The IT Law Wiki


32,084pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Reporting is

[t]he final phase of the computer and network forensic process, which involves reporting the results of the analysis; this may include describing the actions used, explaining how tools and procedures were selected, determining what other actions need to be performed (e.g., forensic examination of additional data sources, securing identified vulnerabilities, improving existing security controls), and providing recommendations for improvement to policies, guidelines, procedures, tools, and other aspects of the forensic process. The formality of the reporting step varies greatly depending on the situation.[1]

References Edit

  1. NIST Special Publication 800-86, at C-3.

Also on Fandom

Random Wiki