Cruz eDiscovery provides consultancy in internal investigation and litigation response planning process. The first step usually involves creation of applicable rules of e-discovery (federal or state) to the case facts. The process by which the discovery of electronic information occurs depends on the jurisdiction of the court and the type and complexity of the case to be litigated. The process also depends on the scope and complexity of the organization's business and state of operations. Based on the case facts Cruz eDiscovery creates an investigation and litigation response team consisting of experienced E-Discovery technologists and lawyers.

Cruz eDiscovery professionals can assist representative law firm to conduct an assessment of the organization's current practices against the e-discovery rules that are applicable to the organization and jurisdiction.

Cruz eDiscovery can undertake implementation of the policies and procedures necessary to successfully manage the e-discovery process. The steps include discussion and analysis of e-discovery issues and development of organizational resources such as enterprise's retention and destruction schedules and IT system diagrams. Cruz eDiscovery professionals in the litigation response team oversee the identification, collection, preservation, search, retrieval, and production of responsive electronic and other potentially relevant information related to pending and current litigation. They can provide inputs to lead counsel/litigator about the forms, formats, methods, status, costs, location, and production issues of potentially responsive information. Cruz eDiscovery professionals also assist in the ongoing review, monitoring, and evaluation of e-discovery processes within the organization.

Cruz eDiscovery professionals also have the experience to assist in the preparation for a meet and confer pre-trial conference.

A document-retention policy is an important tool that a company uses to address the systematic creation, retention and disposition of corporate records. Records are required to be maintained as evidence by organizations in the pursuance of legal obligations and they may exist on innumerable forms including paper, e-mail, electronic files, drives, Blackberry devices, laptops, compact disks, machine-readable computer records and voicemail.

Cruz eDiscovery Professional Services includes defining the scope of corporate record management policy including identification of custodians, departments, individuals and exceptions to the policy. The policy also addresses the retention periods, retention methodologies (e.g., storage, format and location) and how to handle confidential materials and communications and privacy considerations for employees.

Cruz eDiscovery Professional Services includes audit, planning, and implementation of backup and archiving systems. Cruz eDiscovery ensures that the backup policy clearly defines which data needs to be backed up and in what frequency. The data owners as well as administrators are informed and the means of backing up are tested for effective backups. The data must include the mail stores, server resident database and file share contents as well as the data residing on the end user desktops and laptops. Backup systems must be tested for not only successful archiving onto the backup media, but also for successful restoration in the event of unexpected data loss. Backup and archiving systems planning must conform to the document retention policy and with reasonable efforts be able to produce the required data that is expected to be retained as per the policy in effect. Specific attention will be paid to former employees' data on their laptops, desktops, shared drives, email etc.

Cruz eDiscovery provides Professional Services for the development of formal incident response programs, policies and procedures. Cruz eDiscovery's Technical and Legal teams provide consulting services to the IT department and eDiscovery Readiness Council of the organization in setting the policies, implementing them and periodically auditing for conformance. Depending on the nature of the business, and potential vulnerabilities that might exist, incidents can include but are not limited to unauthorized access, malicious code, network probes and denial of service attacks. Any adverse event in an information system, and/or network, or the threat of the occurrence of such an event must be dealt with according to a well defined Incident Response Program (IRP). IRP must include policies and procedures, compliance monitoring, and intrusion detection system as necessary for the organization. Daily monitoring of threat advisories, log inspections and guidelines to classify the threat are important elements of the IRP. Irrespective of the criticality, incidents must be reported and followed up as per the procedures defined in this program. Response actions will typically include investigation that may involve forensic expertise, classification, recovery of any lost or damaged information, and follow up procedures to resume normal operation.

Cruz eDiscovery provides Professional Services for investigation and audit of the data integrity across the network. Investigation focus on the system and processes are put in place to ensure network data integrity. Distributed information processing, which is common in today's enterprise network, leaves room for discrepancies to occur in the data residing on different processing nodes. The first step is to obtain the network map of the relevant data. The next step includes auditing of the systems and processes that are put in place (automated or manual) to ensure the network data integrity. Investigation will focus on whether the systems and processes are designed and deployed to start with, and then on effective implementation of them by way of inspection of logs and audit trails.