Forensic Lab Three-Year Plan

Equipment Inventory

  • Evidence Containers (x3)
  • Chairs
  • Desks
  • Workbench desk
  • Digital cameras capable of still and motion recording
  • Antistatic Bags
  • Antistatic Cloth
  • Electronic-safe Pressurized Air Canisters
  • Alarm System
  • Cabinet Locks
  • Keys
  • Visitor’s Log
  • A variety of hard drives and USB drives
  • Power Cables
  • Surge Protectors
  • Extension Cables
  • USB 3.0 cables
  • SATA cards
  • External CD/DVD Drives
  • Various tools (Philips head screwdrivers, Flathead screwdrivers, Wrenches, etc)
  • Firewall software
  • Wireshark software program
  • OSForensics software program
  • Various programming language programs (Python, Javascript, C, C++, etc)
  • Microsoft Office
  • Hexadecimal editors
  • Variety of specialized image viewers
  • Accounting Applications
  • Various computer monitors
  • Windows, Macintosh, Linux OS computers
  • Various backup systems

Lab Accreditation Plan

(ANAB, n.d.)

The lab should read the MA 3033, Accreditation Manual for Forensic Service Providers, ISO/IEC 17025 requirements, and the ANAB requirements. The lab then must contact ANAB or ANSI National Accreditation Board in order to start the accreditation process. After contacting ANAB, the lab must show they are following the ISO/IEC 17025 requirements and develop a scope for their service. These requirements include developing a scope, normative references, terms and definitions, management requirements, and technical requirements. Training is offered by ANAB regarding ISO standards of accreditation that is optional but recommended for the lab.

Lab Maintenance Plan

  • Keep everything in a proper order.
  • Continuous inventory checks.
  • Constant cleaning of workstations.
  • Keep software up to date.
  • Clean all tools regularly.
  • Make sure everyone is logged on the visitor’s log.
  • Periodically upgrade to new hardware.
  • Consistently purchase consumable items (Paper, pens, pencils, etc)

Staffing: Requirements and Descriptions

(Jones, 2017)

  • Lab Manager –
    • Must have advanced technical knowledge and a strong understanding of legislative requirements for evidence, as well as the proper procedures and processes that follow.
    • Must have control over the original setup, identify the building, purchasing equipment and software, and setting the procedures and functions of the lab.
    • Is responsible for recruiting, training, mentoring, guiding, and counselling everyone on the team.
  • Digital Forensics Analyst: Computers –
    • Must have technical knowledge and have appropriate qualifications.
    • Having training/experience with digital forensics software is preferred.
    • Must have knowledge of current legislation and be able to prove these points during investigations.
    • Requires an analytical and investigative mindset.
    • Must be able to deliver their findings in a clear and understandable format.
    • Must have good oral and written communication skills.
  • Digital Forensics Analyst: Mobile Devices –
    • Must have technical knowledge and have appropriate qualifications.
    • Having training/experience with mobile device acquisition is preferred.
    • Must have knowledge of current legislation and be able to prove these points during investigations.
    • Requires an analytical and investigative mindset.
    • Must be able to deliver their findings in a clear and understandable format.
    • Must have good oral and written communication skills.
  • Forensic Imaging Technician –
    • Must be able to take forensic copies of hard drives and other media drives.
    • Requires good technical knowledge.
    • Requires a good understanding of various methods of forensically acquiring data from storage devices.
    • Must have good attention to detail.
    • Must be able to clearly document all of their actions, the verification of imaged data, and the continuity of evidence.
  • Administration –
    • Must be able to maintain continuity of evidence and the chain of custody.
    • Will be required to document every case, and routinely check serial numbers and case files.
    • Must be able to make decisions of the seriousness of an investigation.
    • Must be able to enter information into the case file system.
    • Must be able to liaison with other agencies, members of the police force, and the forensic laboratory team.
    • Requires strong oral and written communication skills.

References

ANAB. (n.d.). ISO/IEC 17025 forensic Lab ACCREDITATION: ANAB. Retrieved February 27, 2021, from https://anab.ansi.org/forensic-accreditation/iso-iec-17025-forensic-labs

Jones, N., Völzow, V., Bradley, A., & Stamenkovic, B. (2017). Digital Forensics A BASIC GUIDE FOR THE MANAGEMENT AND PROCEDURES OF A DIGITAL FORENSICS LABORATORY (Vol. 1.1). Council of Europe. Retrieved February 27, 2021, from https://www.coe.int/documents/9252320/19022082/GLACY+DFL+Guide+version+June+2017+v6.pdf/d10b6d08-2baf-0f43-0ac5-23309ec58f2e

Forensic Lab DiagramDownload