A control framework for digital forensics

Abstract

This paper introduces a control framework for digital forensics. It proposes a taxonomy for control objectives, categorized within the phases of the digital forensic process: planning and preparation, incident response, investigation and juridical/evidentiary. Using the taxonomy as a basis, a digital forensic reference framework, consisting of control groupings, control objectives and detailed control objectives, is defined. The control framework is intended to provide a sound theoretical basis for digital forensics as well as a reference framework for digital forensics governance within organizations.