3-page generic policy on electronic forensics i.e. the collection, analysis and use of forensic evidence relating to/arising from digital data, IT systems etc.
eForensics work must be conducted solely by suitably qualified and competent experts (whether employees or third-parties), using appropriate tools and following formal procedures.
Ineptitude, corner-cutting and careless work can easily destroy the value of forensic evidence, potentially decimating any court cases, disciplinary actions etc. that depend upon it.
Setting the organization up to achieve the necessary professionalism and competence is no mean feat, a substantial governance issue in its own right. Even employing third party forensics specialists is no guarantee that they are in fact up to the job (buyer beware!).
Note: this is not legal advice!
Delivered as an editable MS Word document, easily customized for your organization's specific needs.