Digital Forensic Readiness as a Component of Information Security Best Practice

  • C P Grobler
  • C P Louwrens
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 232)


In a world where cyber crime is constantly increasing, pervasive computing is on the rise and information is becoming the most sought after commodity making an effective and efficient Information Security (IS) architecture and program essential. ‘With this improved technology and infrastructure, ongoing and pro-active computer investigations are now a mandatory component of the IS enterprise’ [16]. Corporate governance reports require that organizations should not only apply good corporate governance principles, but also practice good IT governance and specially IS governance. Organizations develop their security architectures based on current best practices for example [21] and [12]. These best practices do not consider the importance of putting controls or procedures in place that will ensure successful investigations. There is a definite need to adapt current Information Security (IS) best practices to include for example certain aspects of Digital Forensics (DF) readiness to the current best practices to address the shortcomings. Whilst IS and DF are considered as two different disciplines, there is a definite overlap between the two [29]. The aim of this paper is to examine the overlap between DF and IS, to determine the relevance of DF readiness to IS and propose the inclusion of certain aspects of DF readiness as a component for best practice for IS.


Corporate Governance Information Security Good Corporate Governance Digital Evidence Information Asset 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    American Heritage Dictionary (4th Edition), (New York, NY: Houghton Mifflin, 2000).Google Scholar
  2. 2.
    Cullery A, Computer Forensics: Past Present And Future, Information Security Technical Report, Volume 8, number 2, (Elsevier, 2003), p 32–35.Google Scholar
  3. 3.
    Dictionary.Com, (June 31, 2006),
  4. 4. Digital Forensic Research Workshop, A Roadmap for Digital Forensics Research,(2001),
  5. 5.
    Endicott-Popovsky B, Frincke D, Adding the 4th R: A Systems Approach to Solving the Hackers Arms Race, Proceedings of the 2006 Symposium 39th Hawai International Conference on System Sciences, (2006).Google Scholar
  6. 6.
    Garcia J, 2006, Pro-Active and Re-Active Forensics, (September 5, 2006),
  7. 7.
    Gordon La, Loeb M, Richardson R, Lucyshyn W, 2006 CSI/FBI Computer Crime and Security Survey, (Computer Security Institute, 2006).Google Scholar
  8. 8.
    Grobler CP, VonSolms SH, A Model To Assess The Information Security Status of an Organization with Special Reference to the Policy Dimension, Master’s Dissertation, (2004).Google Scholar
  9. 9.
    Hilley, 2004, The Corporation: The Non-Policed State, (September 24, 2006),
  10. 10.
    Hoffman T, 2004, Sarbanes-Oxley Sparks Forensics Apps Interest, (March 29, 2004), http://www.Computerworld,com/action/article. do?command=viewarticlebasic&a rticleid=91676.
  11. 11.
    Inforenz, 2006, Are You Ready For Forensics?, (September 14, 2006),
  12. 12.
    Cobit: Control Objectives for Information and related technologies, (IT Governance Institute, 3rd edition, 2000)Google Scholar
  13. 13.
    King II Report on Corporate Governance, (August, 2003),
  14. 14.
    Kruse II, Warren G, Jay G Heiser JG, Computer Forensics Incident Response Essentials, (Addison Wesley, Pearson Education 2004).Google Scholar
  15. 15.
    Louwrens B, Von Solms SH, Reeckie C, Grobler T, A Control Framework for Digital Forensics, Advances in Digital Forensics, (Springer, 2006).Google Scholar
  16. 16.
    Patzakis J, Computer Forensics as an Integral Component of Information Security Enterprise, Guidance Software, (October 24, 2005),
  17. 17.
    Quinn S, Examining The State of Preparedness of IT Management in New Zealand for Events that may require Forensic Analysis, Digital Investigation, December 2005, Volume 2, Issue 4, (Elsevier, 2005), p. 276–280.Google Scholar
  18. 18.
    Reith M, Varr V, Gunch G, An Examination of Digital Forensic Models. International Journal Of Digital Evidence Volume 1, Issue 3, (Elsevier, 2002), (February 15, 2005),
  19. 19.
    Rosseau Von Solms, SH (Basie) Von Solms, Information Security Governance: Due Care, Computers And Security, (August 13, 2006), doi:10:1016/Jcose.Google Scholar
  20. 20.
    Rowlingson, A Ten Step Process for Forensic Readiness, International Journal of Digital Evidence, Volume 2 Issue 3, Winter 2004, (Elsevier, 2004). 24Google Scholar
  21. 21. SABS ISO/IEC17799. SABS Edition 11/iso/iec Editionl, South African Standard, Code of Practice for Information Security Management, (South African Bureau of Standards, 2001).Google Scholar
  22. 22.
    Sheldon A, Forensic Auditing, The Role of Computer Forensics in the Corporate Toolbox, (March 25, 2004),
  23. 23.
    Sinangin D, Computer Forensics Investigations in a Corporate Environment, Computer Fraud and Security Bulletin, Volume 8, p. 11–14, June 2002, (Elsevier, 2002).Google Scholar
  24. 24.
    Stephenson P, Conducting Incident Post Mortems, Computer Fraud and Security, April 2003, (Elsevier, 2003).Google Scholar
  25. 25.
    The Electronic Communications and Transactions Act, (2003),
  26. 26.
  27. 27.
    Von Solms SH, Information Security Governance: Cobit or ISO17799 or both, Computers and Security, Volume 24, Issue 2, March 2005, (Elsevier, 2005).Google Scholar
  28. 28.
    Von Solms SH, Information Security: The Fourth Wave, Computers and Security, Volume 25, Issue 3, May 2006, (Elsevier, 2006), p. 165–168.CrossRefGoogle Scholar
  29. 29.
    Von Solms SH, Louwrens CP. Relationship between Digital Forensics, Corporate Governance, Information Technology and Information Security Governance, (Information Security Of South Africa Conference 2005 Proceeding, 2005).Google Scholar
  30. 30.
    Wolfe H, The question of organizational forensic policy, Computer Fraud and Security, Volume 6, June 2004, (Elsevier, 2004), p. 13–14.Google Scholar

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • C P Grobler
    • 1
  • C P Louwrens
    • 2
  1. 1.Department of Business ITUniversity of JohannesburgJohannesburgSouth Africa
  2. 2.NedbankSouth Africa

Personalised recommendations