OPTIONAL OR CRITICAL?
Standard Operating Procedures (SOPs) are the cornerstone of any successful law firm operation. SOPs help prevent mistakes and curb waste by providing staff with structure and a clear roadmap to follow. Without them, law firms suffer from inconsistency, chaos and lack of control. Likewise, having SOPs is a must for legal IT departments. From lost equipment to lost passwords and data, not having written policies and procedures can create liability and losses that are sometimes unrecoverable.
Legal IT professionals often experience challenges in taking their goal of having SOPs from "pie in the sky" to reality. Developing written policies and procedures takes time and dedication. It takes time to write them and perfect them, and perseverance and consistency to apply and enforce them. But once they are developed and are in use, the benefits are many and the risks are dissipated.
This article explores some of the ways SOPs can be used to manage information technology and to create operational and procedural efficiencies within law firms.
Standard Operating Procedures are instrumental to having tight inventory controls.
A firm's inventory management policies, at a minimum, should include procedures and checklists for the following:
- Tagging and tracking equipment;
- Purchasing equipment
- Disposing of equipment
- Taking physical inventory: frequency, method
- Physical inventory listing; and
- Record maintenance
Frequently, law firms have inventory management policies in place, but their success in understanding and accurately reporting their inventory counts depends on how thorough their SOPs are. Some of the possible consequences for firms that lack tight inventory controls include:
- Lost or stolen equipment
- Lack of accountability
- Inaccurate inventory counts
- Excessive purchases and inventory
- Inconsistency in inventory procedures
- Incorrect records or missing equipment information; and
- Over or under reporting net worth
Having written policies and procedures for management and staff to address technology inventory helps firms keep tight controls on assets and accurately report their net worth.
Business Continuity Plan
Thorough SOPs are also the foundation of a good business continuity plan. SOP's provide the business continuity roadmap management and staff should follow; these steps become the backbone of the plan. Although it is impossible to fully address business continuity plans in this article, it must be noted that Standard Operating Procedures are a must for disaster recovery.
Independent of size or complexity, every firm should have a written business/disaster recovery plan that, at a minimum, establishes and addresses:
- the disaster recovery team
- critical contact information
- physical inventory
- software information and network mapping
- back-up systems
- disaster recovery procedures; and
- rebuilding process
In addition to providing a step-by-step plan, disaster recovery procedures should include action checklists with executable items for initiating and carrying out the disaster recovery plan.
Checklists should include:
- Notifying individuals on an escalation matrix
- Contacting and setting up the disaster recovery team
- Contacting back up site
- Contacting any required regulatory agencies
- Renting or purchasing any necessary temporary equipment
- Obtaining cash
- Notifying insurance companies; and
- Visiting the back-up site
Once the written business continuity plan is in place, it must be tested and evaluated regularly to ensure that the processes work. Firms that have an untested disaster recovery plan in place run the risk of system failure and an increased economic impact in the event of a contingency. Further, the plan should be looked at as a changing document; one that adapts and changes as the firm's operations change.
Written policies and procedures are the foundation of any thorough and solid disaster recovery plan that works. As a tool, they provide management and staff with checklist steps and actionable items that ensure business continuity and minimize the economic impact of interruptions.
The Technology Binder: 'A to Z' of firm technology
Creating a technology binder is hard work. But the consequences of not having one can make the job of any IT professional even harder. The technology binder operates as a set of Standard Operating Procedures; like an IT encyclopedia that contains all the information and procedures related a firm's technology infrastructure.
Tech binders are no longer actual binders. Instead, they are electronic files that should be stored offsite in a secure location.
What are the reasons law firms should keep technology e-binders?
- Information management Often, information that is not reduced to writing leaves with staff that moves on. Binders are also tools that help law firms keep critical information in one central location.
- Disaster Recovery Law firms that keep technology binders fare better during a crisis than firms that do not have their information in one centralized location. In order to maximize efficiency and minimize down time, law firms should ensure that the information contained in their business continuity plan and technology binder is consistent.
- Efficiency and Profits Keeping a technology binder creates efficiencies for law firms and cuts down on waste leading to increased profits. When technology information is not kept in a centralized location, management and staff waste time and resources looking for it every time they need it. Just think of all the time that is wasted by one person each time a username or password is forgotten or each time someone needs a software key that cannot be found. That waste extrapolated over an entire staff costs the law firm money.
Well organized technology e-binders typically include:
- Email provider along with master login and password
- Workstation information, including workstation names, usernames and passwords, operating system information
- IP addresses
- Equipment service tags or serial numbers
- Dates of purchase of equipment and warranty information
- Network policies and mapping
- Administrative logins and logins for tools or web services
- License information; and
- Troubleshooting notes
While keeping a technology binder has many upsides, security can be a concern, especially if the binder contains passwords. Therefore, it is critical that the binder be kept in secure offsite location or that certain passwords be stored in an alternative secure location.
Training New Staff
When law firms lack written policies and procedures, training new and existing staff can be challenging, particularly for IT professionals. Managing law firm technology means managing lots of information and moving parts. When there are written policies and procedures, training becomes simpler and faster. With all of the information in one central location, new employees have a reference during and after training.
For managers, having written policies creates operational efficiencies. Training becomes consistent with all new hires learning the same information. In addition to creating consistency and repeatable processes, SOP's reduce the risk associated with employee turnover. Having SOPs in place reduces the risk of the firm's knowledge base walking out the door.
Just as every other law firm department should have a set of Standard Operating Procedures, so, too, must the IT department. Sops are a necessity for those IT professionals that wish to create efficiencies and drive increased profitability. From managing inventory to managing information, having written policies makes procedures consistent and eliminates waste and confusion among management and staff.
In times of crisis, having written policies and procedures are also a necessity, especially for those who wish to minimize down time and economic loss.
This article is a reprint of an article recently published in Law Journal Newsletters Volume 29, Number 9.