Computer related Forensic Investigations requires good and careful preparation for an investigation to be successful. Usually, forensic investigations are conducted after a serious threat to information security has been made. Conducting forensic investigations are costly most of time thus careful planning has to be made before starting actual investigations.
When planning for a digital forensic investigation, one of the preliminary activities that must be done is to select first the team that will be involved in the investigation. The composition of the team is very important as this will be the “life” of the investigation. A big part of the success of an investigation will depend on the capability of the team to conduct the plan and actual investigation. A well-trained and educated team will be considerably helpful in the duration of the investigation. (Nelson, 2010)
After the composition of the team to conduct the investigation, the team should come up with a “matrix that quantifies the various possibilities the crime scene, the suspect and the digital evidence and qualifies the expertise of the various investigators on the investigation team” (Rogers, 2010). This matrix is very important as this serves as a guide or the blueprint in conducting the investigation. The known and unknown together with the respective expertise of the investigators involved are analyzed to come up with assignments and the best way to approach the investigation process.
Initial notes must also be carefully taken notes on the extent of the capability of the suspect among others and the possible location where the crime is committed. This way, preemptive steps can be taken. Once every possible initial information have been taken cared of, the team will know where to start digging or investigating. (Ashcroft, 2010)
References:
Ashcroft, John (2008). Forensic Examination of Digital Evidence: A Guide for Law Enforcement. Retrieved from www.ncjrs.gov/pdffiles1/nij/199408.pdf
Nelson, Bill (2010). Guide to Computer Forensics and Investigations (3rd edition). Course Technology. Cengage Learning. New York.
Rogers, Marcus K. (2010). Computer Forensics Field Triage Process Model. Retrieved from http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&cPath=11&products_id=228
