Description |
1 online resource |
|
text txt rdacontent |
|
computer c rdamedia |
|
online resource cr rdacarrier |
|
text file |
Bibliography |
Includes bibliographical references and index. |
Summary |
This is the first digital forensics book that covers the complete lifecycle of digital evidence and the chain of custody. This comprehensive handbook includes international procedures, best practices, compliance, and a companion web site with downloadable forms. Written by world-renowned digital forensics experts, this book is a must for any digital forensics lab. It provides anyone who handles digital evidence with a guide to proper procedure throughout the chain of custody--from incident response through analysis in the lab. A step-by-step guide to designing, building and using a digital forensics lab. A comprehensive guide for all roles in a digital forensics laboratoryBased on international standards and certifications. |
Note |
Print version record. |
Contents |
Machine generated contents note: 1. Introduction -- 1.1. Introduction -- Appendix 1 Some Types of Cases Involving Digital Forensics -- Appendix 2 Growth of Hard Disk Drives for Personal Computers -- Appendix 3 Disk Drive Size Nomenclature -- 2. Forensic Laboratory Accommodation -- 2.1. The Building -- 2.2. Protecting Against External and Environmental Threats -- 2.3. Utilities and Services -- 2.4. Physical Security -- 2.5. Layout of the Forensic Laboratory -- Appendix 1 Sample Outline for a Business Case -- Appendix 2 Forensic Laboratory Physical Security Policy -- 3. Setting up the Forensic Laboratory -- 3.1. Setting up the Forensic Laboratory -- Appendix 1 The Forensic Laboratory ToR -- Appendix 2 Cross Reference between ISO 9001 and ISO 17025 -- Appendix 3 Conflict of Interest Policy -- Appendix 4 Quality Policy -- 4. The Forensic Laboratory Integrated Management System -- 4.1. Introduction -- 4.2. Benefits -- 4.3. The Forensic Laboratory IMS -- 4.4. The Forensic Laboratory Policies -- 4.5. Planning -- 4.6. Implementation and Operation -- 4.7. Performance Assessment -- 4.8. Continuous Improvement -- 4.9. Management Reviews -- Appendix 1 Mapping ISO Guide 72 Requirements to PAS 99 -- Appendix 2 PAS 99 Glossary -- Appendix 3 PAS 99 Mapping to IMS Procedures -- Appendix 4 The Forensic Laboratory Goal Statement -- Appendix 5 The Forensic Laboratory Baseline Measures -- Appendix 6 Environment Policy -- Appendix 7 Health and Safety Policy -- Appendix 8 Undue Influene Policy -- Appendix 9 Business Continuity Policy -- Appendix 10 Information Security Policy -- Appendix 11 Access Control Policy -- Appendix 12 Change or Termination Policy -- Appendix 13 Clear Desk and Clear Screen Policy -- Appendix 14 Continuous Improvement Policy -- Appendix 15 Cryptographic Control Policy -- Appendix 16 Document Retention Policy -- Appendix 17 Financial Management Policy -- Appendix 18 Mobile Devices Policy -- Appendix 19 Network Service Policy -- Appendix 20 Personnel Screening Policy -- Appendix 21 Relationship Management Policy -- Appendix 22 Release Management Policy -- Appendix 23 Service Management Policy -- Appendix 24 Service Reporting Policy -- Appendix 25 Third-Party Access Control Policy -- Appendix 26 Acceptable use Policy -- Appendix 27 Audit Committee -- Appendix 28 Business Continuity Committee -- Appendix 29 Environment Committee -- Appendix 30 Health and Safety Committee -- Appendix 31 Information Security Committee -- Appendix 32 Quality Committee -- Appendix 33 Risk Committee -- Appendix 34 Service Delivery Committee -- Appendix 35 Whistle Blowing Policy -- Appendix 36 Management Review Agenda -- Appendix 37 Document Control Checklist -- Appendix 38 Document Metadata -- Appendix 39 File-Naming Standards -- Appendix 40 Watermarks in Use in the Forensic Laboratory -- Appendix 41 Document Review Form -- Appendix 42 IMS Calendar -- Appendix 43 Audit Plan Letter -- Appendix 44 Audit Reporting Form -- Appendix 45 CAR/PAR Form -- Appendix 46 Opening Meeting Agenda -- Appendix 47 Closing Meeting Agenda -- Appendix 48 Audit Report Template -- Appendix 49 Root Causes for Non-Conformity -- 5. Risk Management -- 5.1. A Short History of Risk Management -- 5.2. An Information Security Risk Management Framework -- 5.3. Framework Stage 1 -- ISMS Policy -- 5.4. Framework Stage 2: Planning, Resourcing, and Communication -- 5.5. Framework Stage 3: Information Security Risk Management Process -- 5.6. Framework Stage 4: Implementation and Operational Procedures -- 5.7. Framework Stage 5: Follow-up Procedures -- Appendix 1 Sample Communication Plan -- Appendix 2 Sample Information Security Plan -- Appendix 3 Asset Type Examples -- Appendix 4 Asset Values -- Appendix 5 Consequences Table -- Appendix 6 Some Common Business Risks -- Appendix 7 Some Common Project Risks -- Appendix 8 Security Threat Examples -- Appendix 9 Common Security Vulnerabilities -- Appendix 10 Risk Management Policy -- Appendix 11 The IMS and ISMS Scope Document -- Appendix 12 Criticality Ratings -- Appendix 13 Likelihood of Occurrence -- Appendix 14 Risk Appetite -- Appendix 15 Security Controls from CobIT and NIST 800-53 -- Appendix 16 Information Classification -- Appendix 17 The Corporate Risk Register -- Appendix 18 Comparison between Qualitative and Quantitative Methods -- Appendix 19 Mapping Control Functions to ISO 27001 -- Appendix 20 Mapping Security Concerns to ISO 27001 -- Appendix 21 SoA Template -- Appendix 22 The Forensic Laboratory's Security Metrics Report -- Appendix 23 Mapping ISO 31000 and ISO 27001 to IMS Procedures -- 6. Quality in the Forensic Laboratory -- 6.1. Quality and Good Laboratory Practice -- 6.2. Management Requirements for Operating the Forensic Laboratory -- 6.3. ISO 9001 for the Forensic Laboratory -- 6.4. The Forensic Laboratory's QMS -- 6.5. Responsibilities in the QMS -- 6.6. Managing Sales -- 6.7. Product and Service Realization -- 6.8. Reviewing Deliverables -- 6.9. Signing Off a Case -- 6.10. Archiving a Case -- 6.11. Maintaining Client Confidentiality -- 6.12. Technical Requirements for the Forensic Laboratory -- 6.13. Measurement, Analysis, and Improvement -- 6.14. Managing Client Complaints -- Appendix 1 Mapping ISO 9001 to IMS Procedures -- Appendix 2 Mapping ISO 17025 to IMS Procedures -- Appendix 3 Mapping SWGDE Quality Requirements to IMS Procedures -- Appendix 4 Mapping NIST-150 Quality Requirements to IMS Procedures -- Appendix 5 Mapping ENFSI Quality Requirements to IMS Procedures -- Appendix 6 Mapping FSR Quality Requirements to IMS Procedures -- Appendix 7 Quality Manager, Job Description -- Appendix 8 Business Plan Template -- Appendix 9 Business KPIs -- Appendix 10 Quality Plan Contents -- Appendix 11 Induction Checklist Contents -- Appendix 12 Induction Feedback -- Appendix 13 Standard Proposal Template -- Appendix 14 Issues to Consider for Case Processing -- Appendix 15 Standard Quotation Contents -- Appendix 16 Standard Terms and Conditions -- Appendix 17 ERMS Client Areas -- Appendix 18 Cost Estimation Spreadsheet -- Appendix 19 Draft Review Form -- Appendix 20 Client Sign-Off and Feedback Form -- Appendix 21 Information Required for Registering a Complaint -- Appendix 22 Complaint Resolution Timescales -- Appendix 23 Complaint Metrics -- Appendix 24 Laboratory Manager, Job Description -- Appendix 25 Forensic Analyst, Job Description -- Appendix 26 Training Agenda -- Appendix 27 Some Individual Forensic Certifications -- Appendix 28 Minimum Equipment Records Required by ISO 17025 -- Appendix 29 Reference Case Tests -- Appendix 30 ISO 17025 Reporting Requirements -- Appendix 31 Standard Forensic Laboratory Report -- 7. IT Infrastructure -- 7.1. Hardware -- 7.2. Software -- 7.3. Infrastructure -- 7.4. Process Management -- 7.5. Hardware Management -- 7.6. Software Management -- 7.7. Network Management -- Appendix 1 Some Forensic Workstation Providers -- Appendix 2 Some Mobile Forensic Workstation Providers -- Appendix 3 Standard Build for a Forensic Workstation -- Appendix 4 Some Case Processing Tools -- Appendix 5 Policy for Securing IT Cabling -- Appendix 6 Policy for Siting and Protecting IT Equipment -- Appendix 7 ISO 20000-1 Mapping -- Appendix 8 Service Desk Manager, Job Description -- Appendix 9 Incident Manager, Job Description -- Appendix 10 Incident Status Levels -- Appendix 11 Incident Priority Levels -- Appendix 12 Service Desk Feedback Form -- Appendix 13 Problem Manager, Job Description -- Appendix 14 Contents of the Forensic Laboratory SIP -- Appendix 15 Change Categories -- Appendix 16 Change Manager, Job Description -- Appendix 17 Standard Requirements of a Request for Change -- Appendix 18 Emergency Change Policy -- Appendix 19 Release Management Policy -- Appendix 20 Release Manager, Job Description -- Appendix 21 Configuration Management Plan Contents -- Appendix 22 Configuration Management Policy -- Appendix 23 Configuration Manager, Job Description -- Appendix 24 Information Stored in the DSL and DHL -- Appendix 25 Capacity Manager, Job Description -- Appendix 26 Capacity Management Plan -- Appendix 27 Service Management Policy |
|
-- Appendix 28 Service Level Manager, Job Description -- Appendix 29 Service Reporting Policy -- Appendix 30 Policy for Maintaining and Servicing IT Equipment -- Appendix 31 ISO 17025 Tool Test Method Documentation -- Appendix 32 Standard Forensic Tool Tests -- Appendix 33 Forensic Tool Test Report Template -- Appendix 34 Overnight Backup Checklist -- 8. Incident Response -- 8.1. General -- 8.2. Evidence -- 8.3. Incident Response as a Process -- 8.4. Initial Contact -- 8.5. Types of First Response -- 8.6. The Incident Scene -- 8.7. Transportation to the Forensic Laboratory -- 8.8. Crime Scene and Seizure Reports -- 8.9. Postincident Review -- Appendix 1 Mapping ISO 17020 to IMS Procedures -- Appendix 2 First Response Briefing Agenda -- Appendix 3 Contents of the Grab Bag -- Appendix 4 New Case Form -- Appendix 5 First Responder Seizure Summary Log -- Appendix 6 Site Summary Form -- Appendix 7 Seizure Log -- Appendix 8 Evidence Locations in Devices and Media -- Appendix 9 Types of Evidence Typically Needed for a Case -- Appendix 10 The On/Off Rule. |
|
Note continued: Appendix 11 Some Types of Metadata That may be Recoverable from Digital Images -- Appendix 12 Countries with Different Fixed Line Telephone Connections -- Appendix 13 Some Interview Questions -- Appendix 14 Evidence Labeling -- Appendix 15 Forensic Preview Forms -- Appendix 16 A Traveling Forensic Laboratory -- Appendix 17 Movement Sheet -- Appendix 18 Incident Response Report -- Appendix 19 Postincident Review Agenda -- Appendix 20 Incident Processing Checklist -- 9. Case Processing -- 9.1. Introduction to Case Processing -- 9.2. Case Types -- 9.3. Precase Processing -- 9.4. Equipment Maintenance -- 9.5. Management Processes -- 9.6. Booking Exhibits in and out of the Secure Property Store -- 9.7. Starting a New Case -- 9.8. Preparing the Forensic Workstation -- 9.9. Imaging -- 9.10. Examination -- 9.11. Dual Tool Verification -- 9.12. Digital Time Stamping -- 9.13. Production of an Internal Case Report -- 9.14. Creating Exhibits -- 9.15. Producing a Case Report for External Use -- 9.16. Statements, Depositions, and Similar -- 9.17. Forensic Software Tools -- 9.18. Backing up and Archiving a Case -- 9.19. Disclosure -- 9.20. Disposal -- Appendix 1 Some International Forensic Good Practice -- Appendix 2 Some International and National Standards Relating to Digital Forensics -- Appendix 3 Hard Disk Log Details -- Appendix 4 Disk History Log -- Appendix 5 Tape Log Details -- Appendix 6 Tape History Log -- Appendix 7 Small Digital Media Log Details -- Appendix 8 Small Digital Media Device Log -- Appendix 9 Forensic Case Work Log -- Appendix 10 Case Processing KPIs -- Appendix 11 Contents of Sample Exhibit Rejection Letter -- Appendix 12 Sample Continuity Label Contents -- Appendix 13 Details of the Forensic Laboratory Property Log -- Appendix 14 Exhibit Acceptance Letter Template -- Appendix 15 Property Special Handling Log -- Appendix 16 Evidence Sought -- Appendix 17 Request for Forensic Examination -- Appendix 18 Client Virtual Case File Structure -- Appendix 19 Computer Details Log -- Appendix 20 Other Equipment Details Log -- Appendix 21 Hard Disk Details Log -- Appendix 22 Other Media Details Log -- Appendix 23 Cell Phone Details Log -- Appendix 24 Other Device Details Log -- Appendix 25 Some Evidence Found in Volatile Memory -- Appendix 26 Some File Metadata -- Appendix 27 Case Progress Checklist -- Appendix 28 Meeting the Requirements of HB 171 -- Appendix 29 Internal Case Report Template -- Appendix 30 Forensic Laboratory Exhibit Log -- Appendix 31 Report Production Checklist -- 10. Case Management -- 10.1. Overview -- 10.2. Hard Copy Forms -- 10.3. MARS -- 10.4. Setting up a New Case -- 10.5. Processing a Forensic Case -- 10.6. Reports General -- 10.7. Administrator's Reports -- 10.8. User Reports -- Appendix 1 Setting up Organisational Details -- Appendix 2 Set up the Administrator -- Appendix 3 Audit Reports -- Appendix 4 Manage Users -- Appendix 5 Manage Manufacturers -- Appendix 6 Manage Suppliers -- Appendix 7 Manage Clients -- Appendix 8 Manage Investigators -- Appendix 9 Manage Disks -- Appendix 10 Manage Tapes -- Appendix 11 Manage Small Digital Media -- Appendix 12 Exhibit Details -- Appendix 13 Evidence Sought -- Appendix 14 Estimates -- Appendix 15 Accept or Reject Case -- Appendix 16 Movement Log -- Appendix 17 Examination Log -- Appendix 18 Computer Hardware Details -- Appendix 19 Non-Computer Exhibit Details -- Appendix 20 Hard Disk Details -- Appendix 21 Other Media Details -- Appendix 22 Work Record Details -- Appendix 23 Updating Case Estimates -- Appendix 24 Create Exhibit -- Appendix 25 Case Result -- Appendix 26 Case Backup -- Appendix 27 Billing and Feedback -- Appendix 28 Feedback Received -- Appendix 29 Organization Report -- Appendix 30 Users Report -- Appendix 31 Manufacturers Report -- Appendix 32 Supplier Report -- Appendix 33 Clients Report -- Appendix 34 Investigator's Report -- Appendix 35 Disks by Assignment Report -- Appendix 36 Disks by Reference Number Report -- Appendix 37 Wiped Disks Report -- Appendix 38 Disposed Disks Report -- Appendix 39 Disk History Report -- Appendix 40 Tapes by Assignment Report -- Appendix 41 Tapes by Reference Number Report -- Appendix 42 Wiped Tapes Report -- Appendix 43 Disposed Tapes Report -- Appendix 44 Tape History Report -- Appendix 45 Small Digital Media by Assignment Report -- Appendix 46 Small Digital Media by Reference Number Report -- Appendix 47 Wiped Small Digital Media Report -- Appendix 48 Disposed Small Digital Media Report -- Appendix 49 Small Digital Media History Report -- Appendix 50 Wipe Methods Report -- Appendix 51 Disposal Methods Report -- Appendix 52 Imaging Methods Report -- Appendix 53 Operating Systems Report -- Appendix 54 Media Types Report -- Appendix 55 Exhibit Type Report -- Appendix 56 Case Setup Details Report -- Appendix 57 Case Movement Report -- Appendix 58 Case Computers Report -- Appendix 59 Case Non-Computer Evidence Report -- Appendix 60 Case Disks Received Report -- Appendix 61 Case Other Media Received -- Appendix 62 Case Exhibits Received Report -- Appendix 63 Case Work Record -- Appendix 64 Cases Rejected Report -- Appendix 65 Cases Accepted -- Appendix 66 Case Estimates Report -- Appendix 67 Cases by Forensic Analyst -- Appendix 68 Cases by Client Report -- Appendix 69 Cases by Investigator Report -- Appendix 70 Case Target Dates Report -- Appendix 71 Cases Within "x" Days of Target Date Report -- Appendix 72 Cases Past Target Date Report -- Appendix 73 Cases Unassigned Report -- Appendix 74 Case Exhibits Produced Report -- Appendix 75 Case Results Report -- Appendix 76 Case Backups Report -- Appendix 77 Billing Run Report -- Appendix 78 Feedback Letters -- Appendix 79 Feedback Forms Printout -- Appendix 80 Feedback Reporting Summary by Case -- Appendix 81 Feedback Reporting Summary by Forensic Analyst -- Appendix 82 Feedback Reporting Summary by Client -- Appendix 83 Complete Case Report -- Appendix 84 Processed Report -- Appendix 85 Insurance Report -- 11. Evidence Presentation -- 11.1. Overview -- 11.2. Notes -- 11.3. Evidence -- 11.4. Types of Witness -- 11.5. Reports -- 11.6. Testimony in Court -- 11.7. Why Cases Fail -- Appendix 1 Nations Ratifying the Budapest Convention -- Appendix 2 Criteria for Selection an Expert Witness -- Appendix 3 The Forensic Laboratory Code of Conduct for Expert Witnesses -- Appendix 4 Report Writing Checklist -- Appendix 5 Statement and Deposition Writing Checklist -- Appendix 6 Non-Verbal Communication to Avoid -- Appendix 7 Etiquette in Court -- Appendix 8 Testimony Feedback Form -- 12. Secure Working Practices -- 12.1. Introduction -- 12.2. Principles of Information Security within the Forensic Laboratory -- 12.3. Managing Information Security in the Forensic Laboratory -- 12.4. Physical Security in the Forensic Laboratory -- 12.5. Managing Service Delivery -- 12.6. Managing System Access -- 12.7. Managing Information on Public Systems -- 12.8. Securely Managing IT Systems -- 12.9. Information Processing Systems Development and Maintenance -- Appendix 1 The Forensic Laboratory SoA -- Appendix 2 Meeting the Requirements of GAISP -- Appendix 3 Software License Database Information Held -- Appendix 4 Information Security Manager, Job Description -- Appendix 5 Logon Banner -- Appendix 6 The Forensic Laboratory's Security Objectives -- Appendix 7 Asset Details to be Recorded in the Asset Register -- Appendix 8 Details Required for Removal of an Asset -- Appendix 9 Handling Classified Assets -- Appendix 10 Asset Disposal Form -- Appendix 11 Visitor Checklist -- Appendix 12 Rules of the Data Center -- Appendix 13 User Account Management Form Contents -- Appendix 14 Teleworking Request Form Contents -- 13. Ensuring Continuity of Operations -- 13.1. Business Justification for Ensuring Continuity of Operations -- 13.2. Management Commitment -- 13.3. Training and Competence -- 13.4. Determining the Business Continuity Strategy -- 13.5. Developing and Implementing a Business Continuity Management Response -- 13.6. Exercising, Maintaining, and Reviewing Business Continuity |
|
Arrangements -- 13.7. Maintaining and Improving the BCMS -- 13.8. Embedding Business Continuity Forensic Laboratory Processes -- 13.9. BCMS Documentation and Records -- General -- Appendix 1 Supplier Details Held -- Appendix 2 Headings for Financial and Security Questionnaire -- Appendix 3 Business Continuity Manager, Job Description -- Appendix 4 Contents of the Forensic Laboratory BIA Form -- Appendix 5 Proposed BCMS Development and Certification Timescales -- Appendix 6 Incident Scenarios -- Appendix 7 Strategy Options -- Appendix 8 Standard Forensic Laboratory BCP Contents -- Appendix 9 Table of Contents to the Appendix to a BCP -- Appendix 10 BCP Change List Contents -- Appendix 11 BCP Scenario Plan Contents -- Appendix 12 BCP Review Report Template Contents -- Appendix 13 Mapping IMS Procedures to ISO 22301 -- Appendix 14 Differences between ISO 22301 and BS 25999 -- 14. Managing Business Relationships -- 14.1. The Need for Third Parties -- 14.2. Clients -- 14.3. Third Parties Accessing the Forensic Laboratory. |
|
Note continued: 14.4. Managing Service Level Agreements -- 14.5. Suppliers of Office and IT Products and Services -- 14.6. Utility Service Providers -- 14.7. Contracted Forensic Consultants and Expert Witnesses -- 14.8. Outsourcing -- 14.9. Use of Sub-Contractors -- 14.10. Managing Complaints -- 14.11. Reasons for Outsourcing Failure -- Appendix 1 Contents of a Service Plan -- Appendix 2 Risks to Consider with Third Parties -- Appendix 3 Contract Checklist for Information Security Issues -- Appendix 4 SLA Template for Products and Services for Clients -- Appendix 5 RFx Descriptions -- Appendix 6 The Forensic Laboratory RFx Template Checklist -- Appendix 7 RFx Timeline for Response, Evaluation, and Selection -- Appendix 8 Forensic Consultant's Personal Attributes -- Appendix 9 Some Tips for Selecting an Outsourcing Service Provider -- Appendix 10 Areas to Consider for Outsourcing Contracts -- 15. Effective Records Management -- 15.1. Introduction -- 15.2. Legislative, Regulatory, and Other Requirements -- 15.3. Record Characteristics -- 15.4. A Records Management Policy -- 15.5. Defining the Requirements for Records Management in the Forensic Laboratory -- 15.6. Determining Forensic Laboratory Records to be Managed by the ERMS -- 15.7. Using Metadata in the Forensic Laboratory -- 15.8. Record Management Procedures -- 15.9. Business Continuity -- Appendix 1 MoReq2 Functional Requirements -- Appendix 2 Mapping of ISO 15489 Part 1 to Forensic Laboratory Procedures -- Appendix 3 Types of Legislation and Regulation that will Affect Record Keeping -- Appendix 4 Forensic Laboratory Record Keeping Policy -- Appendix 5 Record Management System Objectives -- Appendix 6 Business Case Contents -- Appendix 7 Outline of the ERMS Project -- Appendix 8 Selection Criteria for an ERMS -- Appendix 9 Initial ERMS Feedback Questionnaire -- Appendix 10 Metadata Required in the ERMS -- Appendix 11 Sample E-mail Metadata -- Appendix 12 Forensic Case Records Stored in the ERMS -- Appendix 13 Dublin Core Metadata Elements -- Appendix 14 National Archives of Australia Metadata Standard -- Appendix 15 Responsibilities for Records Management in the Forensic Laboratory -- Appendix 16 Metadata for Records Stored Off-Site -- Appendix 17 Records Classification System -- Appendix 18 Disposition Authorization -- Appendix 19 Additional Requirements for Physical Record Recovery -- Appendix 20 Specialized Equipment Needed for Inspection and Recovery of Damaged Records -- 16. Performance Assessment -- 16.1. Overview -- 16.2. Performance Assessment -- 17. Health and Safety Procedures -- 17.1. General -- 17.2. Planning for OH & S -- 17.3. Implementation and Operation of the OH & S Management System -- 17.4. Checking Compliance with OH & S Requirements -- 17.5. Improving the OH & S Management System -- Appendix 1 OH & S Policy Checklist -- Appendix 2 The Forensic Laboratory OH & S Policy -- Appendix 3 Health and Safety Manager Job Description -- Appendix 4 Some Examples of OH & S Drivers -- Appendix 5 The Forensic Laboratory OH & S Objectives -- Appendix 6 Sample Hazards in the Forensic Laboratory -- Appendix 7 Hazard Identification Form -- Appendix 8 Some Areas for Inspection for Hazards -- Appendix 9 Inputs to the Risk Assessment Process -- Appendix 10 OH & S Risk Rating -- Appendix 11 DSE Initial Workstation Self-Assessment Checklist -- Appendix 12 DSE Training Syllabus -- Appendix 13 DSE Assessors Checklist -- Appendix 14 Measurement of OH & S Success -- Appendix 15 Specific OH & S Incident Reporting Requirements -- Appendix 16 OH & S Investigation Checklist and Form Contents -- Appendix 17 OH & S Incident Review -- Appendix 18 OHSAS 18001 Mapping to IMS Procedures -- 18. Human Resources -- 18.1. Employee Development -- 18.2. Development -- 18.3. Termination -- Appendix 1 Training Feedback Form -- Appendix 2 Employee Security Screening Policy Checklist -- Appendix 3 Employment Application Form -- Appendix 4 Employment Application Form Notes -- Appendix 5 Some Documents that can Verify Identity -- Appendix 6 Document Authenticity Checklist -- Appendix 7 Verifying Addresses -- Appendix 8 Right to Work Checklist -- Appendix 9 Reference Authorization -- Appendix 10 Statutory Declaration -- Appendix 11 Employer Reference Form -- Appendix 12 Employer's Oral Reference Form -- Appendix 13 Confirmation of an Oral Reference Letter -- Appendix 14 Qualification Verification Checklist -- Appendix 15 Criminal Record Declaration Checklist -- Appendix 16 Personal Reference Form -- Appendix 17 Personal Oral Reference Form -- Appendix 18 Other Reference Form -- Appendix 19 Other Reference Form -- Appendix 20 Employee Security Screening File -- Appendix 21 Top Management Acceptance of Employment Risk -- Appendix 22 Third-Party Employee Security Screening Provider Checklist -- Appendix 23 Recruitment Agency Contract Checklist -- Appendix 24 Investigation Manager, Job Description -- Appendix 25 Forensic Laboratory System Administrator, Job Description -- Appendix 26 Employee, Job Description -- Appendix 27 Areas of Technical Competence -- Appendix 28 Some Professional Forensic and Security Organizations -- Appendix 29 Training Specification Template -- Appendix 30 Training Proposal Evaluation Checklist -- Appendix 31 Training Supplier Interview and Presentation Checklist -- Appendix 32 Training Reaction Level Questionnaire -- Appendix 33 The Forensic Laboratory Code of Ethics -- Appendix 34 Termination Checklist -- 19. Accreditation and Certification for a Forensic Laboratory -- 19.1. Accreditation and Certification -- 19.2. Accreditation for a Forensic Laboratory -- 19.3. Certification for a Forensic Laboratory -- Appendix 1 Typical Conditions of Accreditation -- Appendix 2 Contents of an Audit Response -- Appendix 3 Management System Assessment Non-Conformance Examples -- Appendix 4 Typical Closeout Periods -- 20. Emerging Issues -- 20.1. Introduction -- 20.2. Specific Challenges. |
Language |
English. |
Subject |
Computer crimes -- Investigation.
|
|
Evidence preservation -- Standards.
|
|
Forensic sciences -- Standards.
|
|
Computer science.
|
|
Electronic data processing.
|
|
Criminalité informatique -- Enquêtes.
|
|
Preuve (Droit pénal) -- Conservation -- Normes.
|
|
Criminalistique -- Normes.
|
|
Informatique.
|
|
computer science.
|
|
data processing.
|
|
Electronic data processing
|
|
Computer crimes -- Investigation
|
|
Computer science
|
Added Author |
Jones, Andrew.
|
Other Form: |
Print version: 9781597497428 |
ISBN |
1299833144 (electronic bk.) |
|
9781299833142 (electronic bk.) |
|
9781597497459 (e-book) |
|
1597497452 (e-book) |
|
9781597497428 |
|
1597497428 |
Standard No. |
AU@ 000057230332 |
|
CHNEW 001011384 |
|
DEBBG BV042314346 |
|
DEBSZ 405350554 |
|
NZ1 15197938 |
|
NZ1 16034165 |
|