Forensic readiness planning

A forensic investigation of digital evidence is commonly employed as a post event response to a serious information security incident or computer related crime.

Forensic Readiness Planning

Portcullis’ forensic team is able to provide clients with assistance in formulating a Forensic Readiness Plan (FRP) to ensure any incident response, which requires the acquisition of digital evidence, can be conducted effectively and efficiently.

A forensic readiness plan is an important part of a strategic Incident Response plan. Without both forensic readiness plan and incident response plans, any organisation is severely limiting investigations into an IT Security incident. For example, it is not possible to effectively investigate a network incident unless secure logging has been enabled on network and/or endpoint devices.

A large number of corporate investigations never result in legal action. Data does not, therefore, require to be handled in a forensically sound manner. However, it is always possible for an investigation to uncover some illegal activity that has to be handed over to the local law enforcement agencies. If suspect media has not been handled correctly, the whole prosecution case may be jeopardised. Compliance with a forensic readiness plan will ensure all staff involved in any investigation are aware of the correct procedures to follow when handling digital evidence.

Benefits of forensic readiness planning

It gives an organisation the ability to use digital evidence to minimise the cost of an investigation.
It addresses a number of key business risks by providing evidence to detect and deter crime such as fraud, information theft, internet abuse and by preparing an organisation for the use of digital evidence in its own defence.

Get in Touch!

Would you like to know more about forensic and readiness planning? You don’t know where to begin? Get in touch and speak to an expert consultant on UK +44 20 8868 0098 or fill out the form below!