Appendix Forensic Investigations, ABC Inc.
Ronelle Sawyer
June 12, 2009
Forensic Report
Case # 000029
Distribution List
| Group, Contact Name | Location | Title/Department/Business Unit |
| Legal | ABC Inc. Headquarters | Security Operations |
| HR | ABC Inc. Headquarters | Security Operations |
DOCUMENT RELEASE AND CONFIDENTIALITY
This document is proprietary and confidential and has been released only to the persons listed above. It may not be distributed outside the organization without written approval from ABC Inc. Legal department.
1 EXECUTIVE SUMMARY
On April 1, 2009, ABC Inc. Legal department contacted the ABC Inc. Forensic Investigations department regarding the cyber forensic examination of a hard drive belonging to Jose McCarthy. There were suspicions that McCarthy was attempting to sell intellectual property belonging to ABC Inc. to a competitor, XYZ Company. The hard drive used by McCarthy was forensically examined to determine if there were any indications of intellectual property theft.
After careful cyber forensic analysis of McCarthy’s hard drive a letter was found showing intent to sell proprietary information.
2 FORENSIC ACQUISITION
2.1 Custody and Storage
On April 6, 2009 Ronelle Sawyer, cyber forensic investigator with ABC Inc., received McCarthy’s hard drive for analysis. Ronelle Sawyer performed Chain of Custody with Legal and took possession of the evidence (see the following graphic). Evidence was locked in a security vault until acquisition was performed.
2.2 Forensic ...
