EN ISO/IEC 27037:2016

Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence (ISO/IEC 27037:2012)

General information

60.60 Standard published   Aug 24, 2016

CEN/CENELEC

CEN/CLC/JTC 13 Cybersecurity and Data Protection

European Norm

35.030   IT Security

Scope

ISO/IEC 27037:2012 provides guidelines for specific activities in the handling of digital evidence, which are identification, collection, acquisition and preservation of potential digital evidence that can be of evidential value.
It provides guidance to individuals with respect to common situations encountered throughout the digital evidence handling process and assists organizations in their disciplinary procedures and in facilitating the exchange of potential digital evidence between jurisdictions.
ISO/IEC 27037:2012 gives guidance for the following devices and circumstances:

Digital storage media used in standard computers like hard drives, floppy disks, optical and magneto optical disks, data devices with similar functions,
Mobile phones, Personal Digital Assistants (PDAs), Personal Electronic Devices (PEDs), memory cards,
Mobile navigation systems,
Digital still and video cameras (including CCTV),
Standard computer with network connections,
Networks based on TCP/IP and other digital protocols, and
Devices with similar functions as above.

The above list of devices is an indicative list and not exhaustive.

Life cycle

NOW

PUBLISHED
EN ISO/IEC 27037:2016
60.60 Standard published
Aug 24, 2016

Relations

Adopted from ISO/IEC 27037:2012 IDENTICAL