I know there are current threads on CP, but I have a related question coming from a different direction, hence a new posting/thread.
Can anyone point me at a sample of a corporate policy that would define what the corporate digital foresnsics analyst is to do when he/she discovers CP (or evidence of any other criminal activity) during an investigation they are performing for their employer?
I have googled for sample corp. policies on this subject but didn't find any examples. I have read the other CP threads, and have seen several good opinions, but I am looking for actual excerpts from corporate policies - something like
"When during the course of an investigation on behalf of "The corporation" the digital forensics analyst observes data that he/she believes may indicate criminal activity, the analyst is to [fill in here]"
Again, I have seen the threads on the "stop, drop, and roll", etc. and agree that those are very good guidelines - but I am looking for more than individual opinions for this question please. I am hoping to find some actual text from coroprate policy addressing what the digital forensics analyst is to do in these situations.
Can anyone post excerpts of corporate policy or provide a link to one somewhere?
It is not a large enough issue that Corporate counsel has to formerly address by creating policy.
In the large organization I work for, we have no such policy. We are told, as investigators, that at any time we discover criminal activity, or suspicion of criminal activity, to stop and contact legal counsel. That's it, it is sufficient for us.
This doesn't require a great deal of imagination, really.
Tell you what…if you FedEx a $30 Starbucks gift card to Jesse Ventura, the former governor of MN, and send me the tracking number, I'll write a policy statement for you. 😉
Tracking down "The Body"… oops… "The Mind" oops… "The MIA Guv" could be an interesting project KeyDet. Last I heard Jesse was some place in the Bahamas or Carrib being an adman for offshore betting. LOL….
-=Art=-
cube6512,
This is a delicate matter. As an employee you are due to care about your company's interest. As an individual you are personally responsible for reporting certain types of crime to the authorities. I'd say that the policy should have in mind what you, as an individual, are obligated to. In case of CP, by law you have to report it. Not doing this is likely to fix you - an individual - a criminal record. I am not sure about US but in UK you also have to report any evidence of money laundering. Again - possible jail term for not doing so. These two are the only (I know of) crimes, not reporting which is likely to put you in prison (in UK).
There is also something called "duty of care". In short - you as an individual have a duty to report any criminal activity you are aware of to the authorities. Depending on the circumstances, failing to do so may, but doesn't have to, put you in trouble.
I think that you should talk to your local LE agency and ask them for an advice (in writing) rather than be looking for examples of existing corporate policies. Talking to a lawyer also seems like a good idea.
Cheers