So what is the mandatory route within the UK? My understanding is that the Regulator has no statutory powers.
For now it is like that
All forensic science providers (FSPs) contracted to provide services to police forces through the previous and current procurement frameworks must be accredited to ISO 17025 for those services.[104] Police laboratories can currently conduct forensic science activities without accreditation to this standard (see paragraph 40).
But an email I received today from csofs.org mentions
Are you a ST (sole trader) or SME (small/medium enterprise) doing forensic casework but not yet accredited to ISO 17025 or 17020? Maybe you work for a small government organisation or a university department. The forensic strategy published last week makes it clear that non- compliance to these standards is not an option
On another tangent, can anyone point to a definition concerning exactly what computer forensics is? Without this, how can a mandatory system exist as where is the line between those that have to be accredited and those who don't? For example, is capturing a web page or site regarded as digital forensics?
.. can anyone point to a definition concerning exactly what computer forensics is? Without this..
"The branch of forensic science that focuses on the identifying, acquiring, processing, analysing and reporting of evidence that is stored on computer systems, digital devices and other storage media with the aim of admissibility in court is called Digital Forensics"
Thanks, I had seen that definition but we need to know the definition that the Regulator will adopt in seeking to enforce the mandatory standards.
According to the 2008 US-CERT Publication..
"We define computer forensics as the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law."
NIST SP800-86 states
"Generally, it is considered the application of science to the identification, collection, examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data."
Thanks, I had seen that definition but we need to know the definition that the Regulator will adopt in seeking to enforce the mandatory standards.
This is the Forensic Science Regulator's definition
2.2.2 Digital forensics, is be taken to be the process by which information is extracted from data storage media (e.g. devices, remote storage and systems associated with computing, imaging, video, audio, satellite navigation, communications), rendered into a useable form, processed and interpreted for the purpose of obtaining intelligence for use in investigations, or evidence for use in criminal proceedings.
from
Pdf of
What does it say in the standard about having to work on Bank Holiday? -(
It is generally accepted by most people that tainted evidence or charlatan testimony should be prevented in our profession. We all wish to maintain good quality, procedures and performance
I have had it confirmed that ISO/IEC 17025 has application to larger organisations. The standard becomes "virtually unworkable for small providers and sole practitioners"…and there are high costs involved.
There maybe a justification requirement placed upon the FSR re organisation size and cost vis-à-vis ISO9001 which specifically states that it is intended to be 'applicable to all organizations, regardless of type, size and product' (or service)' - Clause 1.2. Additionally, ISO9001 makes it possible during accreditation to cater for graduated costs in terms of small to large organisations. Does ISO/IEC 17025 do that and, if not, why not?
However, ISO/IEC 17025 is not the only route. Forensic evidence can still be produced and evidence given. The courts have the final say as to who may give evidence as a witness/expert and the admissibility of evidence even if it is produced by an ISO/IEC 17025 etc. accredited lab. It is an influencing factor that organisations can have accreditation might assist the court in the decision making process to allow that evidence, but it is not a guaranteed. Also, if a person with high skill and experience, say from a scientific background, discovers a new way to retrieve digital evidence which is not in mainstream knowledge and that person or lab has no accreditation this does not disbar him/her or the evidence.
Furthermore, ISO/IEC 17025 does not stop an assessment or challenge of the complete evidence obtained being made by an accredited lab.