Unified Risk List for Electronically Stored Information Subject to eDiscovery in Cloud Computing
Abstract
Electronic discovery is the process of
production of electronically stored information
(ESI) for use in legal court or corporate
investigations. When eDiscovery is performed over
a cloud service, the amount of risks to the process
increase. Therefore, the purpose of the project is to
define the risks affecting ESI residing in a cloud
environment that are subject to eDiscovery. This
project also seeks to state which risks have the most
impact and which are more likely to occur, and
provide recommendations to mitigate these risks.
To achieve this, a list of risks was compiled from
different sources and the risks related to
eDiscovery were selected. The risks were evaluated
using a qualitative risk analysis to determine
likelihood and impact. Vulnerabilities and control
recommendations were established for the compiled
risks and conclusions were drawn. Control
recommendations provide a perspective on areas
that require attention for risk mitigation.
Key Terms - Cloud Computing, Electronic
Discovery, ESI, Risk Analysis.