ABSTRACT
Organizations exist in many different contexts, and within each there are different and unique requirements when it comes to digital forensic capabilities. Having the opportunity to be both proactive and reactive in their digital forensic capabilities, first and foremost organizations must follow a systematic approach so that their digital forensic capabilities are properly aligned to business and organizational needs. This chapter discusses the steps the organizations should follow to answer "who, where, what, when, why, and how" in-house digital forensic capabilities will be implemented. The steps are: Understand Business Risks; Outlining Business Scenarios; Establish Governance Framework; Enable Technical Execution; and Define Service Offerings. Different laws, standards, and regulations govern the operations of organizations conducting business in different industries. Where organizations have a presence in multiple countries and regions, their investigations are increasingly becoming international in nature.
