NF EN ISO/IEC 27043

NF EN ISO/IEC 27043

August 2017
Standard Current

Information technology - Security techniques - Incident investigation principles and processes

ISO/IEC 27043:2015 provides guidelines based on idealized models for common incident investigation processes across various incident investigation scenarios involving digital evidence. This includes processes from pre-incident preparation through investigation closure, as well as any general advice and caveats on such processes. The guidelines describe processes and principles applicable to various kinds of investigations, including, but not limited to, unauthorized access, data corruption, system crashes, or corporate breaches of information security, as well as any other digital investigation. In summary, this International Standard provides a general overview of all incident investigation principles and processes without prescribing particular details within each of the investigation principles and processes covered in this International Standard. Many other relevant International Standards, where referenced in this International Standard, provide more detailed content of specific investigation principles and processes.

See more
View the extract
Main informations

Collections

National standards and national normative documents

Publication date

August 2017

Number of pages

44 p.

Reference

NF EN ISO/IEC 27043

ICS Codes

35.030   IT Security

Classification index

Z74-243

Print number

1

International kinship

ISO/IEC 27043:2015

European kinship

EN ISO/IEC 27043:2016
Sumary
Information technology - Security techniques - Incident investigation principles and processes

ISO/IEC 27043:2015 provides guidelines based on idealized models for common incident investigation processes across various incident investigation scenarios involving digital evidence. This includes processes from pre-incident preparation through investigation closure, as well as any general advice and caveats on such processes. The guidelines describe processes and principles applicable to various kinds of investigations, including, but not limited to, unauthorized access, data corruption, system crashes, or corporate breaches of information security, as well as any other digital investigation.

In summary, this International Standard provides a general overview of all incident investigation principles and processes without prescribing particular details within each of the investigation principles and processes covered in this International Standard. Many other relevant International Standards, where referenced in this International Standard, provide more detailed content of specific investigation principles and processes.

Table of contents
View the extract
  • 1 Domaine d'application
  • 2 Références normatives
  • 3 Termes et définitions
  • 4 Symboles et abréviations
  • 5 Investigations numériques
  • 6 Processus d'investigation numérique
  • 7 Processus de préparation
  • 8 Processus d'initialisation
  • 9 Processus d'acquisition
  • 10 Processus d'investigation
  • 11 Processus simultanés
  • 12 Schéma du modèle du processus d'investigation numérique
  • Annexe A Processus d'investigation numérique: motif d'harmonisation
  • Bibliographie
Need to identify, monitor and decipher standards?

COBAZ is the simple and effective solution to meet the normative needs related to your activity, in France and abroad.

Available by subscription, CObaz is THE modular solution to compose according to your needs today and tomorrow. Quickly discover CObaz!

Request your free, no-obligation live demo

I discover COBAZ