Contenu connexe
Similaire à File000168 (20)
Plus de Desmond Devendran (11)
File000168
- 2. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
News: Computer Forensics Specialist Is
Able to Disprove a Claim Involving
Improper Use of Data
As more and more business is conducted electronically, the legal community has become
aware of the need to properly archive data that might be required as evidence in
litigation. Computer forensics investigation certainly plays a key role in the electronic
discovery process.
As Boston attorney Michael J. McHugh recently learned, however, computer forensics specialists like
Ispirian's Tom Smith, a forensic scientist and a member of the American College of Forensic Examiners
Institute of Forensic Science, can also aid companies and their legal counsel in addressing claims
regarding the improper use or destruction of data.
“We often use IT people for litigation support. Usually it boils down to how you produce electronic files
under the new federal rules for electronic discovery,” McHugh said. “I had the privilege of working with
Tom recently and seeing how he can actually re-create what had occurred inside a computer with a
particular set of data over a period of time. This was the first time that the actual inner workings of the
computer were relevant to an issue that I had in a case.
“I had a general idea of what takes place inside a computer but I had never had the need to retain
someone like Tom who could prepare a report that detailed it step by step.”
In electronic discovery, computer forensics ensures that digital evidence isn’t corrupted or contaminated
from a legal standpoint. However, the same techniques can be used to prove — or, in this case, disprove
— that computer devices have been used for improper or illegal activities.
Source: http://www.hgexperts.com/
- 3. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Module Objective
• Compliance and Computer Forensics
• Information Security Compliance Assessment
• Principle of Legal Compliance
• Elements of an Effective Compliance Program
• Compliance Program Structure
• Creating Effective Compliance Training Program
• Copyright Protection
• Copyright Licensing
• Criminal Prosecution
• Due Diligence
• Evidence Collection and Preservation
• Fraud, Waste, and Abuse
This module will familiarize you with:
- 4. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Module Flow
Compliance and
Computer Forensics
Elements of an Effective
Compliance Program
Principle of Legal
Compliance
Copyright LicensingCopyright Protection
Creating Effective
Compliance Training
Program
Compliance Program
Structure
Information Security
Compliance Assessment
Criminal Prosecution
Due DiligenceFraud, Waste, and Abuse
Evidence Collection
and Preservation
- 6. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Regulatory Compliance and
Computer Forensics
Private and confidential information used and shared without authorization,
increases the possibility of identity theft and other unauthorized usage
The Regulatory compliance refers to systems or departments at corporations and
public agencies to ensure that personnel are aware of and take steps to comply
with relevant laws and regulations
Acts for compliance with information security:
• Sarbanes Oxley Act
• Gramm-Leach Bliley (GLB) Act
• HIPPA Act
• California SB 1386 Act
- 7. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Legal and Liability Issues
Failure to follow proper legal procedure will result ruling out the evidence in
the court
The confidence of the public in law enforcement may be lost, if the
investigator fails to behave in ethical manner
The tension between privacy rights and law enforcement’s need to search and
seize digital evidence may cause problem in investigation
- 8. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Information Security
Compliance Assessment
• Laws and regulations help in preparing the project plan
• It guides through collecting, analyzing and presenting the information
Step 1: Find out related laws and regulations
• The plan provides schedule, task, and objective of the project
Step 2: Prepare the project plan
• This step includes document review, asset identification, and meeting with the
management
Step 3: Collect information and identify assets
• In this step, information collected is integrated for risk analysis
Step 4: Perform risk analysis
Information security compliance assessment is a unified approach that uses
efficient and consistent method to achieve and maintain the information’s
security
- 9. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Information Security
Compliance Assessment (cont’d)
• The report contains threats and vulnerabilities found in the risk analysis process
• The report includes particular portion or section of applicable security regulations to
demonstrate due diligence
Step 5: Document all findings and recommendations
• It includes the procedure for selecting security system sellers and installing security
tools
Step 6: Set-up the implementation plan for safeguards that are
identified in the risk analysis
• It safeguards against known or potential risks
Step 7: Test and modify the information security program
periodically
- 11. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Principles of Legal Compliance
Program
• To create an effective legal compliance program, there must be a commitment
among the local voted members, senior management, and staff
• Local authority’s commitment to compliance should be publicly recorded in an
apparent and clear-cut manner
Commitment:
• Legal compliance and the processes which support it are to be owned by all
persons within the local authority
• There must be changeable roles and responsibilities for different people within
the local authority
Ownership:
• The legal compliance program should be discussed in an open council, prior to
adoption
Demonstration:
- 12. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Principles of Legal Compliance
Program (cont’d)
• Legal compliance processes should hold legislation and case law
as well as a obviously defined ambit of other standards, codes of
practice, or other authoritative pronouncements:
• Act of parliaments such as public act, private act, etc.
• Local authority by-laws
Comprehensive:
• There must be a systematic approach to sustain and
maintain legal compliance activities
• It should be embedded into the existing management
systems
Systematic:
• It ensures that the goal and objective of legal compliance
remain applicable and effective
Ongoing Development:
- 13. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Elements of an Effective
Compliance Program
• Clear and unequivocal senior management support is the
foundation of a successful compliance program
• Senior management plays an important role in establishing a
climate of respect within the company towards the Act
Senior management support:
• Development of good compliance policies and procedures
tailored to the organization’s business operations are critical
to the success of the compliance program
• Laws and policies need to be regularly updated to reflect
changes in the organization’s operations
Relevant policies and procedures:
A successful compliance program contains the following fundamental
elements:
- 14. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Role of Senior Management in
Compliance Program
• Responsible for receiving periodic operation report of the compliance program from
those who have primary responsibility for operating it
• Responsible for finding reasonable oversight regarding the implementation and
efficiency of the program
Directors:
• Senior management’s main responsibility is to ensure that an organization has useful
compliance program
• Responsible for accountability and effectiveness of the compliance program
Senior management:
• Responsible for day-to-day implementation of the compliance program
• Responsible for reporting to the senior management about the effectiveness of the
compliance program
Designated individuals:
There are multiple layers of management involved in the compliance program
- 15. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Importance of Compliance and
Ethics Programs
Compliance and ethics programs provide a structural foundation to the
organization which helps to reduce illegal conduct
Prevention and detection of criminal conduct as facilitated by an successful
compliance program helps an organization in encouraging ethical conduct
and in complying fully with all valid and related laws
It helps organizations in restricting public liability arising due to misconduct
or illegal activities of employees
- 16. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Benefits of Compliance Program
Educates employee and senior management about the needs of the Act
and the existing enforcement policies
Reduces the exposure of directors and employees, and the organization
itself, to criminal and civil liability
Develops valuable internal procedures to ensure compliance with
regulations, payment policies, and coding rules
Reduces costs associated to litigation, penalties, and disruption to
operations resulting from investigations and court hearings
Increases the consciousness of probable anti-competitive conduct by
competitors, suppliers, or customers and thereby increases the
probability of achieving a suitable remedy
- 17. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Best Practices for Successful
Implementation of a Compliance Program
Determine the goals and expected budget
• Determine training goals
• Determine the expected training budget
Gather the members and meet with program team/steering committee
Create a code of conduct for employees
Decide the compliance training program plan for three to five years
Determine technology, development strategy, and preferences
Perform system integration and design communication plan
Start training initiative and drive completion rates
- 18. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Compliance Program Checklist
Checklist to assess whether the organization is in need of effective
compliance program:
• Does the organization implement due diligence to prevent and detect
criminal or illegal conduct?
• Does the organization promote its culture that supports ethical conduct
and assurance compliance with law?
• Does the management put a high priority on safety, loss prevention, and
other regulatory compliance requirements?
• Has an organization set up and published ‘code of conduct’ document
and distributed copies to employees?
• Does organization hold all the required resources to effectively develop
and maintain a good safety compliance program?
• Are organization employees involved in safety and health effort?
- 19. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Compliance with Consent Decrees
Consent decree is a judicial decree by the judge that expresses a voluntary agreement
by participants in a suit
Sometimes terms written in consent decree cannot ensure compliance
because most of them may not effectively communicate with the employee
Organization faces problems while dealing with the cases where an employee
disobeys the organization’s policy
It is vital for organization with a continuing decree to make certain that it
communicates the particular term of the order to all employee who might be
impacted
Organization needs to establish a procedure that prevents violation of a policy
which may lead to violation of regional law
- 20. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Memoranda of Understanding/
Agreement (MOU/MOA)
A memorandum of understanding (MoU) is a document describing a
bilateral or multilateral agreement between parties
It expresses a convergence between the parties, indicating an intended
common line of action
A memorandum of agreement (MOA) is a document written between
parties to cooperatively work together on an agreed upon project or
meet an agreed upon objective
The MOA can also be a legal document that is binding and hold the
parties responsible to their commitment
- 21. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Enterprise Compliance and Risk
Analysis
Customer interactions are a valuable asset to enterprise information, but
they can also be a liability to an organization
The risk of capturing customer interactions is growing exponentially,
especially as they are now being targeted for legal compliance and
investigation
Organization needs to monitor voice, email, and chat interaction of the
customer to meet compliance, governance, and liability requirements
Organization needs to use advanced monitoring, recording, and analysis
techniques that automate the storage and retrieves speech information for
compliance and litigation processes
- 22. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Creating Effective Compliance
Training Program
The effective compliance training program is one that motivates its employee and senior
management to live by a code of business conduct that supports organization’s business
values such as integrity, respect, and fairness
It safeguards the organization’s ethical culture
• Be familiar with the compliance program and standard code of
conduct
• Identify potential compliance issues and conditions requiring
guidance from the compliance department
It helps the employee to:
- 23. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Responsibilities of Senior
Systems Managers
• Provides architectural analysis and design support for
implementing technical capabilities that satisfy
functional requirements
• Establishes effective communication systems and
management structures
• Engage the workforce in the promotion and
achievement of legal practices in ethical way
• Access and follow competent advice, and monitor,
report and review performance
Senior System Manager:
- 24. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Legal Compliance to Prevent
Fraud, Waste, and Abuse
Legal compliance provide guidance and policy advice to the
organizations and employees
It helps to protect the organizations from fraud and abuse from the
external sources
Legal compliance also helps to prevent the unwanted waste of human
resources and energy
- 25. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Terms Related to Legal Compliance
- 26. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Copyright Protection
• It refers to a collection of exclusive rights conferred by the
copyright acts in relation to the original works
Copyright:
• It is the protection of exclusive rights conferred by the
copyright acts to original works of authorship fixed in any
tangible medium of expression for a certain period of time
• Work of authorship includes:
• Literary works
• Musical works
• Broadcasts
• Artistic works
• Sound recordings etc.
Copyright Protection:
- 27. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Copyright Licensing
Copyright Licensing is an agreement in which the owner of a work (“licensor”)
permits the other person (“licensee”) to use his copyright protected work
• The time period of the licensing agreement
• Allocation of rights to derivative works
• Specifications for sublicensing
• Provision for changed circumstances
• Price and payment terms
• Provisions respecting bankruptcy during the contract
period
Copyright licensing agreements include:
- 28. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Criminal Prosecution
Victim may contact law-enforcement personnel or law-enforcement agency, if someone
has taken its private information without permission
Prior to starting the criminal investigation, law-enforcement agency prosecutor examines
the crime scene
Prosecutor examines the following things about the crime:
• If any laws have been broken
• Seriousness of the crime
• Availability of the trained investigators
• Probability of the conviction
After examining the crime scene, if law enforcement agency believe that the crime is
properly investigated by the Federal government, they suggest the victim to contact
Federal authorities
- 29. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Due Diligence
Due diligence is a process of investigating and examining the business, legal, and
financial operations of an organization in advance of litigation, investment,
commercial transaction, or other business activity
Due diligence report is a detailed and methodological examination of the
organization in all its aspects
It has three constituent components:
• Financial/Commercial due diligence:
• Audit of an organization to determine its financial situation
• Legal due diligence:
• Review of the legislation establishing the organization and the provisions for its
governance
• Human resources due diligence:
• Detailed examination of the employee s’ commitment towards the organization at all
levels
- 30. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Evidence Collection and
Preservation
Forensics investigators face many challenges while collecting and preserving
the evidence
Digital evidence is fragile in nature and it can be altered intentionally or
unintentionally without leaving any clear signs of alteration
During the investigation, it is important for the investigator to collect the
evidence in a forensically sound manner and preserve it in a proper way
Evidence can be collected while examining digital storage media, monitoring
the network traffic, or making the duplicate copies of digital data found
during forensics investigation
- 31. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Importance of Evidence
Collection
Evidence helps the forensics investigator to uncover believable
links between the attacker, victim, and computer crime scene
• For example, at the time of crime, if information from an victim
computer is stored on the server or system itself, investigator can
easily get that information by examining log files, Internet browsing
history etc.
It determines the scope of investigation and the course of action
Proper evidence collection is important for legal compliance to
show the evidence for or denial of a crime
- 32. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Importance of Evidence
Preservation
Evidence preservation ensures the integrity of the evidence
It involves protection of the collected evidence from damages
due to physical access, magnetic field, and other factors to
ensure that the evidence is maintained in its original state
Evidence preservation is important in order to present it in the
court as a proof for any legal compliance issue
- 33. EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Summary
Regulatory compliance refers to systems or departments at corporations and public
agencies to ensure that personnel are aware of and take steps to comply with relevant laws
and regulations
Compliance program reduces the exposure of organization directors and employees, and
the organization itself, to criminal and civil liability
The effective compliance training program is one that motivates its employee and senior
management to live by a code of business conduct that supports organization business
values such as integrity, respect, and fairness
Due diligence is a process of investigating and examining the business, legal, and financial
operations of an organization in advance of litigation, investment, commercial transaction,
or other business activity