Re: Federal Rules of Evidence

["Stephen C. Gay" <sgay () KENNESAW EDU>]

Kevin,

If you could also send this my way I would appreciate it.

Stephen C Gay   CISSP  CISA
ITS Associate Director - Information Security Office
KSU Information Security Officer
Kennesaw State University
sgay () kennesaw edu

----- Original Message -----
From: "Kevin Mclaughlin (mclaugkl)" <mclaugkl () UCMAIL UC EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU
Sent: Friday, September 2, 2011 10:18:58 AM
Subject: Re: [SECURITY] Federal Rules of Evidence




Daniel:

We have a pretty comprehensive Standard Operating Procedure manual (SOP) that contains portions of what you are looking 
for but most likely not in a format that you might have in mind. I can send you – and anyone else – a copy of the 
Investigations section if you want. Just let me know. Being an X-Fed and then state detective I think it covers chain 
of custody fairly well. I can also send you our department retention schedule that covers active/inactive case 
retention limits.



- Kevin






Kevin L. McLaughlin, CISM, CISSP, GIAC-GSLC, CRISC, PMP, ITIL Master Certified

Assistant Vice President, Information Security & Special Projects

University of Cincinnati

513-556-9177



The University of Cincinnati is one of America's top public research institutions and the region's largest employer, 
with a student population of more than 41,000.



cid:image002.gif@01C879E9.E20A0EF0





From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bradley, 
Stephen W. Mr.
Sent: Friday, September 02, 2011 9:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Federal Rules of Evidence



I too would be interested in your findings.




thx

steve



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () listserv educause edu] On Behalf Of Mark 
Reboli
Sent: Friday, September 02, 2011 9:22 AM
To: SECURITY () listserv educause edu
Subject: Re: [SECURITY] Federal Rules of Evidence



daniel we do not have this in place but i would be very interested if you could share your results. i would add a 
checklist would be great as well to ensure no step is missed.



m

Mark Reboli

Network/Telecom/IT security Manager

Misericordia University

570-674-6753









From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Daniel 
Bennett
Sent: Friday, September 02, 2011 9:09 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Federal Rules of Evidence



Hello All,



I am wondering if anyone has developed guidelines, policy, or procedures that you follow for every IT investigation? 
This would cover chain of custody, line of authorities, retention of information, report formats, etc. I am looking to 
standardize all investigations so if an internal investigation ever becomes civil or criminal all evidence will hold up.



Please reply on or off list.



Thanks,



Daniel Bennett

IT Security Analyst

Vice-Chair North Central PA Members Alliance



Pennsylvania College of Technology

One College Ave

Williamsport, PA 17701



P:570.329.4989

E:dbennett () pct edu