Notifications
Clear all

Lab Accreditation  

  RSS
EDS-FIH
(@eds-fih)
New Member

The issue of Lab Accreditation has been raised on many lists, but I've slightly different questions to the normal ones asked.

For those of you who perform forensics, rather than data recovery, and who don't operate clean room environments, which of the following do you comply with or are Accredited to?

ISO / IEC 17020: 1998

ISO 179025

IEC61340-5-1 & 2

Mark

Quote
Posted : 19/04/2005 8:36 pm
Andy
 Andy
(@andy)
Active Member

As I have never heard of any of them, I guess none.

Andy 😯

ReplyQuote
Posted : 19/04/2005 8:40 pm
EDS-FIH
(@eds-fih)
New Member

The ISO standards are designed to provide formal frameworks for quality management in laboratory environments and technical requirements for the proper operation of a testing laboratory. There are differences within the two standards for the types of work undertaken, but there is potential for overlap. EDS CLEF, a sister organisation, is an ISO/IEC 17025: 1999 Accredited Laboratory for the performance of Infosec evaluations, although the standard is probably better suited for the Accreditation of organisation testing shearing parameters in concrete blocks. ISO/IEC 17025 seems to be used a lot by people doing Asbestos inspections, but it would be equally as applicable to Forensics.

The standards are all about having documented policies, procedures and records, with reproducable and repeatable results, externally audited. To be flippant, it is ISO 9001 for people with screwdrivers, although the standards are far more onerous than ISO 9001.

ISO / IEC 17020: 1998 - General Criteria for the Operation of Various Types of Bodies Performing Inspection

ISO/IEC 17025: 1999 - General requirements for the competence of testing and calibration laboratories

EC61340-5-1 is all about electro-static discharge and countermeasures:

Technical Report IEC61340-5-1 & 2:
Protection of electronic devices from electrostatic phenomena.

What ESD protection do you take when opening up machines and handling hard drives?

Mark

ReplyQuote
Posted : 19/04/2005 9:11 pm
Andy
 Andy
(@andy)
Active Member

Thanks for the detailed explanation Mark, I really didn't have a clue what you were talking about! I thought the correct handling of digital/electronic components was pretty much common sense, Jannet & John, A+ stuff. Use of antistatic matting and wrist straps, etc. I was unaware someone had actually formalised this with a standard. I apologise for being a bit thick, and uncorporate like 🙂

Andy

ReplyQuote
Posted : 19/04/2005 10:27 pm
EDS-FIH
(@eds-fih)
New Member

I thought the correct handling of digital/electronic components was pretty much common sense, Jannet & John, A+ stuff. Use of antistatic matting and wrist straps, etc.

It is common sense stuff 😆 , but there is an entire standard/industry built around it. On the Vogon thread we'd been talking about the power of big corporate bodies to skew the market. I guess this could be an example. If we market ourselves, even by inference, as being "more professional" or "more competent" because we can meet these standards and this is accepted, then smaller companies will need to jump through the same hoops or find another regulatory hook to hang their hats on. I was just responding on the Re: Is There a Need for Industry Control? and thinking that these threads all tie together.

Yeah, I guess I've got Corporate going through the middle of me like rock. 😀

ReplyQuote
Posted : 19/04/2005 10:46 pm
Andy
 Andy
(@andy)
Active Member

I know this is off topic, (a valid & serious one too), on a lighter note, try this link if you are ever stuck for a 'corporate' pitch: http://members.aol.com/matt999h/bullshit.htm 😉

Andy

ReplyQuote
Posted : 19/04/2005 10:59 pm
Share: