Home » Articole » EN » Computers » Computer security » Standards in the field of digital forensics

Standards in the field of digital forensics


(Source: Scientific Working Group on Digital Evidence)

Principle 1

In order to ensure that digital evidence is collected, preserved, examined, or transferred in a manner safeguarding the accuracy and reliability of the evidence, law enforcement and forensic organizations must establish and maintain an effective quality system. Standard Operating Procedures (SOPs) are documented quality-control guidelines that must be supported by proper case records and use broadly accepted procedures, equipment, and materials.

Standards and Criteria 1.1
All agencies that seize and/or examine digital evidence must maintain an appropriate SOP document. All elements of an agency’s policies and procedures concerning digital evidence must be clearly set forth in this SOP document, which must be issued under the agency’s management authority.

Standards and Criteria 1.2
Agency management must review the SOPs on an annual basis to ensure their continued suitability and effectiveness.

Standards and Criteria 1.3
Procedures used must be generally accepted in the field or supported by data gathered and recorded in a scientific manner.

Standards and Criteria 1.4
The agency must maintain written copies of appropriate technical procedures.

Standards and Criteria 1.5
The agency must use hardware and software that is appropriate and effective for the seizure or examination procedure.

Standards and Criteria 1.6
All activity relating to the seizure, storage, examination, or transfer of digital evidence must be recorded in writing and be available for review and testimony.

Standards and Criteria 1.7
Any action that has the potential to alter, damage, or destroy any aspect of original evidence must be performed by qualified persons in a forensically sound manner.

Leave a Reply

Your email address will not be published. Required fields are marked *