« « What Qualifies the Computer Forensics?

What Qualifies the Computer Forensics? (2)

requirementThe collection of digital evidence from a Microsoft Windows environment would be aided by the investigator’s knowledge of that environment. A wide assortment of certifications covers the multitude of Microsoft products.

Several organizations, including HTCIA, IACIS, and the NIST (National Institute of Standards and Technology), are working to more clearly define certifications within computer forensics. The certification of labs and equipment, although still not universally agreed on or regulated, has moved much further due to previous work for other scientific forensic disciplines.

Most disagreements surrounding computer forensics lab certifications are related to the origin of the certifications. Most of today’s certifications are derived from or entirely focused on scientific forensics disciplines other than computer forensics.

Despite disagreements, several certification standards for computer forensics labs have been in development, of which ISO 17025 seems to have gained the most favor due to its international focus. Three programs of interest surrounding forensics lab certifications follow:

ASCLD Forensics Lab Certification and Accreditation: This program, which has been used by the various law enforcement organizations for some time, was designed to certify forensic labs in scientific disciplines such as DNA and fingerprint analyses. ASCLD now covers digital evidence. Further information on ASCLD can be found on its Web site at www.ascld-lab.org.

ISO 17025 Forensics Lab Certification and Accreditation: This certification program has the support of the international community, many U.S. organizations and corporations as well as government facilities, and law enforcement agencies. ASCLD is also adopting the ISO 17025 certification process.

NIST Handbook (HB) 150 Lab Certification: This program is a baseline document that can be used as a foundation for many scientific disciplines such as ASCLD. HB 150 has been used as a foundation to validate various federal government labs.

A major player in the creation of the widely accepted IS0 17025 criteria is SWGDE (Scientific Working Group for Digital Evidence). SWDGE is a useful organization with which to keep up to date with lab certification.

Related entries

Digg it StumbleUpon del.icio.us Google

Leave a reply