Book description
This is the first digital forensics book that covers the complete lifecycle of digital evidence and the chain of custody. This comprehensive handbook includes international procedures, best practices, compliance, and a companion web site with downloadable forms. Written by world-renowned digital forensics experts, this book is a must for any digital forensics lab. It provides anyone who handles digital evidence with a guide to proper procedure throughout the chain of custody--from incident response through analysis in the lab.
- A step-by-step guide to designing, building and using a digital forensics lab
- A comprehensive guide for all roles in a digital forensics laboratory
- Based on international standards and certifications
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- About the Authors
- Technical Editor Bio
- Acknowledgments
- Preface
- Chapter 1. Introduction
- Chapter 2. Forensic Laboratory Accommodation
- Chapter 3. Setting up the Forensic Laboratory
-
Chapter 4. The Forensic Laboratory Integrated Management System
- Abstract
- 4.1 Introduction
- 4.2 Benefits
- 4.3 The Forensic Laboratory IMS
- 4.4 The Forensic Laboratory Policies
- 4.5 Planning
- 4.6 Implementation and Operation
- 4.7 Performance Assessment
- 4.8 Continuous Improvement
- 4.9 Management Reviews
- Appendix 1 Mapping ISO Guide 72 requirements to PAS 99
- Appendix 2 PAS 99 Glossary
- Appendix 3 PAS 99 Mapping to IMS Procedures
- Appendix 4 The Forensic Laboratory Goal Statement
- Appendix 5 The Forensic Laboratory Baseline Measures
- Appendix 6 Environment Policy
- Appendix 7 Health and Safety Policy
- Appendix 8 Undue Influence Policy
- Appendix 9 Business Continuity Policy
- Appendix 10 Information Security Policy
- Appendix 11 Access Control Policy
- Appendix 12 Change or Termination Policy
- Appendix 13 Clear Desk and Clear Screen Policy
- Appendix 14 Continuous Improvement Policy
- Appendix 15 Cryptographic Control Policy
- Appendix 16 Document Retention Policy
- Appendix 17 Financial Management Policy
- Appendix 18 Mobile Devices Policy
- Appendix 19 Network Service Policy
- Appendix 20 Personnel Screening Policy
- Appendix 21 Relationship Management Policy
- Appendix 22 Release Management Policy
- Appendix 23 Service Management Policy
- Appendix 24 Service Reporting Policy
- Appendix 25 Third-Party Access Control Policy
- Appendix 26 Acceptable Use Policy
- Appendix 27 Audit Committee
- Appendix 28 Business Continuity Committee
- Appendix 29 Environment Committee
- Appendix 30 Health and Safety Committee
- Appendix 31 Information Security Committee
- Appendix 32 Quality Committee
- Appendix 33 Risk Committee
- Appendix 34 Service Delivery Committee
- Appendix 35 Whistle Blowing Policy
- Appendix 36 Management Review Agenda
- Appendix 37 Document Control Checklist
- Appendix 38 Document Metadata
- Appendix 39 File-Naming Standards
- Appendix 40 Watermarks in Use in the Forensic Laboratory
- Appendix 41 Document Review Form
- Appendix 42 IMS Calendar
- Appendix 43 Audit Plan Letter
- Appendix 44 Audit Reporting Form
- Appendix 45 CAR/PAR Form
- Appendix 46 Opening Meeting Agenda
- Appendix 47 Closing Meeting Agenda
- Appendix 48 Audit Report Template
- Appendix 49 Root Causes for Non-Conformity
-
Chapter 5. Risk Management
- Abstract
- 5.1 A Short History of Risk Management
- 5.2 An Information Security Risk Management Framework
- 5.3 Framework Stage 1 — ISMS Policy
- 5.4 Framework Stage 2: Planning, Resourcing, and Communication
- 5.5 Framework Stage 3: Information Security Risk Management Process
- 5.6 Framework Stage 4: Implementation and Operational Procedures
- 5.7 Framework Stage 5: Follow-up Procedures
- Appendix 1 Sample Communication Plan
- Appendix 2 Sample Information Security Plan
- Appendix 3 Asset Type Examples
- Appendix 4 Asset Values
- Appendix 5 Consequences Table
- Appendix 6 Some Common Business Risks
- Appendix 7 Some Common Project Risks
- Appendix 8 Security Threat Examples
- Appendix 9 Common Security Vulnerabilities
- Appendix 10 Risk Management Policy
- Appendix 11 The IMS and ISMS Scope Document
- Appendix 12 Criticality Ratings
- Appendix 13 Likelihood of Occurrence
- Appendix 14 Risk Appetite
- Appendix 15 Security controls from CobIT and NIST 800-53
- Appendix 16 Information Classification
- Appendix 17 The Corporate Risk Register
- Appendix 18 Comparison Between Qualitative and Quantitative Methods
- Appendix 19 Mapping Control Functions to ISO 27001
- Appendix 20 Mapping Security CONCERNS to ISO 27001
- Appendix 21 SoA Template
- Appendix 22 The Forensic Laboratory’s Security Metrics report
- Appendix 23 Mapping ISO 31000 and ISO 27001 to IMS Procedures
-
Chapter 6. Quality in the Forensic Laboratory
- Abstract
- 6.1 Quality and Good Laboratory Practice
- 6.2 Management Requirements for Operating the Forensic Laboratory
- 6.3 ISO 9001 for the Forensic Laboratory
- 6.4 The Forensic Laboratory’s QMS
- 6.5 Responsibilities in the QMS
- 6.6 Managing Sales
- 6.7 Product and Service Realization
- 6.8 Reviewing Deliverables
- 6.9 Signing off a Case
- 6.10 Archiving a Case
- 6.11 Maintaining Client Confidentiality
- 6.12 Technical Requirements for the Forensic Laboratory
- 6.13 Measurement, Analysis, and Improvement
- 6.14 Managing Client Complaints
- Appendix 1 Mapping ISO 9001 to IMS Procedures
- Appendix 2 Mapping ISO 17025 to IMS Procedures
- Appendix 3 Mapping SWGDE Quality Requirements to IMS Procedures
- Appendix 4 Mapping NIST-150 Quality Requirements to IMS Procedures
- Appendix 5 Mapping ENFSI Quality Requirements to IMS Procedures
- Appendix 6 Mapping FSR Quality Requirements to IMS Procedures
- Appendix 7 Quality Manager, Job Description
- Appendix 8 Business Plan Template
- Appendix 9 Business KPIs
- Appendix 10 Quality Plan Contents
- Appendix 11 Induction Checklist Contents
- Appendix 12 Induction Feedback
- Appendix 13 Standard Proposal Template
- Appendix 14 Issues to Consider for Case Processing
- Appendix 15 Standard Quotation Contents
- Appendix 16 Standard Terms and Conditions
- Appendix 17 ERMS Client Areas
- Appendix 18 Cost Estimation Spreadsheet
- Appendix 19 Draft Review Form
- Appendix 20 Client Sign-off and Feedback Form
- Appendix 21 Information Required for Registering a Complaint
- Appendix 22 Complaint Resolution Timescales
- Appendix 23 Complaint Metrics
- Appendix 24 Laboratory Manager, Job Description
- Appendix 25 Forensic Analyst, Job Description
- Appendix 26 Training Agenda
- Appendix 27 Some Individual Forensic Certifications
- Appendix 28 Minimum Equipment Records Required by ISO 17025
- Appendix 29 Reference Case Tests
- Appendix 30 ISO 17025 Reporting Requirements
- Appendix 31 Standard Forensic Laboratory Report
-
Chapter 7. IT Infrastructure
- Abstract
- 7.1 Hardware
- 7.2 Software
- 7.3 Infrastructure
- 7.4 Process Management
- 7.5 Hardware Management
- 7.6 Software Management
- 7.7 Network Management
- Appendix 1 Some Forensic Workstation Providers
- Appendix 2 Some Mobile Forensic Workstation Providers
- Appendix 3 Standard Build for a Forensic Workstation
- Appendix 4 Some Case Processing Tools
- Appendix 5 Policy for Securing IT Cabling
- Appendix 6 Policy for Siting and Protecting IT Equipment
- Appendix 7 ISO 20000-1 Mapping
- Appendix 8 Service Desk Manager, Job Description
- Appendix 9 Incident Manager, Job Description
- Appendix 10 Incident Status Levels
- Appendix 11 Incident Priority Levels
- Appendix 12 Service Desk Feedback Form
- Appendix 13 Problem Manager, Job Description
- Appendix 14 Contents of the Forensic Laboratory SIP
- Appendix 15 Change Categories
- Appendix 16 Change Manager, Job Description
- Appendix 17 Standard Requirements of a Request for Change
- Appendix 18 Emergency Change Policy
- Appendix 19 Release Management Policy
- Appendix 20 Release Manager, Job Description
- Appendix 21 Configuration Management Plan Contents
- Appendix 22 Configuration Management Policy
- Appendix 23 Configuration Manager, Job Description
- Appendix 24 Information Stored in the DSL and DHL
- Appendix 25 Capacity Manager, Job Description
- Appendix 26 Capacity Management Plan
- Appendix 27 Service Management Policy
- Appendix 28 Service Level Manager, Job Description
- Appendix 29 Service Reporting Policy
- Appendix 30 Policy for Maintaining and Servicing IT Equipment
- Appendix 31 ISO 17025 Tool Test Method Documentation
- Appendix 32 Standard Forensic Tool Tests
- Appendix 33 Forensic Tool Test Report Template
- Appendix 34 Overnight Backup Checklist
-
Chapter 8. Incident Response
- Abstract
- 8.1 General
- 8.2 Evidence
- 8.3 Incident Response as a Process
- 8.4 Initial Contact
- 8.5 Types of First Response
- 8.6 The Incident Scene
- 8.7 Transportation to the Forensic Laboratory
- 8.8 Crime Scene and Seizure Reports
- 8.9 Postincident Review
- Appendix 1 Mapping ISO 17020 to IMS Procedures
- Appendix 2 First Response Briefing Agenda
- Appendix 3 Contents of the Grab Bag
- Appendix 4 New Case Form
- Appendix 5 First Responder Seizure Summary Log
- Appendix 6 Site Summary Form
- Appendix 7 Seizure Log
- Appendix 8 Evidence Locations in Devices and Media
- Appendix 9 Types of Evidence Typically Needed for a Case
- Appendix 10 The On/Off Rule
- Appendix 11 Some Types of Metadata That may be Recoverable from Digital Images
- Appendix 12 Countries with Different Fixed Line Telephone Connections
- Appendix 13 Some Interview Questions
- Appendix 14 Evidence Labeling
- Appendix 15 Forensic Preview Forms
- Appendix 16 A Traveling Forensic Laboratory
- Appendix 17 Movement Sheet
- Appendix 18 Incident Response Report
- Appendix 19 Postincident Review Agenda
- Appendix 20 Incident Processing Checklist
-
Chapter 9. Case Processing
- Abstract
- 9.1 Introduction to Case Processing
- 9.2 Case Types
- 9.3 Precase Processing
- 9.4 Equipment Maintenance
- 9.5 Management Processes
- 9.6 Booking Exhibits in and out of the Secure Property Store
- 9.7 Starting a New Case
- 9.8 Preparing the Forensic Workstation
- 9.9 Imaging
- 9.10 Examination
- 9.11 Dual Tool Verification
- 9.12 Digital Time Stamping
- 9.13 Production of an Internal Case Report
- 9.14 Creating Exhibits
- 9.15 Producing a Case Report for External Use
- 9.16 Statements, Depositions, and Similar
- 9.17 Forensic Software Tools
- 9.18 Backing up and Archiving a Case
- 9.19 Disclosure
- 9.20 Disposal
- Appendix 1 Some International Forensic Good Practice
- Appendix 2 Some International and National Standards Relating to Digital Forensics
- Appendix 3 Hard Disk Log Details
- Appendix 4 Disk History Log
- Appendix 5 Tape log Details
- Appendix 6 Tape History log
- Appendix 7 Small Digital Media Log Details
- Appendix 8 Small Digital Media Device Log
- Appendix 9 Forensic CASE WORK Log
- Appendix 10 Case Processing KPIs
- Appendix 11 Contents of Sample Exhibit Rejection Letter
- Appendix 12 Sample Continuity Label Contents
- Appendix 13 Details of the Forensic Laboratory Property Log
- Appendix 14 Exhibit Acceptance Letter Template
- Appendix 15 Property SPECIAL HANDLINg Log
- Appendix 16 Evidence Sought
- Appendix 17 Request for Forensic examination
- Appendix 18 Client Virtual Case File Structure
- Appendix 19 Computer Details Log
- Appendix 20 Other Equipment Details Log
- Appendix 21 Hard Disk Details Log
- Appendix 22 Other Media Details Log
- Appendix 23 Cell Phone Details Log
- Appendix 24 Other Device Details Log
- Appendix 25 Some Evidence Found in Volatile Memory
- Appendix 26 Some File Metadata
- Appendix 27 Case Progress Checklist
- Appendix 28 Meeting the Requirements of HB 171
- Appendix 29 Internal Case Report Template
- Appendix 30 Forensic Laboratory Exhibit Log
- Appendix 31 Report Production Checklist
-
Chapter 10. Case Management
- Abstract
- 10.1 Overview
- 10.2 Hard Copy Forms
- 10.3 MARS
- 10.4 Setting up a New Case
- 10.5 Processing a Forensic Case
- 10.6 Reports General
- 10.7 Administrator's Reports
- 10.8 User Reports
- Appendix 1 Setting up Organisational Details
- Appendix 2 Set up the Administrator
- Appendix 3 Audit Reports
- Appendix 4 Manage Users
- Appendix 5 Manage Manufacturers
- Appendix 6 Manage Suppliers
- Appendix 7 Manage Clients
- Appendix 8 Manage Investigators
- Appendix 9 Manage Disks
- Appendix 10 Manage Tapes
- Appendix 11 Manage Small Digital Media
- Appendix 12 Exhibit Details
- Appendix 13 Evidence Sought
- Appendix 14 Estimates
- Appendix 15 Accept or Reject Case
- Appendix 16 Movement Log
- Appendix 17 Examination Log
- Appendix 18 Computer Hardware Details
- Appendix 19 Non-Computer Exhibit Details
- Appendix 20 Hard Disk Details
- Appendix 21 Other Media Details
- Appendix 22 Work Record Details
- Appendix 23 Updating Case Estimates
- Appendix 24 Create Exhibit
- Appendix 25 Case Result
- Appendix 26 Case Backup
- Appendix 27 Billing and Feedback
- Appendix 28 Feedback Received
- Appendix 29 Organization Report
- Appendix 30 Users Report
- Appendix 31 Manufacturers Report
- Appendix 32 Supplier Report
- Appendix 33 Clients Report
- Appendix 34 Investigator's Report
- Appendix 35 Disks by Assignment Report
- Appendix 36 Disks by Reference Number Report
- Appendix 37 Wiped Disks Report
- Appendix 38 Disposed Disks Report
- Appendix 39 Disk History Report
- Appendix 40 Tapes by Assignment Report
- Appendix 41 Tapes by Reference Number Report
- Appendix 42 Wiped Tapes Report
- Appendix 43 Disposed Tapes Report
- Appendix 44 Tape History Report
- Appendix 45 Small Digital Media by Assignment Report
- Appendix 46 Small Digital Media by Reference Number Report
- Appendix 47 Wiped Small Digital Media Report
- Appendix 48 Disposed Small Digital Media Report
- Appendix 49 Small Digital Media History Report
- Appendix 50 Wipe Methods Report
- Appendix 51 Disposal Methods Report
- Appendix 52 Imaging Methods Report
- Appendix 53 Operating Systems Report
- Appendix 54 Media Types Report
- Appendix 55 Exhibit Type Report
- Appendix 56 Case setup details Report
- Appendix 57 Case Movement Report
- Appendix 58 Case Computers Report
- Appendix 59 Case Non-Computer Evidence Report
- Appendix 60 Case Disks Received Report
- Appendix 61 Case Other Media Received
- Appendix 62 Case Exhibits Received Report
- Appendix 63 Case Work Record
- Appendix 64 Cases Rejected Report
- Appendix 65 Cases Accepted
- Appendix 66 Case Estimates Report
- Appendix 67 Cases by Forensic Analyst
- Appendix 68 Cases by Client Report
- Appendix 69 Cases by Investigator Report
- Appendix 70 Case Target Dates report
- Appendix 71 Cases Within “x ” Days of Target Date Report
- Appendix 72 Cases Past Target Date Report
- Appendix 73 Cases Unassigned Report
- Appendix 74 Case Exhibits Produced Report
- Appendix 75 Case Results Report
- Appendix 76 Case Backups Report
- Appendix 77 Billing Run Report
- Appendix 78 Feedback Letters
- Appendix 79 Feedback Forms Printout
- Appendix 80 Feedback Reporting Summary by Case
- Appendix 81 Feedback Reporting Summary by Forensic Analyst
- Appendix 82 Feedback Reporting Summary by Client
- Appendix 83 Complete Case Report
- Appendix 84 Processed Report
- Appendix 85 Insurance Report
-
Chapter 11. Evidence Presentation
- Abstract
- 11.1 Overview
- 11.2 Notes
- 11.3 Evidence
- 11.4 Types of Witness
- 11.5 Reports
- 11.6 Testimony in Court
- 11.7 Why Cases Fail
- Appendix 1 Nations Ratifying the Budapest Convention
- Appendix 2 Criteria for Selection an Expert Witness
- Appendix 3 The Forensic Laboratory Code of Conduct for Expert Witnesses
- Appendix 4 Report writing Checklist
- Appendix 5 Statement and Deposition Writing Checklist
- Appendix 6 Non-Verbal Communication to Avoid
- Appendix 7 Etiquette in Court
- Appendix 8 Testimony Feedback Form
-
Chapter 12. Secure Working Practices
- Abstract
- 12.1 Introduction
- 12.2 Principles of Information Security within the Forensic Laboratory
- 12.3 Managing Information Security in the Forensic Laboratory
- 12.4 Physical Security in the Forensic Laboratory
- 12.5 Managing Service Delivery
- 12.6 Managing System Access
- 12.7 Managing Information on Public Systems
- 12.8 Securely Managing IT Systems
- 12.9 Information Processing Systems Development and Maintenance
- Appendix 1 The Forensic Laboratory SOA
- Appendix 2 Meeting the Requirements of GAISP
- Appendix 3 Software License Database Information Held
- Appendix 4 Information Security Manager, Job Description
- Appendix 5 Logon Banner
- Appendix 6 The Forensic Laboratory’s Security Objectives
- Appendix 7 Asset Details to be Recorded in the Asset Register
- Appendix 8 Details Required for Removal of an Asset
- Appendix 9 Handling Classified Assets
- Appendix 10 Asset Disposal Form
- Appendix 11 Visitor Checklist
- Appendix 12 Rules of the Data Center
- Appendix 13 User Account Management Form Contents
- Appendix 14 Teleworking Request Form Contents
-
Chapter 13. Ensuring Continuity of Operations
- Abstract
- 13.1 Business Justification for Ensuring Continuity of Operations
- 13.2 Management Commitment
- 13.3 Training and Competence
- 13.4 Determining the Business Continuity Strategy
- 13.5 Developing and Implementing a Business Continuity Management Response
- 13.6 Exercising, Maintaining, and Reviewing Business Continuity Arrangements
- 13.7 Maintaining and Improving the BCMS
- 13.8 Embedding Business Continuity Forensic Laboratory Processes
- 13.9 BCMS Documentation and Records—General
- Appendix 1 Supplier Details Held
- Appendix 2 Headings for Financial and Security Questionnaire
- Appendix 3 Business Continuity Manager, Job Description
- Appendix 4 Contents of the Forensic Laboratory BIA Form
- Appendix 5 Proposed BCMS Development and Certification Timescales
- Appendix 6 Incident Scenarios
- Appendix 7 Strategy Options
- Appendix 8 Standard Forensic Laboratory BCP Contents
- Appendix 9 Table of Contents to the Appendix to a BCP
- Appendix 10 BCP Change List Contents
- Appendix 11 BCP Scenario Plan Contents
- Appendix 12 BCP Review Report Template Contents
- Appendix 13 Mapping IMS Procedures to ISO 22301
- Appendix 14 Differences Between ISO 22301 and BS 25999
-
Chapter 14. Managing Business Relationships
- Abstract
- 14.1 The Need for Third Parties
- 14.2 Clients
- 14.3 Third Parties Accessing the Forensic Laboratory
- 14.4 Managing Service Level Agreements
- 14.5 Suppliers of Office and IT Products and Services
- 14.6 Utility Service Providers
- 14.7 Contracted Forensic Consultants and Expert Witnesses
- 14.8 Outsourcing
- 14.9 Use of Sub-contractors
- 14.10 Managing Complaints
- 14.11 Reasons for Outsourcing Failure
- Appendix 1 Contents of a Service Plan
- Appendix 2 Risks to Consider With Third Parties
- Appendix 3 Contract Checklist for Information Security Issues
- Appendix 4 SLA Template for Products and Services for Clients
- Appendix 5 RFX Descriptions
- Appendix 6 The Forensic Laboratory RFx template checklist
- Appendix 7 RFX Timeline for Response, Evaluation, and Selection
- Appendix 8 Forensic Consultant’s Personal Attributes
- Appendix 9 Some Tips for Selecting an Outsourcing Service Provider
- Appendix 10 Areas to Consider for Outsourcing Contracts
-
Chapter 15. Effective Records Management
- 15.1 Introduction
- 15.2 Legislative, Regulatory, and Other Requirements
- 15.3 Record Characteristics
- 15.4 A Records Management Policy
- 15.5 Defining the Requirements for Records Management in the Forensic Laboratory
- 15.6 Determining Forensic Laboratory records to be Managed by the ERMS
- 15.7 Using Metadata in the Forensic Laboratory
- 15.8 Record Management Procedures
- 15.9 Business Continuity
- Appendix 1 MoReq2 Functional Requirements
- Appendix 2 Mapping of ISO 15489 Part 1 to Forensic Laboratory Procedures
- Appendix 3 Types of Legislation and Regulation That Will Affect Record Keeping
- Appendix 4 Forensic Laboratory Record keeping Policy
- Appendix 5 Record Management System Objectives
- Appendix 6 Business Case Contents
- Appendix 7 Outline of the ERMS Project
- Appendix 8 Selection Criteria for an ERMS
- Appendix 9 Initial ERMS Feedback Questionnaire
- Appendix 10 Metadata Required in the ERMS
- Appendix 11 Sample e-Mail Metadata
- Appendix 12 Forensic Case Records Stored in the ERMS
- Appendix 13 Dublin Core Metadata Elements
- Appendix 14 National Archives of Australia Metadata Standard
- Appendix 15 Responsibilities for Records Management in the Forensic Laboratory
- Appendix 16 Metadata for Records Stored Off-Site
- Appendix 17 Records Classification System
- Appendix 18 Disposition Authorization
- Appendix 19 Additional Requirements for Physical Record Recovery
- Appendix 20 Specialized Equipment Needed for Inspection and Recovery of Damaged Records
- Chapter 16. Performance Assessment
-
Chapter 17. Health and Safety Procedures
- Abstract
- 17.1 General
- 17.2 Planning for OH&S
- 17.3 Implementation and Operation of the OH&S Management System
- 17.4 Checking Compliance with OH&S Requirements
- 17.5 Improving the OH&S Management System
- Appendix 1 OH&S Policy Checklist
- Appendix 2 The Forensic Laboratory OH&S Policy
- Appendix 3 Health and Safety Manager Job Description
- Appendix 4 Some Examples of OH&S Drivers
- Appendix 5 The Forensic Laboratory OH&S Objectives
- Appendix 6 Sample Hazards in the Forensic Laboratory
- Appendix 7 Hazard Identification Form
- Appendix 8 Some Areas for Inspection for Hazards
- Appendix 9 Inputs to the Risk Assessment Process
- Appendix 10 OH&S Risk Rating
- Appendix 11 DSE Initial Workstation Self-Assessment Checklist
- Appendix 12 DSE Training Syllabus
- Appendix 13 DSE Assessors Checklist
- Appendix 14 Measurement of OH&S success
- Appendix 15 Specific OH&S Incident Reporting Requirements
- Appendix 16 OH&S Investigation Checklist and Form Contents
- Appendix 17 OH&S Incident Review
- Appendix 18 OHSAS 18001 Mapping to IMS Procedures
-
Chapter 18. Human Resources
- Abstract
- 18.1 Employee Development
- 18.2 Development
- 18.3 Termination
- Appendix 1 Training Feedback Form
- Appendix 2 Employee Security Screening Policy Checklist
- Appendix 3 Employment Application Form
- Appendix 4 Employment Application Form Notes
- Appendix 5 Some Documents That Can Verify Identity
- Appendix 6 Document Authenticity Checklist
- Appendix 7 Verifying Addresses
- Appendix 8 Right To Work Checklist
- Appendix 9 Reference Authorization
- Appendix 10 Statutory Declaration
- Appendix 11 Employer Reference Form
- Appendix 12 Employer’s Oral Reference Form
- Appendix 13 Confirmation of an Oral Reference Letter
- Appendix 14 Qualification Verification Checklist
- Appendix 15 Criminal Record Declaration Checklist
- Appendix 16 Personal Reference Form
- Appendix 17 Personal Oral Reference Form
- Appendix 18 Other Reference Form
- Appendix 19 Other Reference Form
- Appendix 20 Employee Security Screening File
- Appendix 21 Top Management Acceptance of Employment Risk
- Appendix 22 Third-Party Employee Security Screening Provider Checklist
- Appendix 23 Recruitment Agency Contract Checklist
- Appendix 24 Investigation Manager, Job Description
- Appendix 25 Forensic Laboratory System Administrator, Job Description
- Appendix 26 Employee, Job Description
- Appendix 27 Areas of Technical Competence
- Appendix 28 Some Professional Forensic and Security Organizations
- Appendix 29 Training Specification Template
- Appendix 30 Training Proposal Evaluation Checklist
- Appendix 31 Training Supplier Interview and Presentation Checklist
- Appendix 32 Training Reaction Level Questionnaire
- Appendix 33 The Forensic Laboratory Code of Ethics
- Appendix 34 Termination Checklist
-
Chapter 19. Accreditation and Certification for a Forensic Laboratory
- Abstract
- 19.1 Accreditation and Certification
- 19.2 Accreditation for a Forensic Laboratory
- 19.3 Certification for a Forensic Laboratory
- Appendix 1 Typical Conditions of Accreditation
- Appendix 2 Contents of an Audit Response
- Appendix 3 Management System Assessment Non-conformance Examples
- Appendix 4 Typical Closeout Periods
- Chapter 20. Emerging Issues
- Appendix. Acronyms
- Bibliography
- Index
- Glossary
Product information
- Title: Digital Forensics Processing and Procedures
- Author(s):
- Release date: August 2013
- Publisher(s): Syngress
- ISBN: 9781597497459
You might also like
book
Digital Triage Forensics
Digital Triage Forensics: Processing the Digital Crime Scene provides the tools, training, and techniques in Digital …
book
Cyber Forensics: From Data to Digital Evidence
An explanation of the basic principles of data This book explains the basic principles of data …
book
Digital Audio Forensics Fundamentals
Digital Audio Forensics Fundamentals offers an accessible introduction to both the theory and practical skills behind …
book
Contemporary Digital Forensic Investigations of Cloud and Mobile Applications
Contemporary Digital Forensic Investigations of Cloud and Mobile Applications comprehensively discusses the implications of cloud (storage) …