Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Exploring the Core eDiscovery workflow

  1. Home
  3. Exploring the Core eDiscovery workflow

Go back to Tutorial

In this, we will learn about Core eDiscovery workflow.

To get you started using core eDiscovery, here’s a simple workflow of creating eDiscovery holds for people of interest, searching for content that relevant to your investigation, and then exporting that data for further review.

Core eDiscovery workflow
Image Source: Microsoft
1. Create an eDiscovery hold.
  • After creating a case, firstly, place a hold on the content locations of the people of interest in your investigation. Content locations include Exchange mailboxes, SharePoint sites, OneDrive accounts, and the mailboxes and sites associated with Microsoft Teams and Office 365 Groups.
Practice tests Core eDiscovery workflow
  • Secondly, when you create an eDiscovery hold you can preserve all content in specific content locations or you can create a query-based hold to preserve only the content that matches a hold query.
  • In addition to preserving content, another good reason to create eDiscovery holds is to quickly search the content locations on hold when you create and run searches in the next step. After completing your investigation, you can release any hold that you created.
2. Search for content.

After you create eDiscovery holds, use the built-in search tool to search the content locations on hold. However, you can also search other content locations for data that may be relevant to the case. You can create and run different searches that associate with the case. Then, you use keywords, properties, and conditions to build search queries that return search results with the data that’s most likely relevant to the case. Further, you can also:

  • Firstly, view search statistics that may help you refine a search query to narrow the results.
  • Secondly, preview the search results for quickly verifying status of the relevant data.
  • Lastly, revise a query and rerun the search.
3. Export and download search results.
  • After you search for and find data that’s relevant to your investigation. Then, you can export it out of Office 365 for review by people outside of the investigation team. Exporting data is a two-step process. After that, firstly, export the results of a search in the case out of Office 365.
  • Secondly, use the eDiscovery Export tool to download the content to a local computer. In addition to the exported data files, the contains of the export package also contains an export report, a summary report, and an error report.
sc-900 online course

Reference: Microsoft Documentation

Go back to Tutorial

Menu