BS ISO IEC 30121:2015 pdf free download – Information technology – Governance of digital forensic risk framework
1 Scope
This International Standard provides a framework for Governing bodies of organizations (includingowners, board members, directors, partners, senior executives, or similar) on the best way to preparean organization for digital investigations before they occur.This International Standard applies to thedevelopment of strategic processes (and decisions) relating to the retention, availability, access, and costeffectiveness of digital evidence disclosure. This International Standard is applicable to all types andsizes of organizations.
2Normative references
The following documents, in whole or in part, are normatively referenced in this document and areindispensable for its application.For dated references,only the edition cited applies.For undatedreferences, the latest edition of the referenced document (including any amendments) applies.
ISO/1EC 38500, Information technology —Governance of IT for the organization
ISO Guide 73:2009, Risk management — Vocabulary
4.1Responsibility
Individuals and groups within the organization understand and accept their responsibilities in respectof both supply of, and demand for digital evidence.Those with responsibility for investigations also havethe skill, independence and authority to perform those actions.
4.2Strategy
The organization’sstrategy development takesinto accountthecurrent and future retention,availability,access to and cost effectiveness of digital evidence; the strategic plans for evidential capability satisfythe current and ongoing needs of the organization.
4.3Acquisition
lT asset acquisitions are made to support the organization’s strategies, on the basis of appropriate andongoing analysis, with clear and transparent decision making. There is appropriate balance betweenbenefits, opportunities,costs, and risks, in both the short term and the long term.
4.4 Performance
IT is fit for purpose in supporting the organization, providing the services, levels of service and servicequality required to meet current and future organization digital evidence requirements.
4.5Conformance
IT assets comply with all mandatory legislation and regulations. Policies and practices are clearlydefined, implemented and enforced in accordance with the organization’s risk criteria.
4.6Human behaviour
Digital forensic policies, practices and decisions demonstrate respect for human behaviour, includingthe current and evolving needs of all the people in the organization’s processes.
5.1Stakeholder mandate
The Governing body should be constituted to represent the stakeholders, is to have the authority to setthe strategic direction of the organization, and should establish the capabilities to function.
5.2Establishment
The work cycle of the Governing body should be aligned with the tasks of Evaluate – Direct – Monitor;and to facilitate the adoption of strategic policy, strategic planning and strategic capability.
5.3 Evaluate
The Governing body should examine and make judgement on the current and future requirements fordigital evidence, including strategies,proposals, plans and supply arrangements (whether internal,external, or both). In evaluating the use of IT, the requirement to produce digital evidence and therequirements for forensic processes should be assessed.
5.4 Direct
The Governing body should assign responsibility for, and direct preparation and implementation ofstrategies, plans and policies. Plans should set the strategic direction for digital evidence,IT operationsand capabilities. Governing bodies should encourage a culture of good governance of IT in theirorganization by requiring managers to provide timely information, to comply with strategic directionsand to conform to the risk criteria.
5.5 Monitor
The Governing body should monitor, through appropriate measurement systems, the performance andconformance of iT systems for digital evidence. They should reassure themselves that performanceis in accordance with strategic plans and its levels of risk are within the organization’s risk criteria.Responsibility for the effective,efficient and acceptable use of lT for evidential purposes by anorganization, remains with the Governing body and cannot be delegated.