Forensic-Ready Risk Management Concepts
Abstract
Currently, numerous approaches exist supporting the implementation of forensic readiness and, indirectly, forensic-ready software systems. However, the terminology used in the approaches and their focus tends to vary. To facilitate the design of forensic-ready software systems, the clarity of the underlying concepts needs to be established so that their requirements can be unambiguously formulated and assessed. This is especially important when considering forensic readiness as an add-on to information security. In this paper, the concepts relevant to forensic readiness are derived and aligned based on six existing approaches. The results then serve as a stepping stone for enhancing Information Systems Security Risk Management (ISSRM) with forensic readiness.
Turn this paper into a full lesson
ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.