Northwestern Polytechnic Enterprise Risk Management Digital Forensics Essay After reading the required articles this week, please write a research paper th

Northwestern Polytechnic Enterprise Risk Management Digital Forensics Essay After reading the required articles this week, please write a research paper that answers the following questions:

What are mobile forensics and do you believe that they are different from computer forensics?

Don't use plagiarized sources. Get Your Custom Essay on
Northwestern Polytechnic Enterprise Risk Management Digital Forensics Essay After reading the required articles this week, please write a research paper th
Just from $13/Page
Order Essay

What is the percentage of attacks on networks that come from mobile devices?

What are challenges to mobile forensics?

What are some mobile forensic tools?

Should the analysis be different on iOS vs Android?

Your paper should meet the following requirements:

Be approximately 4-6 pages in length, not including the required cover page and reference page.
Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.
Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.
please make sure use proper – sources/APA citations! 2012 ASE/IEEE International Conference on Social Computing and 2012 ASE/IEEE International Conference on Privacy, Security,
Risk and Trust
The Governance of Corporate Forensics using
COBIT, NIST and Increased Automated Forensic
Approaches
Henry Nnoli1, Dale Lindskog2, Pavol Zavarsky2, Shaun Aghili2, Ron Ruhl2
1
ATB Financial, Edmonton T5J 1P1, Canada
Information Systems Security Management, Concordia University College of Alberta, Edmonton T5B 4E4, Canada
henrynnoli@atb.com, {dale.lindskog, pavol.zavarsky, shaun.aghili, ron.ruhl}@concordia.ab.ca
2
Governance is the process of establishing and maintaining a
framework and supporting management structure and processes
to provide assurance that applicable strategies are aligned with
and support business objectives, and are consistent with
applicable laws and regulations through adherence to policies
and internal controls, and assignment of responsibility, all in
the effort to manage risk [22]. In most organizations when
incidents occur, the incident response team’s major concern is
to contain the incident and restore operations, paying less
attention to potential evidence. In most cases digital evidence is
contaminated, incomplete and untrustworthy, all of which
inhibits linking perpetrators to their illegitimate acts if a crime
is committed [2]. This is simply because of the lack of forensic
readiness which is part of a good corporate forensic governance
program. Grobler et al [5] stated, “all disciplines need some
form of policy, procedures, standards and guidelines hence
necessitating the proper facilitation of governance”. In their
paper, entitled ‘Managing digital evidence – The governance of
digital forensics’, they introduced a preliminary framework for
the governance of digital forensics.
According to COBIT [10], the principles of governance
best practices include strategic alignment, risk management,
value delivery, resource optimization, and continuous
performance evaluation. Board briefings on IT governance [22]
stated that, governance practices have been confirmed to yield
huge benefits in the field of information technology (IT) and
information security (IS) due to the establishment and adoption
of applicable frameworks like COBIT. “In other words, top
management of various organizations are realizing the
significant impact information technology and information
security can have on the success of their enterprise because of
governance of these fields” [22]. Such governance practices are
lacking in the field of digital forensics [5]. For various reasons
which will be highlighted later in this paper, there is a need for
effective and efficient governance practices for corporate
forensic programs to ensure that value, risk and resources are
optimized during forensic investigations. Most organizations
are still biased about in-house forensic readiness and capability
because they feel that it involves complex processes but with
proper best practice framework for corporate forensic
governance and readiness they will observe that in-house
forensic readiness can be conducted in an efficient and
effective way. In addition, the use of innovative, user friendly
and increased corporate forensic automated solutions (like
Abstract—Today, the ability to investigate internal matters
such as policy violations, regulatory compliance, and employee
separation has become important in order for corporations to
manage risk. The degree of information security threats evolving
on a daily basis has increasingly raised concerns for enterprise
organizations. These threats include but are not limited to fraud,
insider threat and intellectual property (IP) theft. These have
increased the demand for organizations to implement corporate
forensics as a deterrent to illegitimate acts or for linking
perpetrators to their illegitimate acts. This explains why forensic
practices are expanding from the traditional role in law
enforcement and becoming an essential part of business
processes. However, most organizations may not be maximizing
the benefits of corporate forensic capabilities because of lack of
corporate forensic governance best practices, needed to ensure
organizations prepare their operating environment for digital
forensic investigation. Corporate forensic governance will help
ensure that digital evidence is obtained in an efficient and
effective way with minimal interruption to the business. This
paper presents a corporate forensic governance framework
intended to enhance forensic readiness, governance, and
management, and increase the use of automated forensic
techniques and in-house forensically sound practices in large
organizations that have a need for these practices.
Index Terms—corporate forensic governance; corporate
forensic readiness; increased automated forensic solutions;
digital forensic investigation; digital evidence
I. INTRODUCTION
Most organizations waste effort, time and resources in
carrying out forensic investigations due to lack of corporate
forensic preparedness [4]. Forensic readiness (preparedness)
can be defined as the process of being prepared (having the
right policies, procedures, people, techniques in place to
respond professionally and timely) before an incident occurs.
Rowlingson [4], in his paper, ‘A Ten Step Process for Forensic
Readiness’ described forensic readiness as the ability of an
organization to maximize its potential to use digital evidence
while minimizing the cost of an investigation. In his paper he
discussed practices that, when implemented before a digital
incident occurs, can help organizations to be ready to carry out
forensic investigations. However, forensic readiness is one part
of a comprehensive and well-structured corporate forensic
governance program.
978-0-7695-4848-7/12 $26.00 © 2012 IEEE
DOI 10.1109/SocialCom-PASSAT.2012.109
734
2. Identify available sources and different types of
potential evidence.
3. Determine the evidence collection requirement.
4. Establish a capability of securely gathering admissible
evidence to meet the requirement.
5. Establish a policy for secure storage and handling of
potential evidence.
6. Ensure monitoring is targeted to detect and deter major
incidents.
7. Specify circumstances when escalation to a full formal
investigation should be launched.
8. Train staff in incident awareness so that all those
involved understand their role in the digital process and
the legal sensitivities of evidence.
9. Document an evidence-based case describing the
incident and its impact.
10. Ensure legal review to facilitate action in response to the
incident”.
A good governance framework consists of both governance
and management processes [11]. Rowlingson’s work should be
incorporated into management processes and we therefore
refined and used it in the development of the management
processes (CFM domain) of our proposed corporate forensic
governance framework. More elaboration on the need for
corporate forensics can be found in [8].
Encase Enterprise) reduces the amount of resources (time,
effort and personnel) used for such practices. With the
existence of COBIT [10][11] and other IT and IS governance
frameworks, including research work like [1][2][3][4][5][8] it
is obvious that there is a governance gap in the field of
corporate forensics.
In this paper, a governance framework is presented, one
that will guide those large organizations who are in need of a
corporate forensic program on how best governance practices
can enhance corporate forensic readiness and in-house
forensically sound practices in an efficient and effective way.
This paper is organized into the following sections: Section II
argues the need for corporate forensic readiness and
governance; Section III explains best practice governance
principles; Section IV is a brief discussion of related work;
Section V is a description of the proposed framework; finally,
in Section VI we conclude and recommend future work.
II. CORPORATE FORENSIC READINESS AND GOVERNANCE
According to [8], litigation is a last option for most
organizations, because of concerns like negative publicity and
its negative impact to the business. Therefore, corporate
forensic readiness, governance and in-house forensic capability
will help organizations to be prepared to gather and use digital
evidence as a deterrent and for making firm conclusions during
internal investigations of non-criminal violations. The objective
of corporate forensic readiness is to ensure that digital evidence
is collected using sound forensic processes and in an effective
way with minimal interruption to the business. This evidence
can also be used for the organizations interest and defense.
Although many organizations outsource forensic activities, it is
likely that most will prefer to perform them internally. The
reasons for this include privacy, confidentiality of
organizational and customer data, legal risk, delayed forensic
results from consultants and compliance with regulations like
Sarbanes Oxley, King 3 Report, the Basel Committee report on
banking supervision, and FIPS PUB 200. In addition, it is
costly to outsource forensic activities in those large
organizations that experience recurring digital incidents.
Regulations like FIPS PUB 200 (2002) mandated all federal
agencies in the United States to comply with the standard’s
Audit and Accountability section, which states that
“Organizations must:
1. Create, protect, and retain information system audit
records to the extent needed to enable the monitoring,
analysis, investigation, and reporting of unlawful,
unauthorized, or inappropriate information system
activity.
2. Ensure that the actions of individual information
system users can be uniquely traced to those users so
they can be held accountable for their actions” [12].
These considerations show that, in a great many cases,
there is a clear need for corporate forensic readiness
and in-house forensic capability.
A. The Relationship between IT Governance, IS Governance
and Corporate Forensics
It could be argued that corporate forensics falls, in some
respects, under IT governance and IS governance. However,
some important aspects of corporate forensics, like
jurisprudence (legal) and forensically sound processes are not
fully part of IT and IS governance [3]. According to ACPO
[30], forensically sound processes mean performing forensic
practices (collection, examination, analysis, documentation,
preservation of evidence and chain of custody) according to
applicable jurisdiction. It also means that forensic practices
should be conducted in such a way that if necessary an
independent third party is able to repeat the same processes and
obtain the same result. This shows that the preservation of the
integrity of evidence is very important during forensic
investigations. Corporate forensics (CF) and digital forensics
(DF) will be used interchangeably in this paper. Researchers
like Von Solms [3] and Grobler [5] explains the relationship
between Digital Forensic (DF), IS Governance, IT Governance
and Corporate Governance. Von Solms et al states “that the
proactive mode of information security ensures all policies,
procedures, and technical mechanisms are in place to prevent
harm to the organization’s information; the reactive mode
ensures that if harm occur, it will be repaired (Business
continuity planning, Good backup and Disaster recovery
techniques are part of the reactive mode)” [3] . “The proactive
mode of digital forensics ensures all policies, procedure,
technical and automated mechanisms are in place to be able to
act when required; the reactive mode ensures that the necessary
actions can be performed to support specified analytical and
investigative techniques required by digital forensics”[3]. This
shows that some components of Digital forensic, IS and IT
governance overlap and are related. Therefore, the best practice
Rowlingson [4] articulates ten steps toward corporate
forensic readiness:
1. “Define the business scenarios that require digital
evidence.
735
Figure 2 shows some of the questions governance will ask to
ensure value is optimized.
governance principles used for effective IT and IS governance
can also be used for corporate forensic governance.
Fig. 1. Relationship between Corporate governance, IT governance, IS
governance and Digital forensic [3]
Fig. 2. Val IT Framework 2.0, Value according to the Four ‘Are’s as
Figure 1 shows a holistic view of DF and its relationship
with corporate governance, IS governance and IT governance.
described in the information paradox [34]
C. Risk Management
For applicable IT related business risk to be mitigated using
corporate forensic practices, CF governance would help ensure
that corporate forensic practices are an integral part of
enterprise risk management program. CF governance will also
ensure that corporate forensic strategy and program will help
organizations achieve acceptable level of applicable IT related
business risk. A structure for risk assessment as defined by
NIST 800-30 is shown in figure 3 below. If corporate forensic
practices are part of enterprise risk management program,
potential evidence sources will be identified in a proactive
manner. Also, CF governance will ensure legal risk involved
during corporate forensic practices are fully identified,
communicated, mitigated and managed.
III. BEST PRACTICE GOVERNANCE PRINCIPLES
According to best practices [10][11][22] governance
principles include strategic alignment with business objectives,
value delivery to the business, risk management, resource
optimization of available resources and continuous
performance evaluation.
A. Strategic Alignment
Good governance of corporate forensics (CF) will ensure
that the objectives of CF practices are aligned to the
organization’s goals. According to Board briefing on IT
governance [22], the cost effectiveness of a security program is
determined by how well it supports the organization’s
objective. Corporate forensic governance will also ensure that
corporate forensic objectives are defined in business terms and
all CF controls tracked to a specific business requirement. The
following will indicate alignment: a corporate forensic program
that enhances business activities; a corporate forensic program
that is responsive to defined business needs; corporate forensic
program and organization objectives that are defined and
clearly understood by relevant stakeholders; corporate forensic
program that is mapped to organizational goals and is validated
by senior management; a corporate forensic strategy and
steering committee made up of key executives to ensure
continuous alignment of corporate forensic objectives and
business goals.
B. Value Delivery
Good governance of corporate forensic practices will also
ensure that corporate forensic investments are optimized in
support of enterprise objectives. It also ensures that the
organization gets benefits from their corporate forensic
investments. Governance will ensure corporate forensic
investments are supporting business needs and adding expected
value. For instance, in a scenario where there is no governance,
there won’t be monitoring and evaluation to ensure that
corporate forensic investment is continuously supporting the
business in achieving some of its strategic needs. Therefore,
forensic investments may not add expected value to the
business, since there are no metrics to measure if value is
optimized. Corporate forensic governance increases the
likelihood of corporate forensic program’s success considering
the significant cost associated with corporate forensic practices.
Fig. 3. NIST 800-30 Risk Assessment Methodology [32]
Furthermore, from the risk assessment methodology shown
in Figure 3, step 4 requires control analysis and selection. This
736
forensic practices; management taking ownership of forensic
program by assuming responsibility and accountability (RACI
Chart) of forensic processes; use of increased automated
forensic suites with generation of user friendly executive
reports, remote forensics and automated processes; use of
forensic practices to minimize high IT related business risk. All
these enhancements are expected to help organizations
maximize the benefits of forensic practices in an efficient and
effective way. Discussing proactive or corporate forensic
readiness by [2][4][6][7][8][9][21] without the establishment of
a governance structure, framework and obtaining management
support will result in the corporate forensic readiness program
not being fully effective and efficient.
Furthermore, at the time this paper was written, only one
researcher, Grobler et al [5], to the best of our knowledge, had
researched on the governance of digital forensics. Their paper
was a preliminary framework in the form of an outline for the
governance of digital forensics. The scope of the paper did not
comprehensively address how globally accepted governance
best practices [10][11][22] can be used to enhance a corporate
forensic program in enterprise organizations.
is where different controls are selected for all identified risks.
Different controls are weighed and analyzed based on their
strength and weaknesses and the best control to mitigate each
risk effectively is selected. All risks that could be best
mitigated with corporate forensic practices should be identified,
documented in a risk profile chart and rated to show their
potential value impact to the business. This is one of the
principles of good CF governance which will ensure that all
risk that could be mitigated with corporate forensic practices
are mitigated and optimized.
D. Resource Optimization
This principle of good corporate forensic governance deals
with planning, allocation and control of corporate forensic
resources which include people, processes and technologies
(increased automated forensic suites) towards adding value to
the business. CF resources need to be managed properly for its
effectiveness. Proper CF resource management will ensure that
corporate forensic practices are efficient, cost effective and
most importantly ensure corporate forensic is effectively
addressing applicable business needs.
E. Performance Evaluation
Since there is a clear saying that “you cannot manage what
you cannot measure,” the governance of corporate forensic
practices will ensure measures are in place to monitor corporate
forensic processes and measure its performance. This will help
management to make informed decisions about the state of
corporate forensic program and ascertain if it is effective or
not. Methods like Maturity model, checklist and other tools
could be used. Some of the indicators of effective corporate
forensic program as observed from performance measurement
include: the time it takes to detect and uncover potential
security threats to the business; number of threats effectively
traced to their sources within minimal time interval without
interruption to the business; number of security breaches
reported (lesser number of reported breaches means
effectiveness of the control in terms of deterrent). The
performance measurement module of the governance
framework is represented in the corporate forensic evaluation
(CFE) domain of the proposed framework.
V. DESCRIPTION OF THE PROPOSED FRAMEWORK
According to best practice [11] a governance framework
should consist of two major processes: the governance and
management processes. The governance processes involve
direction in strategic alignment, risk management, resource
optimization, value delivery and performance evaluation. The
governance field directs the management field and ensures
management processes are achieving their goals. The
management field is responsible for executing and
implementing directions from the governance field. The
management processes involved specialized and operational
processes which governance uses to achieve its tactical and
operational goals. …
Purchase answer to see full
attachment

Homework Writings Pro
Calculate your paper price
Pages (550 words)
Approximate price: -

Why should I choose Homework Writings Pro as my essay writing service?

We Follow Instructions and Give Quality Papers

We are strict in following paper instructions. You are welcome to provide directions to your writer, who will follow it as a law in customizing your paper. Quality is guaranteed! Every paper is carefully checked before delivery. Our writers are professionals and always deliver the highest quality work.

Professional and Experienced Academic Writers

We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.

Reasonable Prices and Free Unlimited Revisions

Typical student budget? No problem. Affordable rates, generous discounts - the more you order, the more you save. We reward loyalty and welcome new customers. Furthermore, if you think we missed something, please send your order for a free review. You can do this yourself by logging into your personal account or by contacting our support..

Essay Delivered On Time and 100% Money-Back-Guarantee

Your essay will arrive on time, or even before your deadline – even if you request your paper within hours. You won’t be kept waiting, so relax and work on other tasks.We also guatantee a refund in case you decide to cancel your order.

100% Original Essay and Confidentiality

Anti-plagiarism policy. The authenticity of each essay is carefully checked, resulting in truly unique works. Our collaboration is a secret kept safe with us. We only need your email address to send you a unique username and password. We never share personal customer information.

24/7 Customer Support

We recognize that people around the world use our services in different time zones, so we have a support team that is happy to help you use our service. Our writing service has a 24/7 support policy. Contact us and discover all the details that may interest you!

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Our reputation for excellence in providing professional tailor-made essay writing services to students of different academic levels is the best proof of our reliability and quality of service we offer.

Essays

Essay Writing Service

When using our academic writing services, you can get help with different types of work including college essays, research articles, writing, essay writing, various academic reports, book reports and so on. Whatever your task, homeworkwritingspro.com has experienced specialists qualified enough to handle it professionally.

Admissions

Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.

Reviews

Editing Support

Our professional editor will check your grammar to make sure it is free from errors. You can rest assured that we will do our best to provide you with a piece of dignified academic writing. Homeworkwritingpro experts can manage any assignment in any academic field.

Reviews

Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.

See all services