3-page generic policy on digital forensics (i.e. the collection, analysis and use of forensic evidence relating to/arising from digital data, IT systems etc.).
Digital forensics work must be conducted solely by suitably qualified and competent digital forensics experts (whether employees or third-parties), using appropriate tools and following formal procedures rigorously, to the letter.
Ineptitude, corner-cutting and careless work can easily destroy the value of forensic evidence, potentially decimating any court cases, disciplinary actions etc. that depend upon it.
Setting the organization up to achieve the necessary professionalism and competence is no mean feat, a substantial governance issue in its own right. Even employing third party forensics specialists is no guarantee that they are in fact up to the job (buyer beware!).
Note: this is not legal advice!
Delivered as an editable MS Word document, easily customized for your organization's specific needs.
Digital forensics policy
Template policy on digital forensics (eForensics)
See also the policy on incident management