A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident, this can be both time consuming and expensive. There are many circumstances where an organisation can benefit from the ability to gather and preserve digital evidence before an incident occurs; a Digital Forensics Readiness Policy details the immediate procedures to be employed for any forensic investigation of digital evidence. Forensic readiness is defined as the ability of an organisation to maximise its potential to use digital evidence whilst minimising the costs of an investigation.

Why Have a Digital Forensics Readiness Policy?

A Digital Forensics Readiness Policy should be established to confirm an organisation’s commitment:

• To gather admissible evidence legally and without interfering with business processes
• To gather evidence targeting the potential crimes and disputes that may adversely impact the organisation
• To allow an investigation to proceed at a cost in proportion to the incident
• To minimise interruption to the business from any investigation
• To ensure that evidence makes a positive impact on the outcome of any legal action, in order to continue core business functions of all Business Stakeholders in the event of a major incident.

If you require further information or assistance in compiling your own Digital Forensics Readiness Policy please call 01327 856010 or Email info@griffinforensics.com.

Note: The term Digital Forensics Readiness Policy is interchangeable with Computer Forensics Readiness Policy.