BS ISO/IEC 27042:2015 provides guidance on the analysis and interpretation of digital evidence
in a manner which addresses issues of continuity, validity, reproducibility, and repeatability. It
encapsulates best practice for selection, design, and implementation of analytical processes and
recording sufficient information to allow such processes to be subjected to independent scrutiny
when required. It provides guidance on appropriate mechanisms for demonstrating proficiency and
competence of the investigative team.Analysis and interpretation of digital evidence can be a complex process. In some circumstances, there
can be several methods which could be applied and members of the investigative team will be required
to justify their selection of a particular process and show how it is equivalent to another process used
by other investigators. In other circumstances, investigators may have to devise new methods for
examining digital evidence which has not previously been considered and should be able to show that
the method produced is "fit for purpose".Application of a particular method can influence the interpretation of digital evidence processed by
that method. The available digital evidence can influence the selection of methods for further analysis
of digital evidence which has already been acquired.This International Standard provides a common framework, for the analytical and interpretational
elements of information systems security incident handling, which can be used to assist in the
implementation of new methods and provide a minimum common standard for digital evidence
produced from such activities.Cross References:ISO/IEC 27000:2013ISO/IEC 27037:2012ISO/IEC 27041ISO/IEC 17024:2003ISO/IEC 17025:2005ISO/IEC 17043:2010ISO/IEC 27004:2009ISO/IEC 27035:2011All current amendments available at time of purchase are included with the purchase of this document.