APPENDIX C-2
Questionnaire for Review of Conformity with
Quality Standards for Digital Forensics
June 18, 2019
PURPOSE. This appendix is used to aid in the assessment of an organization’s conformity with the Quality Standards for Digital Forensics (QSDF), dated June
18, 2019, and it is used during Council of the Inspectors General on Integrity and Efficiency (CIGIE) qualitative assessment reviews of investigative operations.
The purpose of this appendix is to guide the review and assist in making a determination that an organization has adequate policies and procedures to ensure
digital forensics can be properly employed to support investigations performed by the organization. This appendix does not establish or define any standards but
is simply a checklist referencing the standards in the QSDF. If the organization conducting the peer review does not have in-house personnel with digital forensic
experience to conduct the review of an organization that conducts its own digital forensics work, it must seek assistance from another CIGIE organization. While
all organizations should immediately begin implementing the requirements in the 2019 QSDF, organizations are not required to meet the new requirements
(identified with an asterisk below) until October 1, 2020. This document supersedes Appendix C-2, Questionnaire for Review of Conformity with Quality
Standards for Digital Forensics, dated November 19, 2013.
PHASE 1
Policy/
Procedure
PHASE 2
Consistent
Practice
Reviewed
Agency
Policy/Manual
Reference
A. MANAGEMENT STANDARDS – Management standards apply to the organizational environment in which digital forensics are performed.
1. Does the organization have written policies and procedures
to ensure digital forensics can be used to support its
investigations, when appropriate?
QSDF, Mgmt
Stds, Section A
2. Does the organization have policy on how it handles
situations where the capability to acquire or analyze ESI is
needed (whether performed internally or by an external
entity)?
QSDF, Mgmt
Stds, Section A
3. Do examiners ensure they have the legal authority to search
through the digital data they are examining?
QSDF, Mgmt
Stds, Para A.2
4. Do examiners consult with the prosecutor or the
organization’s counsel to resolve any questions about the
authority to conduct a forensic examination?
QSDF, Mgmt
Stds, Para A.2
5. Is ESI handled and stored in a manner that precludes the
inadvertent alteration or destruction of evidence by human
interaction or environmental conditions, and is the chain of
custody maintained?
QSDF, Mgmt
Stds, Para A.3