top of page

SecAware materials

SecAware logo

~3-page information security policy template on digital (electronic) forensics.


This policy concerns the collection, analysis and use of forensic evidence relating to/arising from digital data, IT systems, cyber incidents etc.  'Forensic' means suitable for presentation in court, and implies strict controls for gathering/handling, analysing, storing and communicating the evidence.


Digital forensics work must be conducted solely by suitably qualified and competent experts using appropriate digital forensics tools and following formal procedures.


Ineptitude, corner-cutting and careless work can easily discredit and hence destroy the value of forensic evidence, potentially decimating any court cases, disciplinary actions etc. that depend upon it.


Setting-up the organisation to achieve the necessary professionalism and competence is no mean feat, a substantial governance issue in its own right. Even employing third-party forensics specialists is no guarantee that they are in fact competent, capable, diligent and trustworthy (buyer beware!).


Note: this is not legal advice!


Supplied as an MS Word document, readily customised for your organisation's specific situation.

Digital forensics policy

  • Information security policy template on on digital forensics (eForensics)


    See also the policy on incident management

bottom of page