Collecting evidence is easier at some times than at others. Remember from Chapter 3, Computer Forensics and Evidence Handling, that collection does not simply mean picking it up; forensic techniques must be followed: logs including what it was, who collected it, from where, and using which method must be created and maintained as a minimum. Collection can be complicated by the volume of evidence present, or because the evidence is time-sensitive.
NIST.SP800-86 does not dictate the order of evidence collection, but recommends that consideration is given to the evidence's volatility, its likely value, and the amount of effort required to collect it.
Volatile data should be collected before non-volatile data; if both are needed, the non-volatile data can be collected later. If you imagine investigating a hit-and-run accident in the rain, it would be important to collect samples that might get washed away, rather than the damaged wall that will likely be there when the rain stops/when the other samples are safely collected.
Evidence that is known to have high likely value should be collected before low-value data. This is obviously an assessment; a small piece of evidence might be pivotal, but the likely value is what will guide priority. A random discarded piece of rubbish at the crime scene would be less likely to be of high value than the paint flecks from the car mounting the kerb.
If evidence requires so much effort to collect that it would impact on collecting other evidence, this should be dropped down the priority list. In the hit-and-run investigation, trying to find the last piece of broken headlight that fell down the drain might be less critical than getting the CCTV footage from the area.
The following diagram shows a 3D plot of volatility against ease of collection against likely value, rated on an arbitrary 10-point scale. The highest value items that are easiest to collect and have the highest volatility are colored darkest purple, and should be collected first:
The priority given to each of those three factors, and even a specified order of collection, should be included in an organization's training, techniques, and procedures.