Computer Forensics relates to the Legal Evidence found in computers and other digital storage media.

The main factor when it comes to the analysis of digital computer based data is for the examination to be carried out in a forensically sound manner with the aim of preserving, recovering, analysing and the clear presentation of the facts at hand.


All Computer Forensics examinations carried out by the expert examiners at Sytech follow the Association of Chief Police Officers (ACPO) Guidelines known as the ACPO - Good Practice Guide for Computer Based Electronic Evidence


These guidelines contain four primary principals:


Principle 1:

No action taken by law enforcement agencies or their agents should change data held on a computer or storage media which may subsequently be relied upon in court.


Principle 2:

In circumstances where a person finds it necessary to access original data held on a computer or on storage media, that person must be competent to do so and be able to give evidence explaining the relevance and the implications of their actions.


Principle 3:

An audit trail or other record of all processes applied to computer-based electronic evidence should be created and preserved. An independent third party should be able to examine those processes and achieve the same result.


Principle 4:

The person in charge of the investigation (the case officer) has overall responsibility for ensuring that the law and these principles are adhered to.




The services Sytech offers in regards to Computer based Forensics can include but are not limited to: