Front Cover -- Digital Forensics Processing and Procedures: Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practic ... -- Copyright -- Contents -- About the Authors -- Technical Editor Bio -- Acknowledgments -- Preface -- Chapter 1: Introduction -- 1.1. Introduction -- 1.1.1. What is Digital Forensics? -- 1.1.2. The Need for Digital Forensics -- 1.1.3. The Purpose of This Book -- 1.1.4. Book Structure -- 1.1.5. Who Should Read This Book? -- 1.1.6. The Need for Procedures in Digital Forensics -- 1.1.7. Problems with Electronic Evidence -- 1.1.8. The Principles of Electronic Evidence -- 1.1.9. Nomenclature Used in This Book -- Appendix 1 - Some types of cases involving Digital Forensics -- Criminal cases -- Civil cases -- Appendix 2 - Growth of hard disk drives for personal computers -- Appendix 3 - Disk drive size nomenclature -- Chapter 2: Forensic Laboratory Accommodation -- 2.1. The building -- 2.1.1. General -- 2.1.2. Business Case -- 2.1.3. Standards -- 2.2. Protecting against external and environmental threats -- 2.3. Utilities and services -- 2.3.1. Signage -- 2.3.2. Power and Cabling -- 2.3.3. Heating, Ventilation, and Air Conditioning -- 2.3.4. Fire Detection and Quenching -- 2.3.5. Close Circuit Television and Burglar Alarms -- 2.3.6. Communications -- 2.3.7. Water -- 2.4. Physical security -- 2.4.1. General -- 2.4.2. Building Infrastructure -- 2.4.3. Access Control -- 2.4.4. On-Site Secure Evidence Storage -- 2.4.5. Clean Room -- 2.4.6. Fire Safes -- 2.4.7. Secure Off-Site Storage -- 2.5. Layout of the Forensic Laboratory -- 2.5.1. Separation of Space for Specific Roles and Tasks -- 2.5.2. Ergonomics -- 2.5.3. Personal Workspace -- 2.5.4. Size Estimating -- 2.5.5. Infrastructure Rooms -- Appendix 1 - Sample outline for a business case -- Appendix 2 - Forensic Laboratory Physical Security Policy -- Introduction.

Purpose -- Definitions -- Scope -- Audience -- Policy statements -- Responsibilities -- Enforcement, monitoring, and breaches -- Ownership -- Review and maintenance -- Approval -- Chapter 3: Setting up the Forensic Laboratory -- 3.1. Setting up the Forensic Laboratory -- 3.1.1. Forensic Laboratory Terms of Reference -- 3.1.2. The Status of the Forensic Laboratory -- 3.1.3. The Forensic Laboratory Principles -- 3.1.3.1. Responsibilities -- 3.1.3.2. Integrity -- 3.1.3.3. Quality -- 3.1.3.4. Efficiency -- 3.1.3.5. Productivity -- 3.1.3.6. Meet Organizational Expectations -- 3.1.3.7. Health and Safety -- 3.1.3.8. Information Security -- 3.1.3.9. Management Information Systems -- 3.1.3.10. Qualifications -- 3.1.3.11. Training -- 3.1.3.12. Maintaining Employee Competency -- 3.1.3.13. Employee Development -- 3.1.3.14. Environment -- 3.1.3.15. Supervision -- 3.1.3.16. Conflicts of Interest -- 3.1.3.17. Legal Compliance -- 3.1.3.18. Accountability -- 3.1.3.19. Disclosure and Discovery -- 3.1.3.20. Work Quality -- 3.1.3.21. Accreditation and Certification -- 3.1.3.22. Membership of Appropriate Organizations -- 3.1.3.23. Obtain Appropriate Personal Certifications -- 3.1.4. Laboratory Service Level Agreements -- 3.1.5. Impartiality and Independence -- 3.1.6. Codes of Practice and Conduct -- 3.1.7. Quality Standards -- 3.1.8. Objectivity -- 3.1.9. Management Requirements -- 3.1.10. Forensic Laboratory Policies -- 3.1.11. Documentation Requirements -- 3.1.12. Competence, Awareness, and Training -- 3.1.13. Planning -- 3.1.13.1. Risk Assessment and Management -- 3.1.13.2. Business Impact Analysis -- 3.1.13.3. Legal and Regulatory Considerations -- 3.1.14. Insurance -- 3.1.15. Contingency Planning -- 3.1.16. Roles and Responsibilities -- 3.1.17. Business Objectives -- 3.1.18. Laboratory Accreditation and Certification -- 3.1.19. Policies.

3.1.20. Guidelines and Procedures -- Appendix 1 - The Forensic Laboratory ToR -- The vision -- Scope and objectives -- Deliverables -- Boundaries, risks, and limitations -- Roles, responsibilities, authority, accountability, and reporting requirements -- Stakeholders -- Regulatory framework -- Resources -- Work breakdown structure and schedule -- Success Factors -- Intervention strategies -- Appendix 2 - Cross reference between ISO 9001 and ISO 17025 -- Appendix 3 - Conflict of Interest Policy -- Appendix 4 - Quality Policy -- Chapter 4: The Forensic Laboratory Integrated Management System -- 4.1. Introduction -- 4.2. Benefits -- 4.3. The Forensic Laboratory IMS -- 4.3.1. General Requirements -- 4.3.1.1. Overview -- 4.3.1.2. Plan -- 4.3.1.3. Do -- 4.3.1.4. Check -- 4.3.1.5. Act -- 4.3.2. Goals -- 4.4. The Forensic Laboratory Policies -- 4.4.1. Policies -- 4.4.1.1. Legislative -- 4.4.1.2. ISO High-Level Policy Documents -- 4.4.1.3. ISO Detailed Policy Documents -- 4.4.1.4. Forensic Laboratory-Specific Policy Documents -- 4.4.2. Policy Review -- 4.4.3. Management Committees -- 4.5. Planning -- 4.5.1. Identification and Evaluation of Aspects, Impacts, and Risks -- 4.5.2. Identification of Legal, Regulatory, and Other Requirements -- 4.5.3. Contingency Planning -- 4.5.4. Objectives -- 4.5.5. Organizational Structures, Roles, Responsibilities, and Authorities -- 4.6. Implementation and Operation -- 4.6.1. Operational Control -- 4.6.2. Management of Resources -- 4.6.2.1. Provision of Resources -- 4.6.2.2. Competence, Training, and Awareness -- 4.6.2.2.1. General Human Resources Training -- 4.6.2.2.2. Project Training -- 4.6.2.2.3. Management System-Specific Training -- 4.6.2.3. Training Records -- 4.6.2.4. Infrastructure -- 4.6.2.5. Environment -- 4.6.3. Documentation Requirements -- 4.6.3.1. General -- 4.6.3.2. System Documentation.

4.6.3.3. Control of Documents -- 4.6.3.3.1. Roles and Responsibilities -- 4.6.3.3.1.1. Document Owner Responsibilities -- 4.6.3.3.1.2. Document Author Responsibilities -- 4.6.3.3.1.3. Reviewer Responsibilities -- 4.6.3.3.1.4. Quality Assurance Manager Responsibilities -- 4.6.3.3.1.5. Site Owners Responsibilities -- 4.6.3.3.1.6. Document Registrar Responsibilities -- 4.6.3.4. Writing and Updating Documents -- 4.6.3.4.1. Generating a Request -- 4.6.3.4.2. Researching and Writing/Updating a Document -- 4.6.3.4.3. Reviewing a Document and Implementing Edits -- 4.6.3.4.4. Reviewing a Proposal or Work Product and Implementing Edits -- 4.6.3.4.5. Issuing a Document -- 4.6.3.4.5.1. Word Documents -- 4.6.3.4.5.2. HTML Documents -- 4.6.3.4.6. Reviewing Management System or Business Process Documents -- 4.6.4. Control of Records -- 4.6.5. Communication -- 4.7. Performance assessment -- 4.7.1. Monitoring and Measurement -- 4.7.2. Evaluation of Compliance -- 4.7.3. Internal Auditing -- 4.7.3.1. Overview -- 4.7.3.2. Audit Responsibilities -- 4.7.3.2.1. Owners -- 4.7.3.2.2. Auditors -- 4.7.3.2.3. Auditees -- 4.7.3.3. Auditing Management System(s) -- 4.7.3.4. Audit Planning Charts -- 4.7.3.5. Audit Non-Compliance Definitions -- 4.7.3.5.1. Major Non-Compliance -- 4.7.3.5.1.1. Definition -- 4.7.3.5.1.2. Examples -- 4.7.3.5.2. Minor Non-Compliance -- 4.7.3.5.2.1. Definition -- 4.7.3.5.2.2. Examples -- 4.7.3.5.3. Observation -- 4.7.3.6. Planning an Internal Audit -- 4.7.3.7. Conducting an Internal Audit -- 4.7.3.8. Preparing the Audit Report -- 4.7.3.9. Completing the Audit -- 4.8. Continuous improvement -- 4.8.1. Handling of Non-Conformities -- 4.8.2. Planning and Implementing Corrective Actions -- 4.8.3. Determining Preventive Action -- 4.8.4. Corrective and Preventive Action Requests -- 4.8.5. Corrective and Preventive Action Ownership.

4.8.6. Corrective and Preventive Action Oversight -- 4.9. Management Reviews -- 4.9.1. General -- 4.9.2. Review Input -- 4.9.3. Review Output -- 4.9.4. Agendas -- Appendix 1 - Mapping ISO Guide 72 requirements to PAS 99 -- Appendix 2 - PAS 99 glossary -- Appendix 3 - PAS 99 mapping to IMS procedures -- Appendix 4 - The Forensic Laboratory Goal Statement -- Appendix 5 - The Forensic Laboratory Baseline Measures -- Appendix 6 - Environment Policy -- Appendix 7 - Health and Safety Policy -- Appendix 8 - Undue Influence Policy -- Gifts -- Corporate Hospitality -- Hospitality and Gifts Register -- Breaches of this Policy -- Appendix 9 - Business Continuity Policy -- Appendix 10 - Information Security Policy -- Appendix 11 - Access Control Policy -- Appendix 12 - Change or Termination Policy -- Appendix 13 - Clear Desk and Clear Screen Policy -- Clear Desk Policy -- Clear Screen Policy -- Appendix 14 - Continuous Improvement Policy -- Appendix 15 - Cryptographic Control Policy -- Appendix 16 - Document Retention Policy -- Business and Regulatory -- Contracts and Contractors -- Property and land -- Premises operations and maintenance inspections -- Waste management -- Assets -- Training records -- Appendix 17 - Financial Management Policy -- Appendix 18 - Mobile Devices Policy -- Users -- The Forensic Laboratory -- USB devices -- Protection of data -- General information -- Appendix 19 - Network Service Policy -- Appendix 20 - Personnel Screening Policy -- Screening employees at recruitment stage -- Temporary and contract staff -- Appendix 21 - Relationship Management Policy -- Appendix 22 - Release Management Policy -- Appendix 23 - Service Management Policy -- Appendix 24 - Service Reporting Policy -- Appendix 25 - Third-Party Access Control Policy -- Appendix 26 - Acceptable Use Policy -- General -- Purpose -- Applicability -- Responsibilities.

Acceptable use.