Corporations today dedicate broad efforts and even departments of people focused on corporate governance, compliance and risk reduction. TCDI is no different in that respect, but in our business, our efforts extend to reducing risk for our clients as well.
Our eDiscovery and case management clients have the right to expect that the data and services they entrust to us and receive are managed and delivered with the highest levels of quality and rigor. TCDI delivers on these expectations beginning with the hiring and training of our staff, combined with the implementation of standards, processes and controls in all facets of what we do.
Following are several key aspects of our commitment to our clients:
SAS 70 Type II Audits
In addition to internal audits and periodic audits performed on behalf of our clients, TCDI submits to an annual independent SAS 70 Type II Audit. What that means to you is we are serious about providing the highest levels of assurance and that the products and services we deliver adhere to high standards of quality and control. The SAS 70 Type II audit focuses on several key areas that are important to our clients.
Security is paramount in our business. TCDI is committed to client security, and evaluates our own security capabilities from physical, data and network perspectives:
- Physical – Access to all non-public areas is controlled on a need-to-have basis with card-key readers granting individualized entry. For added security, data center access includes biometric readers. TCDI facilities also deploy the most current technology for surveillance and intrusion detection, and maintains off-duty police protection on site during specific after-hours periods.
- Data – Data security starts with controlling internal and user data access through steps that may include multi-factor authentication. Additionally, all client data is logically or physically segregated to ensure no co-mingling occurs. User connectivity is controlled by SSL protocol and user access to data is controlled through security groups set up to allow specific users access to specific collections of data. Backups include encryption of data as it comes off the server, as well as off-site storage.
- Network – Each client site has a dedicated network segment, and site access can be restricted to specific IP address ranges, if desired. Multiple-facing firewalls are standard and ensure your data is contained in a secure cocoon.
Data is managed on many different fronts and, in each case, is controlled by standardized sets of processes, procedures and quality control actions. These processes and procedures have been deeply vetted, adhere to industry standards and are repeated in every case.
Data received for eDiscovery processing adheres to a strict chain-of-custody upon intake. Before processing begins, this data is forensically copied so that work is performed on copies, while the original data remains on the delivery media securely stored in TCDI’s Evidence Room. We use high levels of automation to manage processing and loading of data which reduces the errors due to human handling and allows for automated auditing from data intake through document production.
TCDI develops and maintains the code to our proprietary processing engine, Discovery WorkFlow®, and our ClarVergence® platform for document review & production and case management. Although we maintain capabilities to respond to client needs quickly, we balance that with adherence to process and quality assurance steps including:
- Internal process for approval of development requests and priorities
- Documentation of development specifications
- Development guidelines and code documentation
- Developer implemented QA
- Code review by peers
- Full code and functionality QA
- Load and concurrency testing
- Beta testing
As with all other areas, our Project Management teams are guided by standards, processes and procedures to ensure that day-to-day technical management of client projects is conducted with the highest levels of project quality and client satisfaction. In conjunction with the client, TCDI Project Managers document a project plan that, at a minimum, covers the:
- Scope and nature of the project
- Pertinent dates and timelines
- Data management issues (culling and processing specifications for eDiscovery; data collections, intake and editing for case management)
- Review and workflow guidelines
- Production guidelines, dates and required formats
- Reporting requirements
- Change procedures
Our Project Managers also adhere to high service level standards governing the quality and responsiveness of their client interactions.