I want to dig a little deeper into what is involved in Step 2 of the Shared Drive Remediation process… the Definition of the Remediation Execution Process.

Once the remediation policies have been defined (rules about what defines various classes of Information Assets and what actions to take on them), the next step is to define in detail the actual remediation process from an execution point of view:

Activity	Description	Notes
Survey and Inventory File Shares	Identify and generate an inventory of the File Shares within the organization	The foundation of the Map
Estimate Data Volumes	Assess the volume of content located within the various File Shares	Guesstimate?
Identify business nature of content	Identify the business nature of the content within each File Share	–
Define final state each File Shares	Determine the desired final state of each of the File Shares (or groups of them): Move off-line Decommission Continue to use for legacy content Limit use to new content only	Take into account the overall Digital transformation and IT strategy of the organization
Define batch-based remediation process	Define a batch-based remediation execution process: Define discrete batches Define batch groups Define exception handling procedure	–
Provision File Analytics solution needed for File Shares remediation work	Assess infrastructure requirements for the File Analytics solution and provision the infrastructure: Servers Database Audit trail Dashboards	–
Prioritize processing of batches	Prioritize the processing of batches and batch groups: Budget considerations Risk considerations (Risk Matrix) Legal considerations Value considerations Timeline and deadline considerations Compelling events considerations	Example: Abandoned File Shares for Completed Projects or File Shares of Departed Employees.
Define exception handling	Define what constitutes an exception to the processing rules and how these exceptions are handled: Apply policy/rule that is the safe choice Move to separate track for handling by a human	Example, missing metadata element that is deemed to be mandatory for classifying a record
Define monitoring and reporting	Define monitoring and reporting framework: Who to report to? Dashboard? What information include in report? Who to send notifications to and what are the thresholds?	–
Define a RACI model	Define a RACI model for remediation work to be performed.	RACI = Responsible, Accountable, Consulted, Informed
Obtain internal approvals	Obtain the necessary internal approvals for the policies as well as the start of remediation work: BOD (in some cases) Legal Business IT Risk	–

As stated previously, dealing with ESI is not necessarily part of the File Shares Remediation process. HOWEVER, it is a step that MUST precede any actual execution of remediation work.
Coming up next I will explore the definition of ROT content and the issues involved in it.
Check out the full series to get caught up and subscribe to our newsletter to keep up to date on all our content.

Cookie	Duration	Description
__cf_bm	1 hour	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.
__hssrc	session	This cookie is set by Hubspot. According to their documentation, whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
_GRECAPTCHA	6 months	Google Recaptcha service sets this cookie to identify bots to protect the website against malicious spam attacks.
cli_user_preference	1 year	Stores the user's cookies consent status.
cookielawinfo-checkbox-advertisement	1 day	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	1 day	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-functional	1 day	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 day	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	1 day	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Others".
cookielawinfo-checkbox-performance	1 day	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 month	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
PHPSESSID	session	This cookie is native to PHP applications. The cookie stores and identifies a user's unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all the browser windows are closed.
pll_language	1 year	This cookie is set by Polylang plugin for WordPress powered websites. The cookie stores the language code of the last browsed page.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__hssc	30 minutes	This cookie is set by HubSpot. The purpose of the cookie is to keep track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
li_gc	6 months	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_first_pageview	10 minutes	This is a session cookie set during the first display of the page on each visit. This cookie is used to shoot certain codes on the first display of the page and also to enhance the speed of the website.
AMCV_*AdobeOrg	1 year 1 month 4 days	Adobe-Dtm sets this cookie to find the unique user ID that recognises the user on returning visits.
AMCVS_*AdobeOrg	session	Adobe-Dtm sets this cookie to store a unique ID to identify a unique visitor.

Cookie	Duration	Description
__hstc	1 year 24 days	This cookie is set by Hubspot and is used for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_jsuid	1 year	Clicky sets this cookie to store information about a user's first visit to the site.
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CONSENT	16 years 5 months 19 days 15 hours	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
demdex	6 months	The demdex cookie, set under the domain demdex.net, is used by Adobe Audience Manager to help identify a unique visitor across domains.
hubspotutk	1 year 24 days	This cookie is used by HubSpot to keep track of the visitors to the website. This cookie is passed to Hubspot on form submission and used when deduplicating contacts.
s_cc	session	Adobe Analytics sets this cookie to determine whether or not cookies are enabled in the user's browser.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.

Cookie	Duration	Description
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_cfuvid	session	This cookie is set by HubSpot’s CDN provider because of their rate limiting policies. It expires at the end of the session.
_pk_id.1.00ba	1 year 1 month	Used to store a few details about the user such as the unique visitor ID
_pk_ses.1.00ba	1 hour	Description is currently not available.
eqy_siteid		Cookie deposited by TheTradeDesk, a software platform used by digital ad buyers to purchase advertising campaigns. eqy_siteid: site identification cookie (in the case of multi-site).
eqy_siteid		Cookie deposited by TheTradeDesk, a software platform used by digital ad buyers to purchase advertising campaigns. eqy_siteid: site identification cookie (in the case of multi-site).
gq_utm		We use GetQuanty to perform B2B Predictive Scoring and analyze visitor behavior on your websites, blogs, social networks and emailings in real time.
TEST_AMCV_COOKIE_WRITE	session	Description is currently not available.
VISITOR_PRIVACY_METADATA	6 months	Description is currently not available.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	Saves the user settings when retrieving a Youtube video integrated on other web pages.

Shared Drive Remediation: Step 2 Define Remediation Execution Process