If proper care is taken during the identification and collection of digital data—a process often referred to as “bag and tag”—a mistake in later stages of the investigation may be recoverable, but mistakes made in the initial identification and collection are rarely reversible.
The International Organization on Computer Evidence (IOCE) [Ioce01] has helped guide the computer forensics process for law enforcement personnel since its conception in 1993, at the first International Law Enforcement Conference on Computer Evidence at Quantico, Virginia.
Membership in the IOCE has been somewhat limited (by design), but they have provided some very useful discussion in an international community setting for law enforcement.
Article 2 of the IOCE bylaws states: “the purpose of the organization shall be to provide an international forum for law enforcement agencies to exchange information concerning computer investigation and computer forensic issues.” Article 2 goes on to state the following organizational objectives:
- Identify and discuss issues of common interest
- Facilitate the international dissemination of information
- Develop recommendations for consideration by the member agencies
Keeping with stated objectives, several useful documents have been created by IOCE committees and are available on its Web site at www.ioce.org.
Two specific and very useful documents available on the IOCE Web site are:
- Best Practice Guidelines for Examination of Digital Evidence
- G8 Proposed Principles for Forensic Evidence
Though not governing in any way, both documents can be quite useful for organizations that want to set standards of practice for computer forensics. Despite the obvious law-enforcement focus of the IOCE, these documents can be useful to practitioners in law enforcement as well as private industry.
Related posts:
- Introduction to Computer Forensics Sometimes the need for formalized computer forensics methodologies is not...
- Setting Up an Intranet Part (2) By setting up an intranet, Taco Bell corporate now posts...
- Intranet: Planning Content The kind of content you’ll place on an intranet depends...
- Volatile Data in Personal Devices PDAs, cell phones, MP3 players, and even wristwatches all can...
