On the importance of standardising the process of generating digital forensic reports

Abstract

The ISO/IEC 27043:2015 international standard provides new standardised guidelines for common investigation processes across various investigation scenarios that mostly involve digital evidence. The reporting process is one of the many investigative processes described in the ISO/IEC 27043:2015 standard, but the manner in which the reporting process is presented does not constitute or cover the specificity of the presentation of the entire processes covered in the standard. In this paper, we posit the importance of having the report generation process covering details obtained from all other classes of the digital investigation processes in a standardised format, as well as the need to standardise the process of generating digital forensic reports. Such a standardised process can facilitate future automation and text analytics, sharing of reports and knowledge across jurisdictions, etc. We also identify a number of key factors, such as the use of Blockchain, which should be added to the ISO/IEC 27043 international standard in order to support a standardised digital forensic report generation process.