An extended digital forensic readiness and maturity model
Abstract
Digital forensics readiness (DFR) is an important part of the growing forensic domain. Research on DFR
has been given little attention, while available DFR models have focused on theoretical investigations
with inadequate input from practicing information security experts in the industry. Using feedback from
practicing forensic experts in the industry and academia, this research investigates the structure required
to implement and manage digital forensic readiness (DFR) within an enterprise. The research extended
the DFR Commonalities framework (DFRCF) and utilised the structure to design a digital forensic
maturity assessment model (DFMM) that will enable organisations to assess their forensic readiness and
security incident responses. A combination of qualitative and research design approaches was utilised to
perform a comparative analysis of various DFR frameworks. A top-down design approach was utilised in
developing the DFMM model which was validated with forensic practitioners and academics through
semi-structured interviews. The structure extracted from DFR frameworks was practical since most
participants agreed with the structure of the extended DFRCF and the matrix of the maturity model.