Concepto
legal que cubre la validez e integridad de las evidencias recogidas para
sustentar un proceso judicial. Cubre todos los pasos desde la recogida hasta su
utilización final.
possession,
movement, handling, and location of material from the time it is obtained to
the time it is presented in a matter [ISO-27050:2015]
A legal principle
regarding the validity and integrity of evidence. It requires accountability
for anything that will be used as evidence in a legal proceeding to ensure that
it can be accounted for from the time it was collected until the time it is
presented in a court of law.
Scope Note:
Includes
documentation as to who had access to the evidence and when, as well as the
ability to identify evidence as being the exact item that was recovered or
tested. Lack of control over evidence can lead to it being discredited. Chain
of custody depends on the ability to verify that evidence could not have been
tampered with. This is accomplished by sealing off the evidence, so it cannot
be changed, and providing a documentary record of custody to prove that the
evidence was at all times under strict control and not subject to tampering.
ISACA,
Cybersecurity Glossary, 2014
A process that
tracks the movement of evidence through its collection, safeguarding, and
analysis lifecycle by documenting each person who handled the evidence, the
date/time it was collected or transferred, and the purpose for the transfer. [CNSSI_4009:2010]
A process and
record that shows who obtained the evidence; where and when the evidence was
obtained; who secured the evidence; and who had control or possession of the
evidence. The sequencing of the chain of evidence follows this order:
collection and identification; analysis; storage; preservation; presentation in
court; return to owner. [CNSSI_4009:2010]
Temas relacionados