Forensic-Ready Risk Management Concepts

Currently, numerous approaches exist supporting the implementation of forensic readiness and, indirectly, forensic-ready software systems. However, the terminology used in the approaches and their focus tends to vary. To facilitate the design of forensic-ready software systems, the clarity of the underlying concepts needs to be established so that their requirements can be unambiguously formulated and assessed. This is especially important when considering forensic readiness as an add-on to information security. In this paper, the concepts relevant to forensic readiness are derived and aligned based on six existing approaches. The results then serve as a stepping stone for enhancing Information Systems Security Risk Management (ISSRM) with forensic readiness.