Computer Forensics Code of Ethics
Computer Forensics Code of Ethics ensures fairness and integrity
An important aspect of most professional associations is its code of ethics. A code of ethics is normally established and defined by the practitioners themselves, and is part of a membership practice and (often) licensing. Membership can also involve government organizations, testing and licensing as well as monitoring and reporting of individuals who desire to remain in good standing. Annual fees often must be paid to become a member as well as ongoing education and upgrading of skills, not to mention re-certification at regular intervals. First and foremost, though, any code of ethics defines and guides the parameters under which the practice is carried out.
In computer forensics, The International Society of Forensic Computer Examiners (ISFCE)[1] establishes the code of ethics and professional responsibility for the field. It requires an examination which also has specific guidelines regarding how the exam is to be taken (such as not cheating). Like most codes of conduct, this one requires that each and every member abide by its rules in order to maintain good standing, retain licensing, and avoid potential suspension or revoking of certification if the code is broken.
Learn Digital Forensics
Purpose of a code of ethics and membership
Many organizations require that their members pass examinations to belong and adhere to the code of ethics or face expulsion, and sometimes even prosecution. These stringent guidelines are required in order to give credibility to the field. They work to assure that the services of the practitioner are accredited to high standards, and trustworthy. More, if the work is not deemed acceptable or questions of conduct, integrity or other behaviours arise, there is recourse and potential consequences for the member involved. Membership protects both the practitioner and the public that might draw upon the expertise and services.
Details of the code of ethics[2]
The heart of the code of ethics is broken up into two parts: what the practitioners “will at all times” do, and what they “will never” do. This two-part list includes unequivocal statements of responsibility. The code expresses the values and principles that guide the mission of the organization and its practitioners. Its stringent guidelines ensure that both the members and the public are protected with respect to the intent and function of those involved in forensic examinations.
What a certified computer examiner “will at all times” do
The code states, in part, that an examiner will at all times demonstrate “commitment and diligence”, “abide by the highest moral and ethical standards”, as well as “comply with all legal orders of the courts” and “thoroughly examine all evidence” within the scope of an investigation.
What a certified computer examiner “will never” do
An examiner commits to “never withhold any relevant evidence”, “reveal any confidential matters”, “express an opinion on the guilt or innocence of any party” or “engage in any unethical or illegal conduct”, among other express limitations.
Costs of certification
Currently, the certification process costs $US395. Members must retake the exam every two years in order to stay current. If an applicant fails the exam, there is a wait period before retaking it at a cost of $US175. The membership itself has no independent fee, but until the exam is passed, an applicant cannot claim to be a member of this group.
Broadly, the computer forensic code of ethics demands that its participants carry out their role in a manner that is free from bias, diligently and professionally pursued, and where violations are reported as quickly as possible. [3]
Elements of examination for certification
Potential applicants can download a guide to this process from the ISFCE. The guide outlines the general areas any practitioner needs to master in order to attain certification, but all areas may or may not be encountered in any single examination. The exam is completed online, and includes preparing three reports on media that are supplied for this purpose. In addition to testing on ethics and the law, applicants may also encounter questions regarding the following topics:
- Common software issues such as licensing and versions
- Hardware specifications and identification
- Media that might comprise part of evidence compilation
- Network overviews
- Mobile device forensics
- Operating systems
- The acquisition process: demonstrate standard procedures to collect evidence
- Forensic operation procedures
- Files and media geometry
- Procedures for forensic media and imaging techniques
- Manual file recovery skills
- Specific processing skills required in the examination
- Practical skills required in the process of data recovery
Benefits of membership
The ISFCE also provides a number of benefits to those who pass the exam and become bona fide members in good standing. The first benefit is the credibility that the member receives for being accepted to the organization. Names are often publicly listed on the website—and this is the case with the ISFCE.[4] This can be excellent advertising for people who work as consultants and to make connections with other members. In addition, ISFCE members gain access to a monthly journal, special insurance rates, lower costs on some tools of the trade, among other things. More, members gather at least once each year to network, which can be beneficial to establish contacts in the field as well as for future job openings and other opportunities.
Many professional organizations have a flagship organization that provides membership and offers licensing. In many cases membership is a prerequisite to practice. Law, medicine, education, to name a few areas, are examples. Membership can offer protection to both the practitioners as well as the general public, ensuring that only those who meet the standards of practice can carry out the work and those who request it can be sure they are receiving the best standards of practice from members and licensees.
[1] Home page for the ISFCE: https://www.isfce.com/
[2] The code of ethics can be read here: https://www.isfce.com/ethics2.htm
[3] https://www.isfce.com/ethics2.htm
Learn Digital Forensics
[4] https://www.isfce.com/ccelist.htm
Learn Digital Forensics
Build your digital forensics skills with hands-on training in Infosec Skills. What you'll learn- Forensics concepts
- Computer forensics
- Mobile forensics
- Network forensics
- And more
In this Series
- Computer Forensics Code of Ethics
- Digital forensics and cybersecurity: Setting up a home lab
- Top 7 tools for intelligence-gathering purposes
- iOS forensics
- Kali Linux: Top 5 tools for digital forensics
- Snort demo: Finding SolarWinds Sunburst indicators of compromise
- Memory forensics demo: SolarWinds breach and Sunburst malware
- Digital forensics careers: Public vs private sector?
- Email forensics: desktop-based clients
- What is a Honey Pot? [updated 2021]
- Email forensics: Web-based clients
- Email analysis
- Investigating wireless attacks
- Wireless networking fundamentals for forensics
- Protocol analysis using Wireshark
- Wireless analysis
- Log analysis
- Network security tools (and their role in forensic investigations)
- Sources of network forensic evidence
- Network Security Technologies
- Network Forensics Tools
- The need for Network Forensics
- Network Forensics Concepts
- Networking Fundamentals for Forensic Analysts
- Popular computer forensics top 19 tools [updated 2021]
- 7 best computer forensics tools [updated 2021]
- Spoofing and Anonymization (Hiding Network Activity)
- Browser Forensics: Safari
- Browser Forensics: IE 11
- Browser Forensics: Firefox
- Browser forensics: Google chrome
- Webinar summary: Digital forensics and incident response — Is it the career for you?
- Web Traffic Analysis
- Network forensics overview
- Eyesight to the Blind – SSL Decryption for Network Monitoring [Updated 2019]
- Gentoo Hardening: Part 4: PaX, RBAC and ClamAV [Updated 2019]
- Computer forensics: FTK forensic toolkit overview [updated 2019]
- The mobile forensics process: steps and types
- Free & open source computer forensics tools
- An Introduction to Computer Forensics
- Common mobile forensics tools and techniques
- Computer forensics: Chain of custody [updated 2019]
- Computer forensics: Network forensics analysis and examination steps [updated 2019]
- Computer Forensics: Overview of Malware Forensics [Updated 2019]
- Incident Response and Computer Forensics
- Computer Forensics: Memory Forensics
- Comparison of popular computer forensics tools [updated 2019]
- Computer Forensics: Forensic Analysis and Examination Planning
- Computer forensics: Operating system forensics [updated 2019]
- Computer Forensics: Mobile Forensics [Updated 2019]
- Computer Forensics: Digital Evidence [Updated 2019]
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Digital forensics
Digital forensics
Digital forensics
Digital forensics