This document discusses the concepts of forensics for information technology. It defines forensics for IT as the process of acquiring, analyzing, and reporting digital evidence from IT devices like computers, phones, and networks. The document outlines the role of forensics for IT in supporting crime investigations involving complex information systems. It also describes the common process and steps, techniques and tools, and key issues in forensics for IT like developing laws and guidelines for new technologies and anti-forensics methods. Finally, it discusses the integration of forensics for IT with auditing to improve investigation efficiency.