manner by IT or individual employees, and there is little understanding or appreciation of the increased risks and high costs that such an approach creates.
However, after an often harrowing first experience or two, most organizations quickly realize that an ad-hoc approach to e-discovery is not tenable and will begin to move up the maturity model to a level that’s more fitting to their organization. The speed of this movement depends on the organization’s individual litigation profile. While not every organization will — or needs to — move to the highest level in the model, every organization eventually will strive to reach at least a Level 3 or 4 in the Model.
Most organizations only have to experience one legal event to quickly find themselves maturing to Level 2, where basic pre-planning, organization and expert advice are generally first utilized. Organizations often look first to their outside legal counsel for advice and assistance in creating at least a basic plan for how to handle future legal events, but the organization itself still doesn’t take control of the process directly. And thus, while the process itself starts to become less chaotic and disruptive, organizations are still not in control over the process or the costs.
Once organizations truly commit to taking control of e-discovery, they move into the upper levels of the model. At Level 3, the enterprise will vet and contract directly with a service provider that can manage the entire e-discovery workflow. The organization will designate internal staff to be the primary coordinators of all legal event processes, and standardized processes and practices begin to take shape. And, rather significantly, at this stage the organization truly starts to be able to understand and control its costs.
As organizations then mature through Level 4 and eventually reach Level 5, they become focused primarily on optimizing the methods, processes and policies that control the e-discovery process within the organization. The process moves from being a standard, repeatable process to one that is tweaked to maximize efficiency, reduce costs and eventually become automated. The work itself often shifts more from external suppliers to internal systems and expertise. And while not every organization will necessarily need to reach Level 5, as we mentioned above, most organizations will find a spot somewhere north of the third level of the maturity model.
We’ve seen countless organizations embrace the E-Discovery Maturity Model and start to take control over the impact, costs and disruption that legal events can have. And whether or not the organization specifically cites the Model, the fact that it still maps to most such efforts is an incredible indicator of its resilience and staying power.
In the end, without exception, every single organization that has embraced the E-Discovery Maturity Model, knowingly or not, has realized significant improvements as a result. From eliminating the utter chaos at the lower levels, to truly becoming master of their own e-discovery domain, every organization will see benefits at each step along the way.
Brian Schrader, Esq., is president of BIA, a leader in reliable, innovative and cost-effective e-discovery services. With early career experience in information management, computer technology and the law, Brian co-founded BIA in 2002 and has since developed the firm’s reputation as an industry pioneer and a trusted partner for corporations and law firms around the world. He can be reached at firstname.lastname@example.org.