Digital Forensics Processing and Procedures: Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements


Posted on by Ben Rothke

When it comes to a digital forensics investigation, process is crucial.  If certain steps are skipped or done incorrectly, a savvy defense attorney can have the evidence thrown out.

With that, no one will mistake Digital Forensics Processing and Procedures: Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements for a Tom Clancy novel.  While books from Clancy are page turners, Digital Forensics Processing and Procedures is not a book that is necessarily going to be read from cover to cover in the same way.

DF

What the book does do is provide a comprehensive and all-inclusive set of details that covers the entire lifecycle of a digital forensics investigation, ensuing evidence gathered, and chain of custody that results.

In these investigations, all it takes is one misstep to have hundreds of hours of log analysis discarded.  A book like this can ensure that trivial mistakes which can undermine an investigation don’t occur.

The web site for the book was not up at the time this review was written.

Authors David Lilburn Watson and Andrew Jones bring decades of detailed real-world experience to the book, which readers are certain to find to be a unique reference.

For those who want to ensure that their digital forensic program follows best practices and accepted industry methods, Digital Forensics Processing and Procedures: Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements will prove to be an invaluable resource.


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

forensics & e-discovery fraud security operations

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community