Five Best Practices for Corporate Counsel

Based on a projection of the kinds of strategic initiatives successful law departments will be undertaking in respect to data management, metrics and compliance, the author suggests some best practices. Number one is prepare for a cyberbreach, considering internal as well as external threats. Establish a plan in case your data is compromised. Review privileged-user policies as well as current access capabilities through administrative rights to privileged data, and consider using the proposed National Institute of Standards and Technology guidelines.

Focus on information governance. With a solid governance foundation, organizations can be in a position to defensibly dispose of information that surpasses all regulatory, legal and operational needs. Organizations may want to investigate technological solutions to track and manage policy management, approvals, compliance training and investigations. Also, they may consider appointing an information governance officer. Draft a “bring your own device” policy to address smartphone use, and to insure its independence, consider separating the compliance function from the law department.

Remember that “what gets measured gets managed.” Law departments have traditionally been viewed as a cost center, and the usual key performance indicators employed by other departments may not accurately measure corporate counsel’s strategic contributions. To justify their budget and headcount, law departments must generate realistic numbers, supported by data, that they can report to the c-suite. Gathering data from industry surveys can offer a baseline perspective for measuring performance.