Background
The fundamental purpose of the digital forensics
standards ISO/IEC 27037, 27041, 27042 and
27043 is to promote good practice methods and processes for forensic
investigation of digital evidence. While individual investigators,
organizations and jurisdictions may well retain certain methods, processes and
controls, it is hoped that standardization will (eventually) lead to the
adoption of similar if not identical approaches internationally, making it
easier to compare, combine and contrast the results of such investigations even
when performed by different people or organizations and potentially across
different jurisdictions.
Scope and purpose
The standard will offer guidance on the forensic
principles behind, and the processes involved in, investigating incidents.
It will provide “guidelines that encapsulate
idealised models for common investigation processes across various investigation
scenarios ... from pre-incident preparation ... to ... returning of evidence to
be stored or disseminated. This includes any general advice and caveats on
processes[,] and appropriate identification, collection, acquisition,
preservation, analysis and presentation of [digital] evidence.” [text adapted
from the 2nd WD]
Status of the standard
The 2nd WD is available to
SC27.
Source:
0 yorum:
Yorum Gönder