Re: Federal Rules of Evidence

[Gary Flynn <flynngn () JMU EDU>]

Kevin,

I'd be interested in a copy.

thanks,

Gary Flynn
Security Engineer
James Madison University

Mclaughlin, Kevin (mclaugkl) wrote:
> Daniel:
>
> We have a pretty comprehensive Standard Operating Procedure manual (SOP)
> that contains portions of what you are looking for but most likely not
> in a format that you might have in mind. I can send you – and anyone
> else – a copy of the Investigations section if you want. Just let me
> know. Being an X-Fed and then state detective I think it covers chain of
> custody fairly well. I can also send you our department retention
> schedule that covers active/inactive case retention limits.
>
> - Kevin
>
> Kevin L. McLaughlin, CISM, CISSP, GIAC-GSLC, CRISC, PMP, ITIL Master
> Certified
>
> Assistant Vice President, Information Security & Special Projects
>
> University of Cincinnati
>
> 513-556-9177
>
> The University of Cincinnati is one of America's top public research
> institutions and the region's largest employer, with a student
> population of more than 41,000.
>
> cid:image002.gif@01C879E9.E20A0EF0
>
> *From:*The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Bradley, Stephen
> W. Mr.
> *Sent:* Friday, September 02, 2011 9:24 AM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* Re: [SECURITY] Federal Rules of Evidence
>
> I too would be interested in your findings.
>
> thx
>
> steve
>
> *From:*The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () listserv educause edu] *On Behalf Of *Mark Reboli
> *Sent:* Friday, September 02, 2011 9:22 AM
> *To:* SECURITY () listserv educause edu
> *Subject:* Re: [SECURITY] Federal Rules of Evidence
>
> daniel we do not have this in place but i would be very interested if
> you could share your results. i would add a checklist would be great as
> well to ensure no step is missed.
>
> m
>
> Mark Reboli
>
> Network/Telecom/IT security Manager
>
> Misericordia University
>
> 570-674-6753
>
> *From:*The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Daniel Bennett
> *Sent:* Friday, September 02, 2011 9:09 AM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* [SECURITY] Federal Rules of Evidence
>
> Hello All,
>
> I am wondering if anyone has developed guidelines, policy, or procedures
> that you follow for every IT investigation? This would cover chain of
> custody, line of authorities, retention of information, report formats,
> etc. I am looking to standardize all investigations so if an internal
> investigation ever becomes civil or criminal all evidence will hold up.
>
> Please reply on or off list.
>
> Thanks,
>
> Daniel Bennett
>
> /IT Security Analyst/
>
> /Vice-Chair North Central PA Members Alliance/
>
> //
>
> Pennsylvania College of Technology
>
> One College Ave
>
> Williamsport, PA 17701
>
> P:570.329.4989
>
> E:dbennett () pct edu


--
Gary Flynn
Security Engineer
James Madison University