Digital Forensics Processing and Procedures

1st Edition

Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements

Print ISBN: 9781597497428
eBook ISBN: 9781597497459
Imprint: Syngress
Published Date: 17th September 2013
Page Count: 880
53.95 + applicable tax
42.99 + applicable tax
69.95 + applicable tax
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


This is the first digital forensics book that covers the complete lifecycle of digital evidence and the chain of custody. This comprehensive handbook includes international procedures, best practices, compliance, and a companion web site with downloadable forms. Written by world-renowned digital forensics experts, this book is a must for any digital forensics lab. It provides anyone who handles digital evidence with a guide to proper procedure throughout the chain of custody--from incident response through analysis in the lab.

Key Features

  • A step-by-step guide to designing, building and using a digital forensics lab
  • A comprehensive guide for all roles in a digital forensics laboratory
  • Based on international standards and certifications


Forensic laboratories (police, government or civilian), Expert witnesses for digital forensic cases, Legal professionals, Forensics regulators, Investigators involved with seize of digital evidence (police forces, IT departments, HR departments)

Table of Contents

About the Authors

Technical Editor Bio



Chapter 1. Introduction


1.1 Introduction

Appendix 1 Some Types of Cases Involving Digital Forensics

Appendix 2 Growth of Hard Disk Drives for Personal Computers

Appendix 3 Disk Drive Size Nomenclature

Chapter 2. Forensic Laboratory Accommodation


2.1 The Building

2.2 Protecting Against External and Environmental Threats

2.3 Utilities and Services

2.4 Physical Security

2.5 Layout of the Forensic Laboratory

Appendix 1 Sample Outline for a Business Case

Appendix 2 Forensic Laboratory Physical Security Policy

Chapter 3. Setting up the Forensic Laboratory


3.1 Setting up the Forensic Laboratory

Appendix 1 The Forensic Laboratory ToR

Appendix 2 Cross Reference Between ISO 9001 and ISO 17025

Appendix 3 Conflict of Interest Policy

Appendix 4 Quality Policy

Chapter 4. The Forensic Laboratory Integrated Management System


4.1 Introduction

4.2 Benefits

4.3 The Forensic Laboratory IMS

4.4 The Forensic Laboratory Policies

4.5 Planning

4.6 Implementation and Operation

4.7 Performance Assessment

4.8 Continuous Improvement

4.9 Management Reviews

Appendix 1 Mapping ISO Guide 72 requirements to PAS 99

Appendix 2 PAS 99 Glossary

Appendix 3 PAS 99 Mapping to IMS Procedures

Appendix 4 The Forensic Laboratory Goal Statement

Appendix 5 The Forensic Laboratory Baseline Measures

Appendix 6 Environment Policy

Appendix 7 Health and Safety Policy

Appendix 8 Undue Influence Policy

Appendix 9 Business Continuity Policy

Appendix 10 Information Security Policy

Appendix 11 Access Control Policy

Appendix 12 Change or Termin


No. of pages:
© Syngress 2013
eBook ISBN:
Paperback ISBN:


"With this book you have a finely detailed chart guiding you through every aspect of creating, using and documenting processes that will make you compliant with both the formal accreditation standards and less formal, but no less important, industry best practices…if you are running – or plan to run – a digital forensics business, then this will provide a template for everything you do."--Network Security, May 2014
"It is clear that the authors bring real-world experience to the book, covering the whole life cycle of digital forensics investigations, gathering evidence, and chain of custody results…it will be a very useful handbook for future experts, especially those charged with setting up a forensic laboratory or those seeking accreditation and certification of an existing laboratory.", February 19, 2014
"…this volume on digital forensics and investigation provides information on best practices for meeting regulatory requirements and gaining and maintaining certifications and accreditation within the digital forensics field. The work is divided into three sections covering initial policies and procedures for setting up a laboratory, operating procedures and continuing policies, and accreditation standards and requirements.", February 2014
"What the book does do is provide a comprehensive and all-inclusive set of details that covers the entire lifecycle of a digital forensics investigation, ensuing evidence gathered, and chain of custody that results…Authors David Lilburn Watson and Andrew Jones bring decades of detailed real-world experience to the book, which readers are certain to find to be a unique reference.", December 16, 2013