394 ◾ Official (ISC)
2
® Guide to the ISSMP® CBK®
© 2011 by Taylor & Francis Group, LLC
e Fourth Amendment rule is that an investigator executing a warrant is able
to look in any place listed on the warrant where evidence might conceivably be
concealed. Traditionally, investigators were precluded from looking into any loca-
tion where there is more evidence than the evidence they wish to seize. Electronic
evidence, however, may be stored anywhere. e result is that an investigator can
electronically look anywhere in search of digital evidence. Katz v. United States
stated that “the fourth Amendment protects people, not places.” e result is that
the Fourth Amendment continues to be deeply tied to physical places.
Warrants
To be accepted as evidence in court a warrant is generally required for law enforce-
ment to search and seize evidence. ere are exceptions to this need, including the
following:
◾ When the evidence is in plain view all in sight.
◾ Where consent to search has been granted.
◾ Situations involving some exigency, such as an emergency threatening life or
physical harm.
To obtain a search warrant, an investigator needs to convince the court of the
following three points:
1. Some criminal act has been committed.
2. Evidence of a crime exists and is available.
3. It is probable that the evidence is likely to be found at the place being
searched.
Anton Piller (Civil Search)
An Anton Piller order is a civil court order providing for the right to search prem-
ises and seize evidence without prior warning. In the United States, the Business
Software Alliance has used these orders as a remedy when they are attempting to
stop illegal software use (termed Software Piracy) and Copyright Infringement
to achieve the recovery of property.
Ormrod LJ in Anton Piller KG v. Manufacturing Processes Limited in 1976 (UK)
dened the three-step test for granting this order:
1. ere is an extremely strong prima facie case against the respondent.
2. e damage, potential or actual, must be very serious for the applicant.
3. ere must be clear evidence that the respondents have in their possession
incriminating documents or things, and that there is a real possibility that they
Law Investigation, Forensics, and Ethics ◾ 395
© 2011 by Taylor & Francis Group, LLC
may destroy such material before an inter partes application is able to be obtained
in court.
In the United Kingdom, Anton Piller orders have been (for the most part) out-
moded by the introduction of a statutory search order under the Civil Procedure Act
1997. ese applications are still common in many places such as Canada and France.
Professional Ethics
Professional ethics denes a set of moral principles that determine conduct for pro-
fessional work. Because professional work often requires specialized and unique
knowledge, it carries the potential for misuse. Professional ethics provide guidance
to avoid transgression or misconduct.
e cause-and-eect relationship that develops through the introduction of an
ethical framework turns into practices and procedures that can cause professionals
to “do the right thing” on the job. When professionals fail to maintain an ethical
culture and standards, scandals such as those in the accounting profession that gave
rise to the Sarbanes-Oxley Act leave the standing of such professions diminished in
the public perspective.
When engaged in professional activities you have an obligation to exercise hon-
esty, objectivity, and diligence in the performance of your duties and responsibili-
ties. Typical examples of principles include the following:
◾ Exhibit loyalty in all matters pertaining to the aairs of the organization or to
whomever you may be rendering a service. However, you will not knowingly
be a part of any illegal or improper activity.
◾ Refrain from entering into any activity that may be in conict with the inter-
est of the organization for whom you are performing work or that would prej-
udice your ability to objectively carry out your duties and responsibilities.
◾ Do not accept a fee or gift from an employee, a client, a customer, or a busi-
ness associate of any sections of the organization in which you are working
without the knowledge and consent of senior management.
◾ Be prudent in the use of information acquired in the course of your duties.
Do not use condential information for any personal gain or in a manner that
would be detrimental to the welfare of the organization or its employees.
◾ When expressing an opinion, use all reasonable care to obtain sucient fac-
tual evidence to warrant such expression. In your reporting, you shall reveal
such material facts known to you, which, if not revealed, could either dis-
tort the report of the results of operations under review or conceal unlawful
practice.
396 ◾ Official (ISC)
2
® Guide to the ISSMP® CBK®
© 2011 by Taylor & Francis Group, LLC
Mission, Vision, and Values Statements
Organizational strategy (Lane, 2004, http://www.wiley.com/WileyCDA/WileyTitle/
productCd-0631231935.html) needs to be organized along the limits of profes-
sional ethics. Such strategic plans generally consist of the following:
1. Vision is where we want to be.
2. Mission is our purpose or reason for existence.
3. Values are the principles that guide our behavior, give us a sense of direction,
and also help us decide what is important and provide us with an ethical and
moral foundation.
Just as the organization should have a mission or vision statement aligned to
what its business goals are, it should also have such statements for IT and infor-
mation security, and it should ensure that the statements promote an ethical cul-
ture within the organization and one’s own role. Having a mission to comply with
the laws, regulations, and organizational policy makes it more likely that this will
occur and is essential if a culture of security is to be introduced. Vision and mission
statements are very dierent documents. A vision statement sets the goals of the
organization at a high level. e vision needs to state what the organization envi-
sions in terms of growth, attitude to risk, cost, values, employees, etc. A component
of the vision statement includes the development of a mission.
The Mission Statement
e mission statement is or at least should be a concise statement of the organiza-
tion’s strategy. It is developed from the perspective of a desired outcome and it
needs to be aligned to the vision statement.
e mission statement answers three questions:
1. What do we do and why?
2. How do we do it?
3. For whom do we do it?
In assessing high-level policy it is essential to test whether the policy is aligned to
the mission of the organization. For instance, Google used to have a mission state-
ment that said, “Do no evil.” If Google were to introduce a policy that states, “We
will track down and destroy any attacker who even pings our network.” It is simple
to see that the goal and the policy are not linked. Both organizational and personal
mission statements are important and help in maintaining one’s ethical values.
Information technology and security teams or departments should have their
own mission statement. is should be a simple statement of purpose known by
every member of the division because it
Law Investigation, Forensics, and Ethics ◾ 397
© 2011 by Taylor & Francis Group, LLC
◾ Provides a “reason for being”
◾ Provides clarity and focus to make choices
◾ Is clear and concise
◾ Should be accepted by the wider organization
◾ Helps guide people toward doing the “right thing”
The Vision Statements
e vision statement outlines what the organization wants. is is what it wants to
be and how it wants to be perceived by others. A vision statement is as follows:
◾ A plan for the future
◾ A source of inspiration
◾ e place to go when in need of clear decision-making criteria
◾ e source to ensure that policy aligns with the destination set by the
organization
A vision statement expresses the destination of the organization in a manner
that builds commitment:
1. It creates a sense of desire and builds commitment.
2. It paints the ideal future.
3. It is an expression made in terms of hope.
4. It is united with the values of the organization.
Again, vision statements can be produced both to align and to guide your own
personal professional ethics and those of the organization of which you are a part.
A Statement of Values
Many organizations also develop a set of ethical principles that are designed to
guide the organization. ese principles are the statement of values. is document
should be used as guidance when developing policy. is can also be called an orga-
nizational code of ethics when applied to an individual organization. All individu-
als certied by (ISC)
2
agree to abide by the following Code of Professional Ethics:
Code of Ethics Preamble
N Safety of the commonwealth, duty to our principals, and to each other
requires that we adhere, and be seen to adhere, to the highest ethical
standards of behavior.
N erefore, strict adherence to this Code is a condition of certication.
398 ◾ Official (ISC)
2
® Guide to the ISSMP® CBK®
© 2011 by Taylor & Francis Group, LLC
Code of Ethics Canons
N Protect society, the commonwealth, and the infrastructure.
N Act honorably, honestly, justly, responsibly, and legally.
N Provide diligent and competent service to principals.
N Advance and protect the profession.
ese codes encourage the right professional behavior, such as
N Research
N Teaching
N Identifying, mentoring, and sponsoring candidates for the profession
N Valuing the certicate
And discourage such behavior as
N Raising unnecessary alarm, fear, uncertainty, or doubt
N Giving unwarranted comfort or reassurance
N Consenting to bad practice
N Attaching weak systems to the public network
N Professional association with nonprofessionals
N Professional recognition of or association with amateurs
N Associating or appearing to associate with criminals or criminal behavior
Protect society, the commonwealth, and the infrastructure:
N Promote and preserve public trust and condence in information and
systems.
N Promote the understanding and acceptance of prudent information secu-
rity measures.
N Preserve and strengthen the integrity of the public infrastructure.
N Discourage unsafe practice.
Act honorably, honestly, justly, responsibly, and legally:
N Tell the truth; make all stakeholders aware of your actions on a timely basis.
N Observe all contracts and agreements, express or implied.
N Treat all members fairly. In resolving conicts, consider public safety and
duties to principals, individuals, and the profession, in that order.
N Give prudent advice; avoid raising unnecessary alarm or giving unwar-
ranted comfort. Take care to be truthful, objective, cautious, and within
your competence.
N When resolving diering laws in dierent jurisdictions, give preference to
the laws of the jurisdiction in which you render your service.
Provide diligent and competent service to principals:
N Preserve the value of their systems, applications, and information.
N Respect their trust and the privileges that they grant you.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.